Every page I go to on the web I'm getting inundated with adds ... they're terrifying!
Can anyone help please?
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Owner (administrator) on OWNER-PC on 15-03-2015 14:23:30
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available profiles: Owner)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Alcatel-Lucent) C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\MAHostService.exe
(Joyent, Inc) C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\node.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Telstra Corporation Ltd.) C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\pcTrayApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe
() C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe
() C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\Plugin.exe
() C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\Plugin.exe
() C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\Plugin.exe
() C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\Plugin.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4915200 2008-02-13] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [Telstra_McciTrayApp] => C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\pcTrayApp.exe [2013696 2014-09-11] (Telstra Corporation Ltd.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X]
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-20] (Piriform Ltd)
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-02-14] (Siber Systems)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
SearchScopes: HKLM -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask...or={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.co...?q={searchTerms}
SearchScopes: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> {203A9549-7B06-4E7C-AE56-E4CA0D24AD4C} URL = https://au.search.ya...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = http://search.tb.ask...or={searchTerms}
SearchScopes: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> {B157E6A5-6063-4608-85AB-AA683985F058} URL = https://www.google.c...?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2015-02-14] (Siber Systems Inc.)
BHO: Roll Around -> {83c0e288-8fa0-43d3-acc7-c1e839d85abc} -> C:\Program Files\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll [2015-03-14] ()
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-14] (Google Inc.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2015-02-14] (Siber Systems Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-14] (Google Inc.)
Toolbar: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2015-02-14] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-754179056-1382982999-2036298953-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-14] (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
FireFox:
========
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 -> C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\npMotive.dll [2014-09-11] (Telstra Corporation Ltd.)
FF Plugin: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files\Common Files\Motive\npMotiveRequest.dll [2014-09-11] (Telstra Corporation Ltd.)
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nppl3260.dll [2009-02-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\MpcStar\Codecs\Real\browser\plugins\nprpjplug.dll [2009-02-23] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-02-01]
Chrome:
=======
CHR HomePage: Default -> https://au.search.ya...11&fr=yo-yhp-ch
CHR StartupUrls: Default -> "https://au.search.ya...11&fr=yo-yhp-ch", "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> yahoo.com search
CHR DefaultSuggestURL: Default -> https://ff.search.ya...nd={searchTerms}
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-17]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Motive Extension) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\edmgmpmklgfbohogafcfobonnkogchec [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
CHR Extension: (RoboForm) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-01-16]
CHR HKLM\...\Chrome\Extension: [edmgmpmklgfbohogafcfobonnkogchec] - C:\Program Files\Common Files\Motive\extensions\MotiveRequest.crx [2015-03-14]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-15]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)
R2 pcCMService; C:\Program Files\Common Files\Motive\pcCMService.exe [369152 2013-10-23] (Alcatel-Lucent) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 Service Mgr RollAround; C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe [581360 2015-03-14] ()
R2 Telstra MAHostService; C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\bin\MAHostService.exe [321024 2014-09-11] (Alcatel-Lucent) [File not signed]
R2 Update Mgr RollAround; C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe [388848 2015-03-14] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 2WIREPCP; C:\Windows\System32\DRIVERS\2WirePCP.sys [60768 2007-03-23] (2Wire, Inc.)
R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [32896 2011-11-28] (AnvSoft Inc.) [File not signed]
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [26984 2012-11-05] (AVG Technologies)
S3 gdrv; C:\Windows\gdrv.sys [16608 2010-02-01] (Windows ® 2000 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-02-03] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-02-03] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [717296 2010-02-03] (Duplex Secure Ltd.)
S3 U2800Vid; C:\Windows\System32\DRIVERS⠀Vid.sys [347904 2009-08-19] (Compro Technology, Inc.)
