Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My computer is infected with Malware! Please help! [Closed]

windows7 pc

  • This topic is locked This topic is locked

#1
wbarnds

wbarnds

    New Member

  • Member
  • Pip
  • 1 posts

Hey guys,

 

After doing some research I've found that this forum is a very helpful way to get malware removed from my PC. I hope somebody can help me out.  I use my PC primarily to work with DAWs as I work at a recording studio. Lately, the PC has been taking a much longer time to boot up than it used to.  Furthermore, we get pop-ups daily from viruses like "Advanced System Protector" and others.  Thanks in advance to whoever can help out!

 

FRST.txt and Addition.txt are attached.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by PCAudioLabs User (administrator) on PCAUDIOLABS-DAW on 09-04-2015 11:41:21
Running from C:\Users\PCAudioLabs User\Desktop
Loaded Profiles: PCAudioLabs User (Available profiles: PCAudioLabs User & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Drobo, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
() C:\Program Files (x86)\IDriveWindows\idwservice_600.exe
() C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
(Mediafour Corporation) C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Systweak) C:\Program Files (x86)\Right Backup\RBClientService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
( ) C:\Program Files (x86)\IDriveWindows\idw_web.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Systweak) C:\Program Files (x86)\Right Backup\RightBackup.exe
() C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(RME) C:\Windows\System32\hdsp32.exe
(RME) C:\Windows\System32\hdspmix.exe
(Mediafour Corporation) C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe
(Hightail Inc.) C:\Program Files (x86)\Hightail Desktop App\Hightail.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Pro Softnet Corporation) C:\Program Files (x86)\IDriveWindows\idwbg_600.exe
(Prosoftnet Corp) C:\Program Files (x86)\IDriveWindows\idrivetray.exe
(Drobo, Inc.) C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe
(Lynx Studio Technology, Inc.) C:\Program Files\Lynx Studio Technology\LynxTrayVolume.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(Dropbox, Inc.) C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Universal Audio, Inc.) C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe
() C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX Software GmbH) C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\Sam_x64.exe
() C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\Bridge32_v103.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-04-05] (Realtek Semiconductor)
HKLM\...\Run: [HDSPTray1] => C:\Windows\system32\hdsp32.exe [647680 2011-07-12] (RME)
HKLM\...\Run: [HDSPTray2] => C:\Windows\system32\hdspmix.exe [1158144 2011-07-12] (RME)
HKLM\...\Run: [MacDrive 8 application] => C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [193536 2010-10-08] (Mediafour Corporation)
HKLM\...\Run: [Getting started with MacDrive 8] => C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe [146432 2010-10-08] (Mediafour Corporation)
HKLM\...\Run: [Hightail Sync Agent] => C:\Program Files (x86)\Hightail Desktop App\Hightail.exe [7040056 2013-10-28] (Hightail Inc.)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe [7715160 2014-06-03] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [43632 2011-04-07] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\idwbg_600.exe [43608 2013-07-04] (Pro Softnet Corporation)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\idrivetray.exe [851032 2013-07-05] (Prosoftnet Corp)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [UATrayIcon] => C:\Program Files (x86)\Universal Audio\Powered Plugins\UATrayIcon.exe [1484800 2014-11-06] (Universal Audio, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EaseUS TB Tray Agent] => C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe [253992 2014-12-15] ()
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2676584 2011-09-09] (Hewlett-Packard Co.)
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\idwbg_600.exe [43608 2013-07-04] (Pro Softnet Corporation)
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\idrivetray.exe [851032 2013-07-05] (Prosoftnet Corp)
