Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Computer running slow and browser not blocking popups

Started by Zambian , Feb 22 2015 09:32 PM

Please log in to reply

#61
RKinner

Posted 19 March 2015 - 06:12 AM

Malware Expert

Expert
24,624 posts

Can you boot into Safe Mode?

(Reboot and when you see the maker's logo, hear a beep or it talks about F8, start tapping the F8 key slowly. Keep tapping until the Safe Mode Menu appears and choose Safe Mode with Networking. Login with your usual login.)

If you have a USB drive you can try:

http://www.geekstogo...l/#entry2151691

If neither of the above options work then try your disk. See if it will let you do a repair install. That will retain your data but you will still need to download about 100 updates.

#62
Zambian

Posted 19 March 2015 - 08:44 AM

Member

Topic Starter
Member
66 posts

Hello again, ater trying everything i could think of, and your suggestions, i then used the disc, it took ages and then asked if i wanted a system repair, clicked ok and let it do its thing, again ages passed but eventually it said restart and ho and behold windows started, will see what happens tomorrow.

#63
RKinner

Posted 19 March 2015 - 09:39 AM

Malware Expert

Expert
24,624 posts

Sorry about that. Expect cryptoprevent was the culprit. Will remove it from the recommendations.. Does it show as still being installed?

#64
Zambian

Posted 20 March 2015 - 05:26 AM

Member

Topic Starter
Member
66 posts

Hello R, No cryptoprevent seems to have been cleared, but there still seems to be something wrong. my computer takes a real long time to start up. today before windows would open it did a CHKDSK check, fixed some problems and then restarted, everything is happening, but in slow motion, I have done a disc cleanup and a scan with Avaste but nothing has come up, do you think its a gremlin or maybe a hardware failure because when i did a scan with Dell they reconed there was a problem with my hard drive?

#65
RKinner

Posted 20 March 2015 - 10:25 AM

Malware Expert

Expert
24,624 posts

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

click on the Addition.txt box.

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste that log back here and also the second log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

Get the free version of Speccy:

http://www.filehippo...download_speccy (Look in the upper right for the Download

Latest Version button - Do NOT press the large Start Download button on the upper left!) Download, Save and Install it.

Close all browsers and open progrms before running Speccy. Run Speccy. When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System. (It will be near the top about 10 lines down.) Save the file and close notepad Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Follow the procedure on http://www.techrepub...lp-of-msconfig/

When you get to Step 3 Substep 2. Copy and paste the text from Notepad into a reply.

(If you get a pop up just click on No Thanks I know everything)

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt

notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

* System

4. Under 'Select type to list', select:

* Error

* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

#66
Zambian

Posted 20 March 2015 - 06:46 PM

Member

Topic Starter
Member
66 posts

Morning, here are the FRST logs,

FRST.TXT

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015

Ran by Davie (administrator) on DAVIE-PC on 21-03-2015 08:41:05

Running from C:\Users\Davie\Desktop

Loaded Profiles: Davie (Available profiles: Davie)

Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)

Internet Explorer Version 9 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe

(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe

(Microsoft Corporation) C:\Windows\vVX1000.exe

(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe

(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe

(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe

(Dell) C:\Users\Davie\AppData\Local\Apps\2.0\L1YMPGED.XGQ\1G05GZ07.40T\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Dropbox, Inc.) C:\Users\Davie\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797008 2010-07-21] (Microsoft Corporation)

HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)

HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)

HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [2629632 2012-09-25] (Brother Industries, Ltd.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\Run: [DellSystemDetect] => C:\Users\Davie\AppData\Local\Apps\2.0\L1YMPGED.XGQ\1G05GZ07.40T\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe [283432 2015-02-08] (Dell)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\MountPoints2: {12a86870-243e-11e4-af4c-00219b028d60} - L:\startme.exe

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\MountPoints2: {a92065ab-5feb-11dd-8ef6-806e6f6e6963} - E:\setup.exe

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files\Webshots\webshots.scr [1646592 2006-01-25] (Webshots.com)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk

ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=au&ibd=1080802

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-14] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)

BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2013-06-03] (Google Inc.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-14] (Oracle Corporation)

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-08] (SuperAdBlocker.com)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:

========

FF ProfilePath: C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406

FF NewTab: https://www.google.com.au/

FF Homepage: about:home

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-03-14] ()

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)

FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-12-24] (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-14] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-14] (Oracle Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=13 -> C:\Program Files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll [2013-06-03] (Google)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-04] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-04] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-05-31] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-05-31] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-05-31] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-05-31] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-05-31] (Apple Inc.)

FF Extension: MediaPlayersvideos 1.1 - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\[email protected] [2015-01-01]

FF Extension: captiondownloaderhiephmcom - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\[email protected] [2015-02-23]

FF Extension: 023e9ca063f347b1bcb29badf9d9ef28 - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\{023e9ca0-63f3-47b1-bcb2-9badf9d9ef28} [2015-02-23]

FF Extension: Flash and Video Download - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}(2) [2014-06-18]

FF Extension: No Flash - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\[email protected] [2014-10-04]

FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\[email protected] [2014-12-05]

FF Extension: Youtube downloader master - C:\Users\Davie\AppData\Roaming\Mozilla\Firefox\Profiles\ai0obw7f.default-1385730795406\Extensions\[email protected] [2014-10-04]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-10]

Chrome:

=======

CHR Profile: C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-08]

CHR Extension: (Google Docs) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-08]

CHR Extension: (Google Drive) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-08]

CHR Extension: (YouTube) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-08]

CHR Extension: (Adblock Plus) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-12]

CHR Extension: (Google Search) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-08]

CHR Extension: (Google Sheets) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-08]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]

CHR Extension: (Google Wallet) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-08]

CHR Extension: (Gmail) - C:\Users\Davie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-13] (SUPERAntiSpyware.com)

S4 Brother XP spl Service; C:\Windows\system32\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd) [File not signed]

R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]

R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [161048 2008-04-28] (Stardock Corporation)

S2 gupdate1c9a11782fb64e7; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-11-01] (Google Inc.)