S3 cpuz134; \??\C:\Users\Owner\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 14:23 - 2015-03-15 14:24 - 00016146 _____ () C:\Users\Owner\Desktop\FRST.txt
2015-03-15 14:19 - 2015-03-15 14:23 - 00000000 ____D () C:\FRST
2015-03-15 14:17 - 2015-03-15 14:17 - 01135104 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2015-03-15 13:59 - 2015-03-15 13:59 - 00002227 _____ () C:\Users\Owner\Documents\Jason Owen.txt
2015-03-14 16:50 - 2015-03-15 14:14 - 00000000 ____D () C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf
2015-03-14 16:50 - 2015-03-15 14:14 - 00000000 ____D () C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf
2015-03-14 16:50 - 2015-03-14 16:51 - 00000000 ____D () C:\Program Files\Roll Around
2015-03-14 16:50 - 2015-03-14 16:50 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\OpenCandy
2015-03-14 14:49 - 2015-03-14 16:26 - 00000000 ____D () C:\Users\Owner\Downloads\THE HOBBIT THE BATTLE OF THE FIVE ARMIES [2014]DVDRip[RoB]
2015-03-14 14:18 - 2015-03-15 03:43 - 00002390 _____ () C:\Windows\PFRO.log
2015-03-14 12:20 - 2015-02-24 10:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-14 12:20 - 2015-02-21 08:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-14 12:20 - 2015-02-21 08:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-03-14 12:20 - 2015-02-21 08:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-14 12:20 - 2015-02-21 08:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-14 12:20 - 2015-02-21 07:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-14 12:20 - 2015-02-20 10:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-03-14 12:20 - 2015-02-20 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-03-14 12:20 - 2015-02-20 10:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-03-14 12:20 - 2015-02-20 10:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-03-14 12:20 - 2015-02-20 10:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-14 12:20 - 2015-02-20 10:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-14 12:20 - 2015-02-20 10:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-03-14 12:20 - 2015-02-20 10:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-03-14 12:20 - 2015-02-20 09:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-03-14 12:20 - 2015-02-20 09:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-14 12:20 - 2015-02-20 09:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-03-14 12:20 - 2015-02-20 09:56 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-03-14 12:20 - 2015-02-20 09:50 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-14 12:20 - 2015-02-20 09:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-14 12:20 - 2015-02-20 09:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-03-14 12:20 - 2015-02-20 09:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-14 12:20 - 2015-02-20 09:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-14 12:20 - 2015-02-20 09:24 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-03-14 12:20 - 2015-02-20 09:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-03-14 12:20 - 2015-02-20 09:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-14 12:20 - 2015-02-20 08:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-14 12:20 - 2015-02-20 08:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-14 12:20 - 2015-02-03 11:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-14 12:20 - 2015-01-31 11:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-14 12:20 - 2015-01-31 11:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-14 12:20 - 2015-01-31 08:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-14 12:19 - 2015-02-26 11:11 - 02381312 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-14 12:19 - 2015-02-20 10:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-14 12:19 - 2015-02-20 09:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-14 12:19 - 2015-02-13 13:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-14 12:19 - 2015-01-17 10:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-14 12:17 - 2015-02-03 11:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-14 12:16 - 2015-03-06 13:15 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-03-14 12:16 - 2015-03-06 13:15 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-03-14 12:16 - 2015-03-06 13:10 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-03-14 12:16 - 2015-03-06 13:10 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-03-14 12:16 - 2015-03-06 13:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-03-14 12:16 - 2015-03-06 13:09 