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\Run: [DDAssist] => C:\Program Files (x86)\Drobo\Drobo Dashboard\DDAssist.exe [623392 2015-03-17] (Drobo, Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lynx Tray Volume.lnk
ShortcutTarget: Lynx Tray Volume.lnk -> C:\Program Files\Lynx Studio Technology\LynxTrayVolume.exe (Lynx Studio Technology, Inc.)
Startup: C:\Users\PCAudioLabs User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\Users\PCAudioLabs User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001YSISyncComplete] -> {89B5F9CC-C4A2-462C-BD27-29CEAC972135} => C:\Program Files (x86)\Hightail Desktop App\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002YSISyncActive] -> {84B7BDFB-C50A-4335-B7C2-8AEC454F9E25} => C:\Program Files (x86)\Hightail Desktop App\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003YSISyncError] -> {306A9CDE-AC70-453A-8008-B5F9962B8F88} => C:\Program Files (x86)\Hightail Desktop App\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004YSILocalOnly] -> {23A7D2DC-F395-4E33-876C-84A2DFAB0EBB} => C:\Program Files (x86)\Hightail Desktop App\YSINSE64.dll (Hightail Inc.)
ShellIconOverlayIdentifiers: [{6570C58B-C08B-46AD-AA82-2369B0D1B627}] -> MacDrive volume icons =>  No File
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001YSISyncComplete] -> {89B5F9CC-C4A2-462C-BD27-29CEAC972135} => C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002YSISyncActive] -> {84B7BDFB-C50A-4335-B7C2-8AEC454F9E25} => C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003YSISyncError] -> {306A9CDE-AC70-453A-8008-B5F9962B8F88} => C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004YSILocalOnly] -> {23A7D2DC-F395-4E33-876C-84A2DFAB0EBB} => C:\Program Files (x86)\Hightail Desktop App\YSINSE.dll (Hightail Inc.)
BootExecute: sasnative64autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...A6945F586&SSPV=
HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
URLSearchHook: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001 - (No Name) - {90a1b331-c2b4-4933-9f63-ba7b84d60d58} - No File
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {C9C184A4-A45B-4EE5-B7FF-B902DC2C2D02} URL =
SearchScopes: HKLM-x32 -> DefaultScope {C9C184A4-A45B-4EE5-B7FF-B902DC2C2D02} URL =
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=01-05-2013
SearchScopes: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001 -> DefaultScope {C9C184A4-A45B-4EE5-B7FF-B902DC2C2D02} URL = http://search.condui...A6945F586&SSPV=
SearchScopes: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...mrud=01-05-2013
SearchScopes: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001 -> {7CA05954-BEFC-4273-A7BD-B3BD44D976FB} URL = http://search.condui...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001 -> {C9C184A4-A45B-4EE5-B7FF-B902DC2C2D02} URL = http://search.condui...A6945F586&SSPV=
BHO: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll [2014-06-04] ()
BHO-x32: 50Cuoupons -> {3D3FF3BF-6FEA-D4B7-722B-ADB13F86EF4D} -> C:\ProgramData\50Cuoupons\ZNpkY.dll [2014-05-22] ()
BHO-x32: CoupExtEnsIon -> {6E661A25-49CF-6372-151A-2CE6EB10E59B} -> C:\ProgramData\CoupExtEnsIon\cyA8eUw.dll [2014-04-21] ()
BHO-x32: DownSavve -> {744EBB59-169D-2D0C-95B9-07E7AA83968A} -> C:\ProgramData\DownSavve\l6.dll [2014-05-21] ()
BHO-x32: cuoontinuueetoossaavee -> {BC988A52-6E9F-A8D2-3BFE-60F5D2C87A7F} -> C:\ProgramData\cuoontinuueetoossaavee\51813533614cd.dll [2013-05-01] ()
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll [2014-06-04] ()
Toolbar: HKLM-x32 - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll [2012-02-10] (Microsoft Corporation.)
DPF: HKLM-x32 {8167C273-DF59-4416-B647-C8BB2C7EE83E} http://liveupdate.ms...CAB/install.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 10.1.10.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @ilok.com/iLokHelper,version=3.1.0.7 -> C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll [2010-11-08] ( PACE Anti-Piracy, Inc)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-01] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-03-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-03-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-03-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-03-07] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-03-07] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml [2013-05-01]
FF Extension: SySaver - C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected] [2013-07-05]