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)

S4 SftService; C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE [1692480 2011-08-18] (SoftThinks SAS)

R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-04] () [File not signed]

S3 ioFakMap; C:\Windows\System32\DRIVERS\ioFakMap.sys [10624 2010-12-15] (KYE System Corp.)

S3 ioTblMap; C:\Windows\System32\DRIVERS\ioTblMap.sys [10632 2011-06-07] (KYE System Corp.)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)

R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [27648 2008-03-06] (Windows ® Codename Longhorn DDK provider)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-30] (Almico Software)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-05-21] () [File not signed]

R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2010-10-27] () [File not signed]

R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx86.sys [40344 2012-10-01] ()

R3 VX1000; C:\Windows\System32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-21 08:41 - 2015-03-21 08:41 - 00021328 _____ () C:\Users\Davie\Desktop\FRST.txt

2015-03-21 08:40 - 2015-03-21 08:41 - 00000000 ____D () C:\FRST

2015-03-21 08:39 - 2015-03-21 08:39 - 01135104 _____ (Farbar) C:\Users\Davie\Downloads\FRST.exe

2015-03-21 08:39 - 2015-03-21 08:39 - 01135104 _____ (Farbar) C:\Users\Davie\Desktop\FRST.exe

2015-03-20 21:23 - 2015-03-20 21:23 - 00001828 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2015-03-20 21:22 - 2015-03-20 21:23 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-03-20 21:00 - 2015-03-20 21:00 - 11530032 _____ (Microsoft Corporation) C:\Users\Davie\Downloads\mseinstall.exe

2015-03-20 20:46 - 2015-03-20 20:46 - 00000000 ____D () C:\$WINDOWS.~LS

2015-03-20 20:41 - 2015-03-20 20:41 - 00000000 ____D () C:\$WINDOWS.~BT

2015-03-20 20:33 - 2015-03-20 21:01 - 00001905 _____ () C:\Windows\diagwrn.xml

2015-03-20 20:33 - 2015-03-20 21:01 - 00001905 _____ () C:\Windows\diagerr.xml

2015-03-20 20:21 - 2015-03-20 20:21 - 00000000 ____D () C:\ProgramData\Auslogics

2015-03-20 20:20 - 2015-03-20 20:20 - 06691480 _____ (Auslogics Labs Pty Ltd ) C:\Users\Davie\Downloads\disk-defrag-setup.exe

2015-03-19 21:03 - 2015-03-19 21:04 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Davie\AppData\Local\pcc.exe

2015-03-18 15:09 - 2015-03-18 15:09 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\CrystalIdea Software

2015-03-17 16:54 - 2015-03-17 16:54 - 00355632 _____ (Dropbox, Inc.) C:\Users\Davie\Downloads\DropboxInstaller (1).exe

2015-03-17 16:09 - 2015-03-17 16:09 - 02171392 _____ () C:\Users\Davie\Downloads\adwcleaner_4.112.exe

2015-03-17 14:11 - 2015-03-18 15:07 - 00000000 ____D () C:\Program Files\SpeedFan

2015-03-17 14:11 - 2015-03-17 14:11 - 00000806 _____ () C:\Users\Davie\Desktop\SpeedFan.lnk

2015-03-17 14:11 - 2015-03-17 14:11 - 00000045 _____ () C:\Windows\system32\initdebug.nfo

2015-03-17 14:11 - 2015-03-17 14:11 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan

2015-03-17 11:20 - 2007-10-22 17:35 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\system32\CSVer.dll

2015-03-17 11:16 - 2015-03-17 11:16 - 00000000 ____D () C:\Intel

2015-03-17 11:00 - 2015-03-17 11:00 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows

2015-03-17 10:59 - 2015-03-17 11:00 - 00000000 ____D () C:\Program Files\Dell Support Center

2015-03-17 10:55 - 2015-03-17 11:13 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\PCDr

2015-03-17 10:55 - 2015-03-17 11:12 - 00000000 ____D () C:\ProgramData\PCDr

2015-03-17 10:10 - 2015-03-18 02:41 - 00000000 ____D () C:\Users\Davie\{51a6b5cd-8cd5-4612-84c5-e503d01a41f2}

2015-03-16 20:08 - 2015-03-16 20:09 - 00000000 ____D () C:\Users\Davie\Desktop\rave

2015-03-16 19:32 - 2015-03-16 20:02 - 00000000 ____D () C:\Users\Davie\Downloads\rave

2015-03-16 19:09 - 2015-03-16 19:28 - 591474701 _____ () C:\Users\Davie\Downloads\rave.zip

2015-03-16 18:26 - 2015-03-16 18:28 - 00002035 _____ () C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\.lnk

2015-03-16 18:03 - 2015-03-16 18:03 - 01080488 _____ (WinZip) C:\Users\Davie\Downloads\winzip19-lan.exe

2015-03-16 12:38 - 2015-03-20 21:14 - 00578178 _____ () C:\Windows\PFRO.log

2015-03-16 11:06 - 2015-03-16 11:06 - 00000197 _____ () C:\Windows\system32\2015-03-16-03-06-27.058-AvastVBoxSVC.exe-3328.log