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-03-14 12:16 - 2015-03-06 13:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-03-14 12:16 - 2015-03-06 13:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-03-14 12:16 - 2015-03-06 13:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-03-14 12:16 - 2015-02-20 12:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-14 12:16 - 2015-02-20 12:13 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-14 12:16 - 2015-02-20 12:13 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-14 12:16 - 2015-02-20 12:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-14 12:16 - 2015-02-20 11:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-14 12:15 - 2015-02-04 10:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-14 12:15 - 2015-02-03 11:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-03-14 12:15 - 2015-02-03 11:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-14 12:15 - 2015-02-03 11:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-14 12:15 - 2015-02-03 11:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-14 12:15 - 2015-02-03 11:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-14 12:15 - 2015-01-31 07:56 - 00370488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-14 12:15 - 2014-06-28 08:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-14 12:14 - 2015-02-03 11:16 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-14 12:14 - 2015-02-03 11:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-03-14 12:14 - 2015-02-03 11:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-14 12:14 - 2015-02-03 11:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-14 12:14 - 2015-02-03 11:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-14 12:14 - 2015-02-03 11:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-14 12:14 - 2015-02-03 11:11 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-14 12:14 - 2015-02-03 11:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-14 12:14 - 2015-02-03 11:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-14 12:14 - 2015-02-03 11:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-14 12:14 - 2015-02-03 11:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-03-14 12:14 - 2015-02-03 10:26 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-14 12:14 - 2014-11-01 06:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-14 12:14 - 2014-06-28 08:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-14 11:42 - 2015-03-15 13:13 - 00000000 ____D () C:\Program Files\Telstra Broadband Assistant
2015-03-14 11:42 - 2015-03-14 11:42 - 00002733 _____ () C:\Users\Public\Desktop\Telstra Broadband Assistant.lnk
2015-03-14 11:42 - 2015-03-14 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telstra
2015-03-14 11:41 - 2015-03-14 11:41 - 00000000 ____D () C:\Program Files\Common Files\Motive
2015-03-14 09:19 - 2015-03-14 09:19 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-03-14 09:17 - 2015-03-15 13:13 - 00191424 _____ () C:\Windows\setupact.log
2015-03-14 09:17 - 2015-03-14 09:17 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-01 12:41 - 2015-03-01 12:41 - 00000065 _____ () C:\Users\Owner\Documents\Misc.txt
2015-03-01 10:52 - 2015-03-01 10:53 - 04762251 _____ () C:\Users\Owner\Desktop\weather-center-win7gadgets-com.zip
2015-02-28 11:28 - 2015-03-01 11:21 - 00000059 _____ () C:\Users\Owner\Documents\idolforums.txt
2015-02-28 04:05 - 2015-02-28 04:05 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Google
2015-02-28 04:03 - 2015-02-28 04:03 - 00000000 ____D () C:\ProgramData\Google
2015-02-28 03:59 - 2015-02-28 03:59 - 05325696 _____ (Piriform Ltd) C:\Users\Owner\Downloads\ccsetup503.exe
2015-02-27 19:21 - 2015-03-13 16:02 - 00000000 ____D () C:\Program Files\Microsoft OneDrive
2015-02-27 03:00 - 2015-01-09 07:44 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-26 23:12 - 2015-02-26 23:12 - 00004124 _____ () C:\Users\Owner\Documents\Config.xml
2015-02-23 11:21 - 2015-03-13 16:02 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2015-02-23 11:14 - 2015-02-23 11:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\Sparta
2015-02-23 11:14 - 2015-02-23 11:14 - 00000000 ____D () C:\Users\Owner\AppData\Local\Plarium
2015-02-19 11:53 - 2015-01-09 10:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-19 11:53 - 2015-01-09 10:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-19 11:53 - 2015-01-09 10:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-18 16:30 - 2015-03-13 22:28 - 00000000 ____D () C:\Users\Owner\Downloads\Misc