Chrome:
=======
CHR Profile: C:\Users\PCAudioLabs User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\PCAudioLabs User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08]
CHR Extension: (MixiDJ V44) - C:\Users\PCAudioLabs User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpfboklmeiefoedekjeigdcnfbpjeaii [2014-08-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PCAudioLabs User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-02]
CHR Extension: (Google Wallet) - C:\Users\PCAudioLabs User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-12]
CHR HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bpfboklmeiefoedekjeigdcnfbpjeaii] - C:\Users\PCAudioLabs User\AppData\Local\CRE\bpfboklmeiefoedekjeigdcnfbpjeaii.crx [2013-06-13]
CHR HKLM-x32\...\Chrome\Extension: [bpfboklmeiefoedekjeigdcnfbpjeaii] - C:\Users\PCAudioLabs User\AppData\Local\CRE\bpfboklmeiefoedekjeigdcnfbpjeaii.crx [2013-06-13]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Betcat\WebCakeLayers.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [53320 2014-11-13] (Just Develop It) <==== ATTENTION
R2 DDService; C:\Program Files (x86)\Drobo\Drobo Dashboard\DDService.exe [2053920 2015-03-17] (Drobo, Inc.)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37416 2014-12-15] (CHENGDU YIWO Tech Development Co., Ltd)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\idwservice_600.exe [182872 2013-07-04] ()
R2 IDWAdmin; C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe [125528 2013-07-04] ()
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe [706864 2014-06-03] ()
R2 M4LIC; C:\Program Files (x86)\Common Files\Mediafour\M4LIC.EXE [205312 2009-04-30] (Mediafour Corporation) [File not signed]
R2 MacDrive8Service; C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [149504 2010-10-08] (Mediafour Corporation) [File not signed]
R2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-11] (Systweak)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdfNdisf; c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [93160 2014-04-22] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [102992 2014-04-22] (BitDefender LLC)
R1 CBDisk; C:\Windows\system32\drivers\CBDisk.sys [70344 2010-05-12] (EldoS Corporation)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R3 hdsp; C:\Windows\System32\drivers\hdsp_64.sys [101376 2011-07-12] (RME)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2013-04-11] ()
R3 LynxWDM; C:\Windows\System32\DRIVERS\LynxV264.sys [334688 2014-03-25] (Lynx Studio Technology, Inc.)
R0 MDFSYSNT; C:\Windows\System32\Drivers\MDFSYSNT.sys [307888 2010-10-07] (Mediafour Corporation)
R0 MDPMGRNT; C:\Windows\System32\DRIVERS\MDPMGRNT.SYS [32424 2010-10-21] (Mediafour Corporation)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios64_100507.sys [33592 2010-05-10] (Your Corporation)
S3 NTIOLib_1_0_8; C:\Program Files\MSI\MSIWDev\NTIOLib_X64.sys [11888 2011-01-27] (MSI) [File not signed]
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 UAD2Pcie; C:\Windows\System32\DRIVERS\UAD2Pcie.sys [48640 2014-11-06] (Universal Audio Inc.)
R3 UAD2System; C:\Windows\System32\DRIVERS\UAD2System.sys [94208 2014-11-06] (Universal Audio Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 11:41 - 2015-04-09 11:41 - 00026073 _____ () C:\Users\PCAudioLabs User\Desktop\FRST.txt