2015-03-15 20:24 - 2015-03-15 20:24 - 00001909 _____ () C:\Users\Public\Desktop\Google Slides.lnk

2015-03-15 20:24 - 2015-03-15 20:24 - 00001907 _____ () C:\Users\Public\Desktop\Google Sheets.lnk

2015-03-15 20:24 - 2015-03-15 20:24 - 00001897 _____ () C:\Users\Public\Desktop\Google Docs.lnk

2015-03-15 20:24 - 2015-03-15 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-03-15 20:22 - 2015-03-15 20:22 - 00880208 _____ (Google Inc.) C:\Users\Davie\Downloads\googledrivesync.exe

2015-03-15 20:05 - 2015-03-15 20:05 - 00000000 ____D () C:\ProgramData\Wondershare

2015-03-15 19:37 - 2015-03-16 17:27 - 00001894 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk

2015-03-15 19:28 - 2015-03-15 19:28 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Land Rover

2015-03-15 10:23 - 2015-03-15 10:23 - 00000247 _____ () C:\Windows\system32\2015-03-15-02-23-20.020-aswFe.exe-176.log

2015-03-14 12:23 - 2015-03-14 12:23 - 00000000 ____D () C:\Program Files\Common Files\Java

2015-03-14 11:36 - 2015-03-20 19:02 - 00000000 ____D () C:\Users\Davie\AppData\Local\CrashDumps

2015-03-13 14:20 - 2015-03-13 14:20 - 00000759 _____ () C:\Users\Davie\Documents\.Test.vbs

2015-03-13 12:47 - 2015-03-13 12:47 - 00000197 _____ () C:\Windows\system32\2015-03-13-04-47-01.039-AvastVBoxSVC.exe-2676.log

2015-03-13 12:35 - 2015-03-13 12:35 - 00001923 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk

2015-03-13 12:33 - 2015-03-13 12:33 - 00000000 ____D () C:\Program Files\Browny02

2015-03-13 12:33 - 2012-08-20 12:19 - 01534464 _____ (Brother Industries, Ltd.) C:\Windows\system32\BrWi209c.dll

2015-03-13 12:33 - 2010-03-08 13:50 - 00003072 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2S.dll

2015-03-13 12:33 - 2010-02-05 11:42 - 00180224 ____N (Brother Industries, Ltd.) C:\Windows\system32\BroSNMP.dll

2015-03-13 12:33 - 2007-12-13 22:16 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2.dll

2015-03-13 12:33 - 2007-12-13 22:16 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\system32\BrDctF2L.dll

2015-03-13 12:32 - 2015-03-13 12:32 - 00000000 ____D () C:\Users\Davie\Downloads\wlan_wiz

2015-03-13 12:26 - 2015-03-13 12:29 - 122136464 _____ (A.I.SOFT,INC.) C:\Users\Davie\Downloads\dcp-j315w-inst-B1-cd1.EXE

2015-03-13 11:39 - 2015-03-20 21:00 - 00003007 _____ () C:\Windows\setupact.log

2015-03-13 11:39 - 2015-03-20 20:33 - 00000000 _____ () C:\Windows\setuperr.log

2015-03-13 11:39 - 2015-03-13 11:39 - 00000197 _____ () C:\Windows\system32\2015-03-13-03-38-59.091-AvastVBoxSVC.exe-2876.log

2015-03-13 11:09 - 2015-03-13 11:09 - 00000197 _____ () C:\Windows\system32\2015-03-13-03-09-55.084-AvastVBoxSVC.exe-3916.log

2015-03-13 10:56 - 2015-03-13 10:56 - 00000197 _____ () C:\Windows\system32\2015-03-13-02-56-08.030-AvastVBoxSVC.exe-3976.log

2015-03-13 08:10 - 2015-03-13 08:10 - 00000197 _____ () C:\Windows\system32\2015-03-13-00-10-09.057-AvastVBoxSVC.exe-2608.log

2015-03-12 09:31 - 2015-03-12 09:31 - 00000197 _____ () C:\Windows\system32\2015-03-12-01-31-25.065-AvastVBoxSVC.exe-2972.log

2015-03-11 14:20 - 2015-03-11 14:20 - 00000197 _____ () C:\Windows\system32\2015-03-11-06-20-41.007-AvastVBoxSVC.exe-2976.log

2015-03-11 08:40 - 2015-01-29 09:35 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

2015-03-11 08:39 - 2015-02-26 08:18 - 02064384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-03-11 08:39 - 2015-01-29 09:35 - 00975360 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-03-11 08:32 - 2015-02-20 10:03 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-03-11 08:32 - 2015-02-20 08:28 - 00296960 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-03-11 08:31 - 2015-02-26 10:01 - 03604408 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2015-03-11 08:31 - 2015-02-26 10:01 - 03552184 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-03-11 08:31 - 2015-01-21 10:02 - 00807936 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll

2015-03-11 08:31 - 2015-01-09 10:04 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-03-11 08:31 - 2015-01-09 08:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-03-11 08:30 - 2015-03-06 12:01 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-03-11 08:30 - 2014-10-13 09:12 - 02264064 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-03-11 08:29 - 2015-02-18 10:02 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-03-11 07:55 - 2015-02-22 01:37 - 12375040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-03-11 07:55 - 2015-02-22 01:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-03-11 07:55 - 2015-02-22 01:29 - 09747968 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-03-11 07:55 - 2015-02-22 01:28 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-03-11 07:55 - 2015-02-22 01:22 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-03-11 07:55 - 2015-02-22 01:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-03-11 07:55 - 2015-02-22 01:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-03-11 07:55 - 2015-02-22 01:20 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2015-03-11 07:55 - 2015-02-22 01:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-03-11 07:55 - 2015-02-22 01:19 - 01803264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-03-11 07:55 - 2015-02-22 01:19 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-03-11 07:55 - 2015-02-22 01:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-03-11 07:55 - 2015-02-22 01:19 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-03-11 07:55 - 2015-02-22 01:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-03-11 07:55 - 2015-02-22 01:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-03-11 07:55 - 2015-02-22 01:18 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-03-11 07:55 - 2015-02-22 01:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-03-11 07:55 - 2015-02-22 01:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-03-11 07:55 - 2015-02-22 01:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2015-03-11 07:55 - 2015-02-22 01:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2015-03-11 07:55 - 2015-02-22 01:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2015-03-11 07:55 - 2015-02-22 01:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-03-11 07:52 - 2015-03-11 08:05 - 00007977 _____ () C:\Users\Davie\Documents\System Idle Process.txt

2015-03-11 07:41 - 2015-03-11 07:42 - 00000197 _____ () C:\Windows\system32\2015-03-10-23-41-54.060-AvastVBoxSVC.exe-3996.log

2015-03-10 11:07 - 2015-03-10 11:07 - 00000197 _____ () C:\Windows\system32\2015-03-10-03-07-00.079-AvastVBoxSVC.exe-3132.log

2015-03-08 08:55 - 2015-03-08 08:55 - 00000197 _____ () C:\Windows\system32\2015-03-08-00-55-20.095-AvastVBoxSVC.exe-1216.log

2015-03-06 17:02 - 2015-03-06 18:22 - 00000000 ____D () C:\Users\Davie\Documents\rave (1)

2015-03-06 15:05 - 2015-03-06 15:05 - 00000775 _____ () C:\Users\Davie\Desktop\7-Zip File Manager.lnk

2015-03-06 15:02 - 2015-03-06 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-03-06 15:02 - 2015-03-06 15:02 - 00000000 ____D () C:\Program Files\7-Zip

2015-03-06 13:11 - 2015-03-10 12:16 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2015-03-06 13:11 - 2015-03-06 13:50 - 00000000 ____D () C:\ProgramData\RogueKiller

2015-03-06 07:41 - 2015-03-06 07:41 - 00000197 _____ () C:\Windows\system32\2015-03-05-23-41-45.029-AvastVBoxSVC.exe-3032.log

2015-03-05 11:41 - 2015-03-05 11:41 - 00000197 _____ () C:\Windows\system32\2015-03-05-03-41-41.090-AvastVBoxSVC.exe-2988.log

2015-03-04 17:09 - 2015-03-04 17:09 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-09-55.042-AvastVBoxSVC.exe-3692.log

2015-03-04 08:34 - 2015-03-04 08:34 - 00000197 _____ () C:\Windows\system32\2015-03-04-00-34-10.001-AvastVBoxSVC.exe-4352.log

2015-02-27 15:50 - 2015-02-27 15:50 - 00000000 ____D () C:\Users\Davie\AppData\Local\{445E4688-1907-4350-9CF6-C33C78C364DA}

2015-02-27 15:36 - 2015-02-27 15:36 - 00000000 ____D () C:\Users\Davie\AppData\Local\{F2EF7F01-C0EC-4431-B5D0-44FB24869713}

2015-02-27 14:18 - 2015-02-27 14:18 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-18-18.013-aswFe.exe-6028.log

2015-02-27 14:04 - 2015-02-27 14:18 - 00000247 _____ () C:\Windows\system32\2015-02-27-06-04-04.095-aswFe.exe-5504.log

2015-02-27 14:03 - 2015-02-27 14:03 - 00000197 _____ () C:\Windows\system32\2015-02-27-06-03-57.041-AvastVBoxSVC.exe-3136.log

2015-02-27 11:54 - 2015-02-27 11:56 - 00000000 ____D () C:\Windows\system32\vbox

2015-02-27 11:48 - 2015-03-20 21:14 - 00000000 ____D () C:\ProgramData\AVAST Software

2015-02-27 11:38 - 2015-02-27 11:41 - 132469808 _____ (AVAST Software) C:\Users\Davie\Downloads\avast_free_antivirus_setup.exe

2015-02-27 10:14 - 2015-03-12 22:43 - 00000020 _____ () C:\Users\Davie\AppData\Roaming\appdataFr3.bin

2015-02-27 09:54 - 2015-02-27 12:09 - 00000000 ____D () C:\Program Files\comfix

2015-02-23 09:47 - 2014-11-26 10:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2015-02-23 09:46 - 2015-01-15 12:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-02-23 09:37 - 2015-02-23 09:37 - 00000000 ____D () C:\Windows\Temp49189D3D-F36E-6298-86B0-6AD8E0F4F57D-Signatures

2015-02-23 09:34 - 2014-12-08 09:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2015-02-23 09:32 - 2015-02-23 09:32 - 00001127 _____ () C:\Users\Davie\Desktop\Watchtower Library 2014 - English.lnk

2015-02-23 09:32 - 2015-02-23 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2014

2015-02-23 09:29 - 2015-02-23 09:30 - 00000000 ____D () C:\1dde1cb4387c5846477e94eeeafd

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-21 08:37 - 2012-03-10 10:28 - 02058921 _____ () C:\Windows\WindowsUpdate.log

2015-03-21 08:35 - 2014-10-08 13:43 - 00000000 ___RD () C:\Users\Davie\Dropbox

2015-03-21 08:35 - 2013-10-11 19:54 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\Skype

2015-03-21 08:35 - 2013-06-27 12:22 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\Dropbox

2015-03-21 08:35 - 2013-06-03 15:44 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job