2015-02-17 09:21 - 2015-03-13 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-02-17 09:21 - 2015-02-27 15:08 - 00000000 ____D () C:\Program Files\GreenTree Applications
2015-02-17 09:21 - 2015-02-17 09:21 - 00001233 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2015-02-17 09:21 - 2015-02-17 09:21 - 00000000 ____D () C:\ProgramData\YTD Video Downloader
2015-02-14 22:44 - 2015-02-14 22:47 - 00000000 ____D () C:\Users\Owner\Desktop\Personal
2015-02-14 18:03 - 2015-02-14 18:03 - 00000000 ____D () C:\Users\Owner\Downloads\Private
2015-02-13 01:22 - 2015-02-13 01:22 - 00448512 _____ (OldTimer Tools) C:\Users\Owner\Downloads\TFC.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-15 14:06 - 2015-01-23 19:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-15 14:06 - 2014-03-16 15:45 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-15 14:06 - 2014-03-16 15:45 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 14:05 - 2015-01-19 04:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2015-03-15 13:20 - 2011-07-16 00:44 - 00018864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 13:20 - 2011-07-16 00:44 - 00018864 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 13:16 - 2014-07-16 07:39 - 01905181 _____ () C:\Windows\WindowsUpdate.log
2015-03-15 13:13 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-14 17:47 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache
2015-03-14 17:11 - 2015-01-16 15:55 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-14 16:50 - 2011-02-11 00:06 - 00001127 _____ () C:\Users\Owner\Desktop\Any Video Converter.lnk
2015-03-14 16:37 - 2010-11-29 10:45 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2015-03-14 16:34 - 2015-02-08 08:41 - 00013824 ___SH () C:\Users\Owner\AppData\Thumbs.db
2015-03-14 16:29 - 2013-01-28 10:01 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitComet
2015-03-14 14:37 - 2015-01-22 19:36 - 00000000 ____D () C:\Users\Owner\Desktop\Receipts
2015-03-14 14:18 - 2009-07-14 12:33 - 00269880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-14 12:33 - 2013-08-16 03:10 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-14 12:27 - 2011-08-12 14:59 - 119837696 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-14 09:19 - 2015-01-10 00:16 - 00000000 ___RD () C:\Users\Owner\OneDrive
2015-03-13 22:03 - 2015-01-29 05:27 - 00000000 ____D () C:\Users\Owner\Desktop\Autoruns
2015-03-13 16:10 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-13 16:06 - 2011-07-16 00:48 - 00000000 ____D () C:\Users\Owner
2015-03-13 16:04 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-03-13 16:02 - 2015-02-07 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-03-13 16:02 - 2015-01-28 02:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-03-13 16:02 - 2015-01-17 04:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-03-13 16:02 - 2015-01-16 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-13 16:02 - 2013-11-19 09:51 - 00000000 ____D () C:\Users\Owner\Documents\default
2015-03-13 16:02 - 2013-03-26 15:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet
2015-03-13 16:02 - 2013-01-28 10:01 - 00000000 ____D () C:\Program Files\BitComet
2015-03-13 16:02 - 2013-01-20 07:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-03-13 16:02 - 2012-11-29 03:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2015-03-13 16:01 - 2011-11-11 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-03-13 16:01 - 2011-11-11 16:42 - 00000000 ____D () C:\Program Files\Auslogics
2015-03-13 16:01 - 2009-07-14 10:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-03-13 16:00 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\registration
2015-03-13 15:57 - 2010-02-03 01:04 - 00000000 ____D () C:\Users\Owner\AppData\Local\Google
2015-03-13 03:22 - 2011-07-30 19:29 - 00000000 ____D () C:\Windows\Minidump
2015-03-13 02:32 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2015-03-10 09:22 - 2015-01-21 02:02 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-03-03 21:16 - 2010-02-02 10:55 - 00246920 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-28 04:03 - 2015-02-09 09:54 - 00000925 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-28 04:03 - 2015-02-09 09:54 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-28 04:03 - 2011-11-17 02:19 - 00000000 ____D () C:\Program Files\Google
2015-02-27 15:20 - 2015-02-07 08:15 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2015-02-27 15:20 - 2015-02-07 08:15 - 00000000 ____D () C:\Program Files\XTab
2015-02-27 15:20 - 2014-10-26 10:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-02-27 15:18 - 2015-01-17 04:19 - 00000000 ____D () C:\Program Files\Speccy