2015-04-09 11:40 - 2015-04-09 11:41 - 00000000 ____D () C:\FRST
2015-04-09 11:36 - 2015-04-09 11:36 - 02095616 _____ (Farbar) C:\Users\PCAudioLabs User\Desktop\FRST64.exe
2015-04-08 14:53 - 2015-04-08 14:53 - 00001195 _____ () C:\Users\Public\Desktop\Codec Toolbox Manager.exe.lnk
2015-04-08 14:53 - 2015-04-08 14:53 - 00000000 ____D () C:\Program Files (x86)\Sonnox
2015-04-08 14:51 - 2015-04-08 14:53 - 00000000 ____D () C:\Program Files\Common Files\Sonnox
2015-04-08 14:51 - 2015-04-08 14:51 - 00000000 ____D () C:\Program Files\Sonnox
2015-04-08 14:35 - 2015-04-08 14:38 - 56710667 _____ (Sonnox Ltd, Oxford, UK ) C:\Users\PCAudioLabs User\Downloads\NVTSUPP5v2-1-3 (1).exe
2015-04-04 13:53 - 2015-04-04 13:53 - 68894806 _____ () C:\Users\PCAudioLabs User\Downloads\Not The End Of The World Spike FIX_02.wav
2015-04-04 13:51 - 2015-04-08 14:53 - 00000000 ____D () C:\Users\PCAudioLabs User\Documents\Sonnox
2015-04-04 13:51 - 2015-04-04 13:51 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\Sonnox
2015-04-03 13:44 - 2015-04-09 10:54 - 00003076 _____ () C:\Windows\System32\Tasks\Advanced~System Protector_startup
2015-04-03 13:44 - 2015-04-03 13:44 - 00001014 _____ () C:\Users\Public\Desktop\Advanced~System Protector.lnk
2015-04-03 13:44 - 2015-04-03 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced~System Protector
2015-04-03 13:22 - 2015-04-03 13:25 - 731326948 _____ () C:\Users\PCAudioLabs User\Downloads\raxtrax-4249c8.zip
2015-04-03 12:28 - 2015-04-03 12:31 - 901012654 _____ () C:\Users\PCAudioLabs User\Downloads\baselineaudio-25fe8b.zip
2015-04-01 13:47 - 2015-04-01 13:47 - 00880208 _____ (Google Inc.) C:\Users\PCAudioLabs User\Downloads\ChromeSetup.exe
2015-04-01 13:40 - 2015-04-01 13:40 - 00002012 _____ () C:\Users\Public\Desktop\Drobo Dashboard.lnk
2015-04-01 13:40 - 2015-04-01 13:40 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\Drobo
2015-04-01 13:40 - 2015-04-01 13:40 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Local\Drobo Dashboard
2015-04-01 13:40 - 2015-04-01 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drobo
2015-04-01 13:40 - 2015-04-01 13:40 - 00000000 ____D () C:\ProgramData\Drobo
2015-04-01 13:40 - 2015-04-01 13:40 - 00000000 ____D () C:\Program Files (x86)\Drobo
2015-03-17 10:56 - 2015-03-17 10:59 - 148275870 _____ () C:\Users\PCAudioLabs User\Downloads\sol_mastered.zip
2015-03-17 10:53 - 2015-03-17 10:56 - 148275870 _____ () C:\Users\PCAudioLabs User\Downloads\sol_unmastered.zip
2015-03-13 01:04 - 2015-03-17 10:59 - 92492932 _____ () C:\Users\PCAudioLabs User\Desktop\09 Back on You MASTER v5.wav
2015-03-13 01:04 - 2015-03-17 10:59 - 55782532 _____ () C:\Users\PCAudioLabs User\Desktop\06 Summon the NSA Love MASTER v5.wav
2015-03-13 00:56 - 2015-03-17 10:58 - 92492932 _____ () C:\Users\PCAudioLabs User\Desktop\09 Back on You MASTER v3.wav
2015-03-13 00:56 - 2015-03-17 10:58 - 55782532 _____ () C:\Users\PCAudioLabs User\Desktop\06 Summon the NSA Love MASTER v3.wav
2015-03-11 10:03 - 2015-03-11 10:03 - 33950937 _____ () C:\Users\PCAudioLabs User\Downloads\02 Track 02.aif
2015-03-11 10:03 - 2015-03-11 10:03 - 29016441 _____ () C:\Users\PCAudioLabs User\Downloads\03 Track 03.aif