2015-03-21 08:33 - 2009-06-27 16:32 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-03-21 08:32 - 2008-08-01 17:19 - 00000276 _____ () C:\Windows\Tasks\RtlNICDiagVistaStart.job

2015-03-21 08:31 - 2006-11-02 21:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-03-21 08:31 - 2006-11-02 20:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2015-03-21 08:31 - 2006-11-02 20:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2015-03-20 22:41 - 2006-11-02 21:01 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2015-03-20 21:24 - 2011-01-26 19:40 - 00001945 _____ () C:\Windows\epplauncher.mif

2015-03-20 21:18 - 2013-06-03 15:44 - 00000000 ____D () C:\ProgramData\Google Updater

2015-03-20 19:01 - 2008-08-01 17:18 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

2015-03-19 21:04 - 2006-11-02 18:33 - 00759542 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-03-18 14:35 - 2013-10-11 19:54 - 00000000 ___RD () C:\Program Files\Skype

2015-03-18 14:34 - 2010-02-10 17:14 - 00000000 ____D () C:\ProgramData\Skype

2015-03-18 14:11 - 2008-09-26 10:54 - 00000000 ____D () C:\Netgear

2015-03-18 13:54 - 2008-08-01 17:17 - 00000000 ____D () C:\Program Files\Java

2015-03-18 02:41 - 2006-11-02 19:18 - 00000000 ____D () C:\Windows\system32\Msdtc

2015-03-18 02:41 - 2006-11-02 19:18 - 00000000 ____D () C:\Windows\registration

2015-03-18 02:41 - 2006-11-02 18:22 - 49807360 _____ () C:\Windows\system32\config\software_previous

2015-03-18 02:41 - 2006-11-02 18:22 - 29097984 _____ () C:\Windows\system32\config\system_previous

2015-03-18 02:39 - 2006-11-02 18:22 - 44040192 _____ () C:\Windows\system32\config\components_previous

2015-03-18 02:39 - 2006-11-02 18:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous

2015-03-17 11:22 - 2008-08-01 17:19 - 00000000 ____D () C:\Program Files\Realtek

2015-03-17 11:20 - 2008-08-01 17:19 - 00000000 ____D () C:\Program Files\Intel

2015-03-17 11:12 - 2009-10-26 14:48 - 00000000 ____D () C:\Users\Davie\AppData\Local\Deployment

2015-03-17 11:06 - 2010-12-10 18:41 - 00000000 ____D () C:\Temp

2015-03-17 11:00 - 2008-08-01 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell

2015-03-17 10:58 - 2008-08-01 17:23 - 00000000 ____D () C:\Program Files\Dell

2015-03-17 10:42 - 2008-09-25 17:59 - 00000000 ____D () C:\Users\Davie

2015-03-17 10:14 - 2006-11-02 18:22 - 00524288 _____ () C:\Windows\system32\config\default_previous

2015-03-17 10:14 - 2006-11-02 18:22 - 00262144 _____ () C:\Windows\system32\config\security_previous

2015-03-17 10:11 - 2008-08-02 01:05 - 00000000 ____D () C:\Windows\system32\RTCOM

2015-03-17 10:10 - 2009-10-26 14:51 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll

2015-03-17 07:57 - 2006-11-02 19:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2015-03-16 18:35 - 2012-11-29 12:51 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\vlc

2015-03-16 18:32 - 2010-11-11 11:09 - 00000000 ____D () C:\ProgramData\WinZip

2015-03-16 18:27 - 2008-09-25 18:00 - 00001000 _____ () C:\Users\Davie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

2015-03-16 18:16 - 2008-09-29 10:39 - 00000000 ____D () C:\Users\Davie\AppData\Local\Adobe

2015-03-16 17:27 - 2011-08-08 11:52 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

2015-03-16 17:27 - 2008-10-18 19:32 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2015-03-16 17:27 - 2008-08-01 17:23 - 00000000 ____D () C:\ProgramData\Adobe

2015-03-16 16:48 - 2010-03-10 10:13 - 00000000 ____D () C:\Windows\pss

2015-03-15 20:24 - 2008-09-25 18:01 - 00000000 ____D () C:\Users\Davie\AppData\Local\Google

2015-03-15 20:24 - 2008-08-01 17:23 - 00000000 ____D () C:\Program Files\Google

2015-03-15 20:05 - 2014-08-29 16:07 - 00000000 ____D () C:\Users\Davie\AppData\Roaming\Wondershare

2015-03-15 19:27 - 2008-09-25 20:09 - 00045568 _____ () C:\Users\Davie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-03-15 19:06 - 2008-09-25 18:21 - 00000000 ____D () C:\ProgramData\Roxio

2015-03-14 12:34 - 2015-01-06 12:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-03-14 12:15 - 2014-10-26 18:09 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2015-03-14 12:11 - 2015-01-06 12:52 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2015-03-14 12:11 - 2015-01-06 12:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2015-03-14 11:46 - 2008-09-26 11:56 - 00007512 _____ () C:\Users\Davie\AppData\Local\d3d9caps.dat

2015-03-13 12:35 - 2012-10-12 11:02 - 00000050 _____ () C:\Windows\system32\BRIDF10A.DAT

2015-03-13 12:35 - 2008-09-26 13:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother

2015-03-13 12:33 - 2008-09-26 13:11 - 00000000 ____D () C:\Program Files\Brother

2015-03-13 11:42 - 2008-09-26 13:12 - 00000462 _____ () C:\Windows\BRWMARK.INI

2015-03-11 14:08 - 2006-11-02 20:47 - 00315880 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-03-11 08:39 - 2013-08-10 10:28 - 00000000 ____D () C:\Windows\system32\MRT