2015-02-27 15:18 - 2014-12-11 03:18 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-27 15:18 - 2014-05-07 03:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-27 15:18 - 2012-11-14 16:09 - 00000000 ____D () C:\Windows\pss
2015-02-27 15:18 - 2010-02-01 13:26 - 00000000 ____D () C:\Windows\system32\Macromed
2015-02-27 15:18 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-02-27 15:17 - 2015-02-07 15:32 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-02-27 15:17 - 2010-02-14 15:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\CyberLink
2015-02-27 15:17 - 2010-02-02 13:04 - 00000000 ____D () C:\Program Files\Common Files\HP
2015-02-27 15:17 - 2010-02-02 13:03 - 00000000 ____D () C:\Program Files\Common Files\Hewlett-Packard
2015-02-27 15:17 - 2010-02-02 12:58 - 00000000 ____D () C:\Program Files\HP
2015-02-27 15:17 - 2010-02-01 12:26 - 00000000 ____D () C:\Program Files\Common Files\Ahead
2015-02-27 15:17 - 2010-02-01 12:20 - 00000000 ____D () C:\Program Files\CyberLink
2015-02-27 15:17 - 2010-02-01 12:09 - 00000000 ____D () C:\Program Files\InstallShield Installation Information
2015-02-27 15:17 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\AppCompat
2015-02-27 15:09 - 2015-02-07 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Local\VS Revo Group
2015-02-27 15:09 - 2015-01-29 07:42 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-02-27 15:09 - 2014-05-01 09:44 - 00000000 ____D () C:\Users\Owner\AppData\Local\SlimWare Utilities Inc
2015-02-27 15:09 - 2010-02-14 15:49 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-27 15:09 - 2010-02-01 12:09 - 00000000 ____D () C:\Program Files\Realtek
2015-02-27 03:04 - 2009-07-14 12:53 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-18 03:16 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\tracing
2015-02-17 09:28 - 2012-04-25 06:08 - 00000000 ____D () C:\Users\Owner\Downloads\You-Tube
==================== Files in the root of some directories =======
2015-02-11 06:46 - 2015-02-11 06:42 - 0196496 _____ (Mindspark) C:\Program Files\64res.dll
2015-02-11 06:46 - 2015-02-11 06:42 - 1037896 _____ (Mindspark) C:\Program Files\64Uninstall TelevisionFanatic.dll
2013-04-01 19:07 - 2013-04-01 19:07 - 0026108 _____ () C:\Users\Owner\AppData\Roaming\UserTile.png
2014-09-11 19:44 - 2014-09-11 19:44 - 0003584 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-11 09:56 - 2015-01-22 05:42 - 0010278 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\pcDesktopAlertNotifierX.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 08:55
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Owner at 2015-03-15 14:24:57
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: 4.0 - Adobe Systems, Inc.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Any Video Converter 5.7.3 (HKLM\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Any Video Converter Ultimate 4.6.0 (HKLM\...\Any Video Converter Ultimate_is1) (Version: - Any-Video-Converter.com)
Ashampoo Burning Studio 14 (HKLM\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.9 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 8.09 (HKLM\...\Ashampoo Burning Studio 8_is1) (Version: 8.0.9 - ashampoo GmbH & Co. KG)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.3.0.0 - Auslogics Labs Pty Ltd)
BitComet 1.35 (HKLM\...\BitComet) (Version: 1.35 - CometNetwork)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Data Lifeguard Diagnostic for Windows (HKLM\...\{75B61CF0-B8A8-46E2-8709-C4A79898AC1D}) (Version: 1.17 - Western Digital Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Easy Thumbnails (Remove only) (HKLM\...\Easy Thumbnails_is1) (Version: 3.0 - Fookes Software)
Go PDF Reader (HKLM\...\GoPDFReader) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MpcStar 5.3 (HKLM\...\MpcStar) (Version: 5.3 - www.mpcstar.com)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PhotoMail Maker (Version: 6.0.0.1007 - IncrediMail) Hidden
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
RoboForm 7-9-12-2 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-12-2 - Siber Systems)
Roll Around (HKLM\...\Roll Around) (Version: 2.0.5550.37055 - Roll Around)
Speccy (HKLM\...\Speccy) (Version: 1.27 - Piriform)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)
Telstra Broadband Assistant (HKLM\...\Telstra-Telstra Broadband Assistant) (Version: 1.0.2.45 - Telstra Corporation Ltd.)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - 2Wire (2WIREPCP) Net (03/22/2007 2.0) (HKLM\...\E2D312050E630E0CB2650D738A53820EE8BB1A95) (Version: 03/22/2007 2.0 - 2Wire)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