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 10:56 - 2009-07-13 23:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 10:56 - 2009-07-13 23:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 10:56 - 2009-07-13 21:34 - 00000572 _____ () C:\Windows\win.ini
2015-04-09 10:55 - 2011-03-29 17:54 - 01751051 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 10:54 - 2015-02-04 12:38 - 00003068 _____ () C:\Windows\System32\Tasks\Right Backup_startup
2015-04-09 10:54 - 2014-08-12 12:44 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-09 10:54 - 2013-07-11 10:03 - 00000000 ____D () C:\Program Files (x86)\IDriveWindows
2015-04-09 10:54 - 2012-10-05 14:41 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox
2015-04-09 10:53 - 2009-07-14 00:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 10:52 - 2014-08-12 12:44 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-09 10:49 - 2014-09-02 12:40 - 00020669 _____ () C:\Windows\setupact.log
2015-04-09 10:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 10:28 - 2011-03-29 17:58 - 00003998 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{48BF8DB3-3AAC-437A-BBB5-F52142851E08}
2015-04-09 10:26 - 2012-10-05 14:41 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-08 16:48 - 2013-04-23 16:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-08 15:02 - 2014-09-02 11:06 - 00000290 _____ () C:\Windows\Tasks\Tuneup Pro_DEFAULT.job
2015-04-08 15:01 - 2014-09-02 11:05 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\Tuneup Pro
2015-04-08 14:51 - 2012-03-31 16:50 - 00000000 ____D () C:\Program Files\VSTPlugIns
2015-04-08 14:48 - 2011-07-12 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonnox Plugins
2015-04-08 14:34 - 2015-01-28 18:25 - 00003072 _____ () C:\Users\PCAudioLabs User\PaceKeyChain
2015-04-04 15:34 - 2011-07-12 13:36 - 00000000 ____D () C:\Program Files (x86)\VSTPlugIns
2015-04-04 15:29 - 2013-04-15 17:52 - 00000000 ___HD () C:\Users\PCAudioLabs User\AppData\Local\MDbIQr1o
2015-04-04 15:15 - 2015-01-28 18:11 - 00001986 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iLok License Manager.lnk
2015-04-04 15:15 - 2015-01-28 18:11 - 00001974 _____ () C:\Users\Public\Desktop\iLok License Manager.lnk
2015-04-04 15:15 - 2015-01-28 18:11 - 00000000 ____D () C:\Program Files (x86)\iLok License Manager
2015-04-03 13:48 - 2014-09-02 11:06 - 00000000 ____D () C:\Program Files (x86)\ASP
2015-04-03 13:44 - 2014-09-02 11:06 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\systweak
2015-04-03 13:44 - 2014-09-02 11:06 - 00000000 ____D () C:\ProgramData\Systweak
2015-04-02 11:50 - 2014-03-05 14:13 - 00000016 _____ () C:\Windows\system32\w3data.vss
2015-04-02 11:50 - 2014-03-05 14:13 - 00000016 _____ () C:\Windows\system32\msvcsv60.dll
2015-04-02 11:50 - 2014-03-05 14:13 - 00000016 _____ () C:\Windows\msocreg32.dat
2015-04-02 11:50 - 2014-03-05 14:13 - 00000016 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\msregsvv.dll
2015-04-02 11:50 - 2014-03-05 14:13 - 00000016 _____ () C:\ProgramData\autobk.inc
2015-04-01 13:47 - 2014-08-12 12:45 - 00002228 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-01 13:47 - 2014-08-12 12:44 - 00003914 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-04-01 13:47 - 2014-08-12 12:44 - 00003662 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-04-01 13:40 - 2013-10-31 11:05 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Local\Downloaded Installations
2015-03-19 13:22 - 2011-07-12 15:23 - 00000000 ____D () C:\Users\PCAudioLabs User\AppData\Roaming\DDP_Creator
2015-03-18 11:06 - 2014-09-02 11:06 - 00000298 _____ () C:\Windows\Tasks\Tuneup Pro_UPDATES.job
2015-03-17 10:59 - 2014-09-02 11:06 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2015-03-10 10:35 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2014-03-05 14:13 - 2015-04-02 11:50 - 0000016 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\msregsvv.dll
2011-07-11 16:53 - 2011-07-11 16:53 - 0007605 _____ () C:\Users\PCAudioLabs User\AppData\Local\Resmon.ResmonCfg
2012-09-12 17:36 - 2012-09-12 17:36 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-03-05 14:13 - 2015-04-02 11:50 - 0000016 _____ () C:\ProgramData\autobk.inc
2014-03-18 13:19 - 2014-02-19 02:51 - 1732608 _____ (Waves Audio Ltd.) C:\ProgramData\WaveShell-VST 9.2.dll