2015-03-11 08:32 - 2006-11-02 18:24 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2015-03-10 11:15 - 2015-02-08 12:04 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2015-03-05 16:20 - 2014-12-05 20:49 - 00000861 _____ () C:\Users\Public\Desktop\VLC media player.lnk

2015-03-04 16:59 - 2013-08-01 18:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-02-27 12:46 - 2014-09-01 16:18 - 00000365 _____ () C:\Users\Davie\AppData\Roaming\LSHLRGPF

2015-02-27 12:36 - 2015-01-09 16:06 - 00000000 ____D () C:\ProgramData\4001812108

2015-02-27 09:54 - 2015-02-08 11:14 - 00000000 ____D () C:\ProgramData\59b4cf200005341

2015-02-25 14:00 - 2015-01-13 17:56 - 00000008 __RSH () C:\ProgramData\ntuser.pol

2015-02-25 13:56 - 2006-11-02 19:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2015-02-24 04:23 - 2009-10-03 17:31 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2015-02-23 12:19 - 2011-06-01 21:14 - 00000000 ____D () C:\Users\Davie\dwhelper

2015-02-23 09:49 - 2011-09-25 14:14 - 00000000 ____D () C:\Program Files\Watchtower

==================== Files in the root of some directories =======

2013-06-11 12:15 - 2013-06-11 12:13 - 0013824 _____ () C:\Program Files\1033.MST

2012-09-17 13:33 - 2012-09-17 13:33 - 0000288 _____ () C:\Users\Davie\AppData\Roaming\.backup.dm

2015-02-27 10:14 - 2015-03-12 22:43 - 0000020 _____ () C:\Users\Davie\AppData\Roaming\appdataFr3.bin

2014-09-01 16:18 - 2015-02-27 12:46 - 0000365 _____ () C:\Users\Davie\AppData\Roaming\LSHLRGPF

2014-01-20 12:30 - 2014-01-20 12:30 - 0000041 _____ () C:\Users\Davie\AppData\Roaming\mbam.context.scan

2014-09-01 16:18 - 2014-09-01 16:18 - 0002086 _____ () C:\Users\Davie\AppData\Roaming\QAKOG

2008-10-12 13:48 - 2008-10-12 13:48 - 0026340 _____ () C:\Users\Davie\AppData\Roaming\UserTile.png

2009-09-24 16:17 - 2014-03-14 11:46 - 0000140 _____ () C:\Users\Davie\AppData\Roaming\wklnhst.dat

2012-04-18 13:56 - 2012-04-18 13:56 - 0000552 _____ () C:\Users\Davie\AppData\Local\d3d8caps.dat

2008-09-26 11:56 - 2015-03-14 11:46 - 0007512 _____ () C:\Users\Davie\AppData\Local\d3d9caps.dat

2008-09-25 20:09 - 2015-03-15 19:27 - 0045568 _____ () C:\Users\Davie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2009-06-07 14:46 - 2009-06-07 14:46 - 0008248 _____ () C:\Users\Davie\AppData\Local\en.ini

2015-03-19 21:03 - 2015-03-19 21:04 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Davie\AppData\Local\pcc.exe

2012-09-05 17:11 - 2012-09-05 17:11 - 0001503 _____ () C:\Users\Davie\AppData\Local\recently-used.xbel

2010-02-10 17:23 - 2010-02-10 17:23 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

2008-10-15 16:08 - 2010-10-27 18:40 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt

Some content of TEMP:

====================

C:\Users\Davie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz6kmz7.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-21 08:39

==================== End Of Log ============================

#67
Zambian

Posted 20 March 2015 - 06:51 PM

Member

Topic Starter
Member
66 posts

Here is the Addition txt. log. also i should tell you that i reinstalled Microsoft Security Essentials and deleated Avaste because their advertising was getting anoying.

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015

Ran by Davie at 2015-03-21 08:42:43

Running from C:\Users\Davie\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}

AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 beta (HKLM\...\7-Zip) (Version: - )

Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)

Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)

Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)

ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.0512.1132 - )

Brother MFL-Pro Suite DCP-J315W (HKLM\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 2.0.0.0 - Brother Industries, Ltd.)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

ccc-core-static (Version: 2008.0512.1133.18639 - ATI) Hidden

CONNEXX 6.5.4 (HKLM\...\{EDDF7146-1083-41CD-8D64-4D0612776D24}) (Version: 6.5.4 - Siemens Audiologische Technik GmbH)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)

Dell DataSafe Local Backup - Support Software (HKLM\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)

Dell DataSafe Local Backup (HKLM\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)

Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell)

Dell Driver Download Manager (HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\309a46b1dc89b774) (Version: 1.1.0.0 - Dell Inc.)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.10.0000 - Dell Inc.)

Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.52 - Dell)

Dell System Detect - 1 (HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\73f463568823ebbe) (Version: 5.14.0.9 - Dell)

Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)

Dropbox (HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)

EDocs (HKLM\...\{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}) (Version: - )

Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.76 - Google Inc.)

Google Drive (HKLM\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)

Google Earth (HKLM\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)

Google Talk (remove only) (HKU\S-1-5-21-30905629-1660685971-3630012643-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )

Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden

Google Updater (HKLM\...\Google Updater) (Version: 2.4.1508.6312 - Google Inc.)