YTD Video Downloader 4.8.9 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_4\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\hpcdmc32.dll (HP)
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_4\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_4\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_4\SkyDriveShell.dll No File
CustomCLSID: HKU\S-1-5-21-754179056-1382982999-2036298953-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Owner\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918_4\FileSyncApi.dll No File
==================== Restore Points =========================
10-02-2015 10:26:27 Revo Uninstaller Pro's restore point - Revo Uninstaller 1.95
11-02-2015 01:07:51 Windows Update
12-02-2015 03:00:16 Windows Update
13-02-2015 01:26:19 Windows Update
13-02-2015 17:20:59 Revo Uninstaller Pro's restore point - Auslogics BoostSpeed 7
16-02-2015 19:24:57 Windows Update
18-02-2015 03:00:33 Windows Update
19-02-2015 12:04:06 Windows Update
21-02-2015 00:33:21 Windows Update
22-02-2015 13:26:23 Windows Update
23-02-2015 11:42:47 Revo Uninstaller Pro's restore point - DriverAssist
23-02-2015 11:48:58 Revo Uninstaller Pro's restore point - DriverUpdate
23-02-2015 11:49:23 Removed DriverUpdate
23-02-2015 12:48:52 Revo Uninstaller Pro's restore point - DriverNavigator 3.6.0
25-02-2015 11:03:04 Windows Update
26-02-2015 23:24:46 Restore Operation
26-02-2015 23:41:25 Windows Update
27-02-2015 03:00:11 Windows Update
27-02-2015 03:34:33 Removed DriverUpdate
27-02-2015 04:33:53 Revo Uninstaller Pro's restore point - Microsoft OneDrive
27-02-2015 12:35:43 Restore Operation
27-02-2015 13:00:10 Windows Update
27-02-2015 15:05:17 Restore Operation
28-02-2015 11:29:56 Revo Uninstaller Pro's restore point - Microsoft OneDrive
02-03-2015 23:31:01 Windows Update
06-03-2015 18:33:50 Windows Update
10-03-2015 08:16:13 Windows Update
10-03-2015 10:01:59 Revo Uninstaller Pro's restore point - Auslogics BoostSpeed 7
12-03-2015 09:37:58 Windows Update
13-03-2015 02:56:08 Revo Uninstaller Pro's restore point - Auslogics DiskDefrag
13-03-2015 03:15:57 Revo Uninstaller Pro's restore point - Auslogics DiskDefrag
13-03-2015 03:18:16 Revo Uninstaller Pro's restore point - Auslogics BoostSpeed 7
13-03-2015 15:54:30 Restore Operation
14-03-2015 11:21:20 Windows Update
14-03-2015 12:20:27 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 18:23 - 2006-09-19 05:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {14FF1700-BA4C-4FC0-A89D-96D97D103D00} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....NNICMJNDJCMKJBJ"
Task: {1C4A8493-30A2-47E5-9BE8-C1D793217A0D} - System32\Tasks\{C7C592A1-4609-49D9-8CAB-B26A0395DBCE} => C:\Program Files\IncrediMail\Bin\IncMail.exe [2014-01-09] (IncrediMail, Ltd.)
Task: {3043F7F1-BD5D-4537-9DAD-CDDE8B72A895} - System32\Tasks\{DED62F59-5C9E-4A85-8440-E42E28096822} => C:\Users\Owner\Downloads\OneDriveSetup.exe
Task: {4B39CC67-88E0-42F3-9EEB-BE01803A9BA9} - System32\Tasks\{F4C92BD5-C5A1-4437-AAC2-A55EBA33700D} => C:\Program Files\BitComet\BitComet.exe [2013-02-19] (www.BitComet.com)
Task: {4E2457F0-FD21-4BBA-9C6B-C0D720361F57} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe <==== ATTENTION
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {662D36BA-5126-470B-93F1-C778D97D1541} - System32\Tasks\{5D97E633-0979-482E-A862-CD2D354C08F3} => C:\Program Files\PeerBlock\peerblock.exe
Task: {6F10174E-7813-4D82-8392-41E4C0F07EC9} - System32\Tasks\{8B5D59BA-6195-43B8-84B0-76396BA7F967} => pcalua.exe -a C:\Users\Owner\Downloads\Applications-programs\wlsetup-web.exe -d C:\Users\Owner\Downloads\Applications-programs
Task: {73A8D239-58D8-422A-A629-F56AD0C0B5F7} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform....IGJKJMIBNKJHIKJ"
Task: {76121EEE-434C-42DF-AC87-7EB6999EFA2E} - System32\Tasks\Google Update => C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {76C99D68-08EF-43FD-9F51-32E57849B17E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {7E2B0592-029A-48DE-BFA8-9C7459D4165E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-20] (Piriform Ltd)
Task: {7F86EC89-2379-40C3-BF09-88524471D169} - System32\Tasks\{6ABA9986-39C4-4B3E-93C5-974D78626616} => C:\Program Files\PeerBlock\peerblock.exe
Task: {8988B3B0-EF01-4FC2-8D61-C20A0C40EE29} - System32\Tasks\{EF80D55A-55E2-4909-AFCB-8CC9B9AC6FF5} => pcalua.exe -a D:\AutoRunPro.exe -d D:\
Task: {9235BC52-CEBC-45B2-89BB-39CB3BB856E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-01-16] (Google Inc.)