Files to move or delete:
====================
C:\ProgramData\WaveShell-VST 9.2.dll


Some content of TEMP:
====================
C:\Users\PCAudioLabs User\AppData\Local\Temp\4cd77d9d-6873-4743-86d2-159e8752db28.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\air345A.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\air7DC9.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\airD1A.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\AuConv.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\AuConvEx.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\BackupSetup.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\Boot.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\BootDriver.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\BundleSweetIMSetup.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\Burn.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\checktbexist.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\DataMana.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\ddpc3120x64.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\ddpc3130x64.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\DevCtrl.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzd7_1o.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\FatLib.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\ffmpeg15.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\GetDriverInfo.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\grubinst.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\installhelper.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\ISOExport.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\MSVCP60.DLL
C:\Users\PCAudioLabs User\AppData\Local\Temp\MybabylonTB.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\propsys.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\RecLib.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\SPStub.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\switchsetup.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\syslinux.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\temp.exe
C:\Users\PCAudioLabs User\AppData\Local\Temp\UserRes.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\UserResEx.dll
C:\Users\PCAudioLabs User\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-07 11:44

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by PCAudioLabs User at 2015-04-09 11:41:39
Running from C:\Users\PCAudioLabs User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced File Optimizer (HKLM-x32\...\Advanced File Optimizer_is1) (Version: 2.1.1000.14739 - Systweak Software)
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~34F3174E_is1) (Version: 2.1.1000.15330 - systweak.com) <==== ATTENTION
Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~4A5BE654_is1) (Version: 2.1.1000.14821 - systweak.com) <==== ATTENTION
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.2.137 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{47B188E2-2447-5C40-15B6-9D49DC90BF5B}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
bx_cleansweep V2 2.4.1 (HKLM\...\bx_cleansweep V2_is1) (Version:  - Plugin Alliance)
bx_solo 1.5.1 (HKLM\...\bx_solo_is1) (Version:  - Plugin Alliance)
ClipShifter version 2.2.4 (HKLM\...\ClipShifter_is1) (Version: 2.2.4 - )
CodeMeter Runtime Kit v4.01 (HKLM\...\{8FB74148-70B2-4357-9A9E-3B3C44E25D97}) (Version: 4.1.169.500 - WIBU-SYSTEMS AG)
Custom Shop version 1.4.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.4.0 - IK Multimedia)
Disketch Disc Label Software (HKLM-x32\...\Disketch) (Version:  - NCH Software)
DMGAudio EQuilibrium 1.07 (HKLM-x32\...\DMGAudio EQuilibrium_is1) (Version:  - DMGAudio)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