Java 8 Update 40 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LINE (HKLM\...\LINE) (Version: 3.5.2.42 - LINE Corporation)

MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 4.0 - Dell)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Expression Encoder 4 (HKLM\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)

Microsoft Expression Encoder 4 Screen Capture Codec (HKLM\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)

Microsoft Flight Simulator X Demo (HKLM\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)

Microsoft IntelliPoint 8.0 (HKLM\...\{00F93853-D9D3-4795-A89E-84CCBA0205C9}) (Version: 8.0.225.0 - Microsoft)

Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.17.8 - Dell)

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

Naviextras Toolbox (HKLM\...\Naviextras Toolbox) (Version: 3.18.3.412849 - NNG Llc.)

Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)

NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)

OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden

OOo-dev 3.4 (HKLM\...\{1153700F-C007-4EC7-B04A-7C14D1E6E3DD}) (Version: 3.4.9583 - OpenOffice.org)

PaperPort (HKLM\...\{A17EABB6-D0C6-44E5-820C-72DC7F495064}) (Version: 9.02.0823 - ScanSoft, Inc.)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)

Realtek Ethernet Network Card Diagnostic tool for Windows Vista (HKLM\...\{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}) (Version: 1.00 - Realtek)

Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)

Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 6.0.0 - Roxio)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

SHS6 Common (HKLM\...\{7EA9F56C-DF0E-4937-BEC1-5267A61B3216}) (Version: 1.0 - Siemens Audiologische Technik GmbH)

SHS6 Fitting (HKLM\...\{829154BB-A671-44E1-8103-28310E9BCD59}) (Version: 1.0 - Siemens Audiologische Technik GmbH)

SIFIT (HKLM\...\{C82C3BB6-34D2-4CE3-B700-35A0C748203F}) (Version: 6.10.3.1096 - Siemens)

Skins (Version: 2008.0512.1133.18639 - ATI) Hidden

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)

Skype™ 7.2 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)

Sophos Anti-Rootkit 1.5.20 (HKLM\...\Sophos-AntiRootkit) (Version: 1.5.20 - Sophos Plc)

SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)

Watchtower Library 2014 - English (HKLM\...\{DB6F2EEA-CEEA-4096-8BD7-ABF100A90820}) (Version: 16.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.)

Webshots Desktop (HKLM\...\Webshots Desktop) (Version: - )

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

XviD 1.1 final uninstall (HKLM\...\XviD_is1) (Version: 1.1 - XviD team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Davie\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Davie\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-30905629-1660685971-3630012643-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Davie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

20-03-2015 19:06:55 Windows Update

20-03-2015 21:08:57 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 18:23 - 2012-09-09 18:54 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0312CF9D-1717-4060-A541-3DFC8F9C511B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2008-01-21] (Microsoft Corporation)

Task: {082A3490-8583-42FC-BA0F-D7C64C129FDD} - System32\Tasks\NCH Software\SoundTapReminder => C:\Program Files\NCH Software\SoundTap\SoundTap.exe

Task: {1135BB68-D0B1-4B75-9817-6C5DC7F375B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)

Task: {1A01BC66-ACE8-4EC4-AF2B-484BC686BE1F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)

Task: {1E999F23-AF14-4494-9A1F-8471EB3E366F} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)

Task: {30346CC6-E909-47CB-8439-4E93245F0A5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-14] (Adobe Systems Incorporated)

Task: {43988667-0A76-474B-A024-041C76E912A5} - System32\Tasks\{A5C06A36-B431-46FF-80C4-E69B802BB2E3} => pcalua.exe -a C:\Users\Davie\Downloads\sar_15_sfx(1).exe -d C:\Users\Davie\Downloads

Task: {482DFB24-54E0-4D8C-A8B9-38FFB7FB4613} - System32\Tasks\{4586A9F7-8D49-4011-8084-D52116E170F7} => pcalua.exe -a C:\Users\Davie\Downloads\UWC-1.6.6-setup.exe -d C:\Users\Davie\Downloads

Task: {485E1B45-55FC-4852-BBC6-B428D3754239} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-02-04] (PC-Doctor, Inc.)

Task: {648D1896-4029-4A3F-9F4C-572BC7BEF210} - System32\Tasks\{67136D08-7A91-4DFE-B7B3-3C424B54710B} => pcalua.exe -a C:\Users\Davie\Documents\EOSDemoInstaller-1.0.556e\EOSDemoInstaller-1.0.556e.exe -d C:\Users\Davie\Documents\EOSDemoInstaller-1.0.556e

Task: {68303AE2-A8BA-446E-8818-1131643CCA35} - System32\Tasks\{5A894DF6-971E-4012-937E-867340820B50} => pcalua.exe -a C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{B98A34C0-A6A2-4087-B272-557C1C6D0A07}

Task: {7404E747-CDDE-436A-8423-C373D6443A4F} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {7DB29D85-BE62-4292-9BF1-E87DF4405383} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)

Task: {81F0A997-6226-446A-9214-30354B107C25} - System32\Tasks\{27EFB552-D6D8-4D1B-BF0B-6437C9ADF7DD} => pcalua.exe -a "C:\Program Files\GameHouse\The Rise of Atlantis\GDFUninstall.exe" -d "C:\Program Files\GameHouse\The Rise of Atlantis"

Task: {8373807F-98CB-4B09-85E7-AD14798212E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)

Task: {8FCFC650-8A05-42A0-9974-6978B9D11AC6} - System32\Tasks\{D913099B-469A-4779-A7DE-1AE0C2ADC6AE} => pcalua.exe -a C:\DELL\E-Center\UninstallTB.exe -d C:\Windows\system32

Task: {992FEA72-5302-4BE2-B35E-B417A23AE557} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-30905629-1660685971-3630012643-1000Core => C:\Users\Davie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-20] (Facebook Inc.)