Task: {A2A18C4E-47D9-43CF-A655-070DCED2F16C} - System32\Tasks\{BA1F71DD-E433-457D-808E-DEE68AA0A978} => C:\Program Files\PeerBlock\peerblock.exe
Task: {A693FE78-1400-4476-BA81-DFB740F259FC} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {B26F1A4E-7303-49E0-B90A-556917C4829E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-02-14] (Siber Systems)
Task: {B3C0CC0A-A52B-43D4-83F9-319AB1AB2F13} - System32\Tasks\{13E4E255-40ED-4E85-A5BB-3CF5AAB139D0} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {B6893B4B-20AA-4829-A509-7ADC1620747B} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {BF95D427-4AA6-4CD3-AFE4-20795D2A668A} - System32\Tasks\{91B9C5A7-30E2-4EF3-A54B-EE275C8D90F3} => C:\Program Files\BitComet\BitComet.exe [2013-02-19] (www.BitComet.com)
Task: {C909153A-723A-48E2-A3A3-0AA7BA0457A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F141A988-0079-4D2B-A455-03886C5FBED7} - System32\Tasks\{A5FB1139-C3BA-43CB-B27B-EF5EF604DBFA} => C:\Program Files\PeerBlock\peerblock.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2010-02-01 12:20 - 2007-05-14 10:54 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-11-08 07:58 - 2013-11-08 07:58 - 00244736 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-11-08 07:58 - 2013-11-08 07:58 - 00271360 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2013-11-08 07:57 - 2013-11-08 07:57 - 00237056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2013-04-24 21:55 - 2013-04-24 21:55 - 01581056 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\libxmljs\build\Release\xmljs.node
2013-04-19 06:55 - 2013-04-19 06:55 - 00068608 _____ () C:\Program Files\Telstra Broadband Assistant\1.0.2.45\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2015-03-14 16:35 - 2015-03-14 16:35 - 00145648 _____ () C:\Program Files\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll
2015-03-14 12:35 - 2015-03-14 22:35 - 00388848 _____ () C:\Program Files\Common Files\2a617352-d396-46a3-a71b-5d89535356cf\updater.exe
2015-03-14 12:35 - 2015-03-14 22:35 - 00581360 _____ () C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugincontainer.exe
2015-03-15 13:14 - 2015-03-15 13:14 - 00469776 _____ () C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\3\plugin.exe
2015-03-15 03:46 - 2015-03-15 03:46 - 00564496 _____ () C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\5\plugin.exe
2015-03-15 13:14 - 2015-03-15 13:14 - 00510736 _____ () C:\ProgramData\2a617352-d396-46a3-a71b-5d89535356cf\plugins\8\plugin.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-754179056-1382982999-2036298953-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Canon IJ Status Monitor Canon iP4500 series.lnk => C:\Windows\pss\Canon IJ Status Monitor Canon iP4500 series.lnk.Startup
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: InCD => C:\Program Files\Nero\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SecurDisc => C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
==================== Accounts: =============================
Administrator (S-1-5-21-754179056-1382982999-2036298953-500 - Administrator - Disabled)
Guest (S-1-5-21-754179056-1382982999-2036298953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-754179056-1382982999-2036298953-1002 - Limited - Enabled)
Owner (S-1-5-21-754179056-1382982999-2036298953-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/15/2015 02:05:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17689, time stamp: 0x54e68526
Faulting module name: 83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll, version: 1.0.5551.2856, time stamp: 0x5503f2c5
Exception code: 0xc0000005
Fault offset: 0x00004be5
Faulting process id: 0x60f8
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (03/15/2015 01:14:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/15/2015 01:13:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error
Error: (03/15/2015 01:13:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error
Error: (03/15/2015 03:45:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/15/2015 03:44:54 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error
Error: (03/15/2015 03:44:52 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows cannot load classes registry file.