Task: {99315673-E85E-4C73-A0B3-CA5DBA179345} - System32\Tasks\{9AEE2A97-A7DC-49C0-871E-76639E99EF06} => pcalua.exe -a C:\Users\Davie\Documents\I519-106.EXE -d C:\Users\Davie\Documents

Task: {A32288CB-C3F2-44C1-9ACC-22F933EAE8C3} - System32\Tasks\{6107023B-40B7-4271-96BB-1F283BC5B5F9} => pcalua.exe -a "C:\Users\Davie\AppData\Roaming\Google\Google Talk\uninstall.exe"

Task: {BB8AF535-AE05-4502-BA59-E23A00F74FA0} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Davie => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)

Task: {C0F38045-2368-4E67-BA39-E88E5F71E7DB} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-02-04] (PC-Doctor, Inc.)

Task: {C3A4CBB5-F05C-4C5B-B122-041EAB8AECD6} - System32\Tasks\{04111AD4-F525-4CF7-8019-6D339CDCA81F} => C:\Program Files\Skype\Phone\Skype.exe [2015-02-26] (Skype Technologies S.A.)

Task: {D2F12AD7-076E-4A61-8925-8E8B64D5658A} - System32\Tasks\RtlNICDiagVistaStart => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe [2008-03-06] (Realtek)

Task: {E714106D-3CF1-4A04-8F20-2284D92C2A09} - System32\Tasks\{73D211A9-C77E-4245-9D51-9E3F1EF57902} => pcalua.exe -a C:\Users\Davie\AppData\Local\Apps\2.0\L1YMPGED.XGQ\1G05GZ07.40T\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\Uninstaller.exe -c uninstall

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\RtlNICDiagVistaStart.job => C:\Program Files\Realtek\RTNICDiag\RTNICDiag.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{482C88B6-77D7-485C-AA97-80C9C2BCAB5A}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) ==============

2015-03-13 12:33 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll

2008-08-02 08:59 - 2008-06-13 19:34 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll

2014-10-17 03:21 - 2014-10-17 03:21 - 00223744 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\7c1c70a15ac0d8b5995d970def1d0502\VistaBridgeLibrary.ni.dll

2014-08-29 16:08 - 2014-10-31 16:37 - 01498112 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll

2014-08-29 16:08 - 2014-05-19 17:19 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2015-03-17 16:56 - 2015-03-05 06:08 - 00750080 _____ () C:\Users\Davie\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-21 08:35 - 2015-03-21 08:35 - 00043008 _____ () c:\users\davie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz6kmz7.dll

2015-03-17 16:56 - 2015-03-05 06:08 - 00047616 _____ () C:\Users\Davie\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-17 16:56 - 2015-03-05 06:08 - 00865280 _____ () C:\Users\Davie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-17 16:56 - 2015-03-05 06:07 - 00200704 _____ () C:\Users\Davie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-30905629-1660685971-3630012643-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Davie\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Photo Gallery Wallpaper.jpg

DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: Ati External Event Utility => 2

MSCONFIG\Services: Brother XP spl Service => 2

MSCONFIG\Services: BrYNSvc => 3

MSCONFIG\Services: NAUpdate => 2

MSCONFIG\Services: SftService => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Davie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\Windows\pss\OpenOffice.org 3.1.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: autodetect => C:\Windows\system32\SupportAppXL\AutoDect.exe

MSCONFIG\startupreg: AutoStartNPSAgent => C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe

MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN

MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

MSCONFIG\startupreg: Exetender => "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup

MSCONFIG\startupreg: Facebook Update => "C:\Users\Davie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background

MSCONFIG\startupreg: IndexSearch => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"

MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

MSCONFIG\startupreg: NeroCheck => C:\Windows\system32\NeroCheck.exe

MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

MSCONFIG\startupreg: PaperPort PTD => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

MSCONFIG\startupreg: SSBkgdUpdate => "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-30905629-1660685971-3630012643-500 - Administrator - Disabled)

Davie (S-1-5-21-30905629-1660685971-3630012643-1000 - Administrator - Enabled) => C:\Users\Davie

Guest (S-1-5-21-30905629-1660685971-3630012643-501 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (03/21/2015 08:32:25 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 10:01:34 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 09:15:53 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/20/2015 09:08:57 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005.

This is often caused by incorrect security settings in either the writer or requestor process.

Operation:

Gathering Writer Data

Context:

Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

Writer Name: System Writer

Writer Instance ID: {94aca573-f763-4a1d-9c94-6682ee5659d7}

Error: (03/20/2015 07:07:17 PM) (Source: MsiInstaller) (EventID: 10005) (User: Davie-PC)

Description: Product: Microsoft Fix it 50688 -- This Microsoft Fix it does not apply to your operating system or application version.

Error: (03/20/2015 07:01:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application setup.exe_Sony PC Companion, version 17.0.0.717, time stamp 0x4cab8cfa, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x60e046f0,

process id 0x142c, application start time 0xsetup.exe_Sony PC Companion0.

Error: (03/20/2015 06:52:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/19/2015 08:05:31 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 02:38:25 PM) (Source: Windows Search Service) (EventID: 3013) (User: )

Description: The entry <C:\USERS\DAVIE\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:

A device attached to the system is not functioning. (0x8007001f)

System errors:

=============

Error: (03/21/2015 08:31:51 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)

Description: 2147942402

Error: (03/20/2015 10:33:43 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 10:33:23 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 10:26:04 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)

Description: 2147942402

Error: (03/20/2015 10:24:40 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 10:11:10 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 10:00:33 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)

Description: 2147942402

Error: (03/20/2015 09:36:04 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 09:35:41 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/20/2015 09:35:28 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk0\DR0, has a bad block.

Microsoft Office Sessions:

=========================