DETAIL - Unspecified error
Error: (03/14/2015 06:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: burningstudio14.exe, version: 14.0.9.8, time stamp: 0x5448cb0f
Faulting module name: brtcdau.dll, version: 11.0.3.0, time stamp: 0x5448caa9
Exception code: 0xc0000005
Fault offset: 0x00515146
Faulting process id: 0x27b0
Faulting application start time: 0xburningstudio14.exe0
Faulting application path: burningstudio14.exe1
Faulting module path: burningstudio14.exe2
Report Id: burningstudio14.exe3
Error: (03/14/2015 04:45:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: burningstudio14.exe, version: 14.0.9.8, time stamp: 0x5448cb0f
Faulting module name: brtcdau.dll, version: 11.0.3.0, time stamp: 0x5448caa9
Exception code: 0xc0000005
Fault offset: 0x00515146
Faulting process id: 0xe3c
Faulting application start time: 0xburningstudio14.exe0
Faulting application path: burningstudio14.exe1
Faulting module path: burningstudio14.exe2
Report Id: burningstudio14.exe3
Error: (03/14/2015 04:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: burningstudio14.exe, version: 14.0.9.8, time stamp: 0x5448cb0f
Faulting module name: brtcdau.dll, version: 11.0.3.0, time stamp: 0x5448caa9
Exception code: 0xc0000005
Fault offset: 0x00515146
Faulting process id: 0x2528
Faulting application start time: 0xburningstudio14.exe0
Faulting application path: burningstudio14.exe1
Faulting module path: burningstudio14.exe2
Report Id: burningstudio14.exe3
System errors:
=============
Error: (03/15/2015 01:13:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd
Error: (03/15/2015 01:12:27 PM) (Source: sptd) (EventID: 4) (User: )
Description: Driver detected an internal error in its data structures for .
Error: (03/15/2015 09:11:07 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (03/15/2015 06:14:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.193.2682.0).
Error: (03/15/2015 06:14:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.193.2677.0
Update Source: %NT AUTHORITY59
Update Stage: 4.7.0205.00
Source Path: 4.7.0205.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (03/15/2015 04:41:25 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Error: (03/15/2015 04:41:25 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Error: (03/15/2015 04:41:25 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Error: (03/15/2015 03:54:44 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
%%5
Error: (03/15/2015 03:54:34 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Microsoft Office Sessions:
=========================
Error: (03/15/2015 02:05:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1768954e6852683c0e288-8fa0-43d3-acc7-c1e839d85abc.dll1.0.5551.28565503f2c5c000000500004be560f801d05ee53754e6b8C:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Roll Around\Extensions\83c0e288-8fa0-43d3-acc7-c1e839d85abc.dll4987f750-cad9-11e4-9b3f-001fd0104780
Error: (03/15/2015 01:14:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/15/2015 01:13:26 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error
Error: (03/15/2015 01:13:17 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error
Error: (03/15/2015 03:45:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/15/2015 03:44:54 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error
Error: (03/15/2015 03:44:52 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Unspecified error
Error: (03/14/2015 06:37:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: burningstudio14.exe14.0.9.85448cb0fbrtcdau.dll11.0.3.05448caa9c00000050051514627b001d05e42cba06699C:\Program Files\Ashampoo\Ashampoo Burning Studio 14\burningstudio14.exeC:\Program Files\Ashampoo\Ashampoo Burning Studio 14\brtcdau.dll21222678-ca36-11e4-8e8d-001fd0104780
Error: (03/14/2015 04:45:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: burningstudio14.exe14.0.9.85448cb0fbrtcdau.dll11.0.3.05448caa9c000000500515146e3c01d05e333bfc6fcaC:\Program Files\Ashampoo\Ashampoo Burning Studio 14\burningstudio14.exeC:\Program Files\Ashampoo\Ashampoo Burning Studio 14\brtcdau.dll87d24738-ca26-11e4-8e8d-001fd0104780
Error: (03/14/2015 04:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: burningstudio14.exe14.0.9.85448cb0fbrtcdau.dll11.0.3.05448caa9c000000500515146252801d05e32d6ce61a5C:\Program Files\Ashampoo\Ashampoo Burning Studio 14\burningstudio14.exeC:\Program Files\Ashampoo\Ashampoo Burning Studio 14\brtcdau.dll57ceecfe-ca26-11e4-8e8d-001fd0104780
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU E8500 @ 3.16GHz
Percentage of memory in use: 77%
Total physical RAM: 2046.49 MB
Available physical RAM: 453.95 MB
Total Pagefile: 4092.98 MB
Available Pagefile: 1978.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:746.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 31AF88A9)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ricky
Edited by Ricky_22, 15 March 2015 - 12:34 AM.