Drobo Dashboard (HKLM-x32\...\{863885B3-7C05-421C-8817-568712778745}) (Version: 2.6.6 - Drobo)
Dropbox (HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
EaseUS Todo Backup Free 8.0  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.0 - CHENGDU YIWO Tech Development Co., Ltd)
elysia mpressor 1.3.1 (HKLM\...\elysia mpressor_is1) (Version:  - Plugin Alliance)
elysia niveau filter 1.3.1 (HKLM\...\elysia niveau filter_is1) (Version:  - Plugin Alliance)
FabFilter Pro-L 1.13 (HKLM-x32\...\FabFilter Pro-L 1.13) (Version:  - )
FabFilter Pro-MB 1.00 (64-bit) (HKLM-x32\...\FabFilter Pro-MB 1.00 (64-bit)) (Version:  - )
FabFilter Pro-Q 2.01 (64-bit) (HKLM-x32\...\FabFilter Pro-Q 2.01 (64-bit)) (Version:  - )
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Genelec Loudspeaker Manager 1_4_3 (HKLM-x32\...\1_is1) (Version: 1.4.3 - Genelec Oy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hightail Desktop App (HKLM\...\{A1B827F9-8A85-4DEE-8E72-3CF347F71999}) (Version: 2.4.7.1621 - Hightail)
HotPhuzz version 1.0.2 (HKLM\...\HotPhuzz_is1) (Version: 1.0.2 - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 Basic Device Software (HKLM\...\{2D5E3D2B-919F-407C-8757-E64827518BB6}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Help (HKLM-x32\...\{B6F5C6D8-C443-4B55-932F-AE11B5743FC4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{F792E5B0-11C4-4C68-8A63-FB5F52749180}) (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
IK Multimedia Authorization Manager version 1.0.9 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.9 - IK Multimedia)
iLivid (x32 Version: 1.92.0.117387 - Bandoo Media Inc.) Hidden <==== ATTENTION
iLok Client Helper (x32 Version: 5.9.1 - PACE Anti-Piracy, Inc.) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.1 - PACE Anti-Piracy, Inc.)
ISRCView (HKLM-x32\...\{FFC487F5-4C95-4DC5-8B4F-A0265B2EBA30}) (Version: 1.04.0003 - Clover Systems)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Lynx Version 2 Driver (Remove Only) (HKLM\...\LynxWDM) (Version:  - Lynx Studio Technology, Inc.)
MacDrive 8 (HKLM\...\{954AB6B3-B4B4-43C0-9355-DE8A888446D4}) (Version: 8.0.7.38 - Mediafour Corporation)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7256 - Paramount Software (UK) Ltd.) Hidden
MAGIX Burn routines (64-Bit) (HKLM\...\{49146694-5F5F-4B1F-AD15-6587F47A0FD7}) (Version: 9.0.0.212 - MAGIX AG)
MAGIX Burn routines (HKLM\...\{712D74A5-4C3D-41E6-A850-1696E54B28CD}) (Version: 11.0.0.237 - MAGIX AG)
MAGIX Low Latency Driver (64-Bit) (HKLM\...\{42976FDB-5756-4077-A491-095F228E99E2}) (Version: 2.10.2011.0 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{29F291A9-F1FB-4DD3-A72D-CF15A486CD90}) (Version: 7.0.1.27 - MAGIX AG)
Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MixiDJ V44 Toolbar (HKLM-x32\...\MixiDJ_V44 Toolbar) (Version: 6.14.0.27 - MixiDJ V44) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
OptimizerPro (HKLM\...\OptimizerPro) (Version: 1.0 - BetterSoft) <==== ATTENTION
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.) Hidden
PC Cleaner (HKLM-x32\...\{25780A42-8553-4a2e-AA54-F413C5D8DA19}_is1) (Version: 2.1.1000.518 - Systweak Software)
PreAMPed version 1.0.4 (HKLM\...\PreAMPed_is1) (Version: 1.0.4 - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6316 - Realtek Semiconductor Corp.)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4398 - Systweak Software)
RME Hammerfall DSP (WDM) (HKLM\...\HDSP) (Version: 3.2.4.0 - RME Intelligent Audio Solutions)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samplitude 11 Pro (HKLM-x32\...\{4C70CE93-4C70-4547-BCB9-A754F16CD227}) (Version: 11.0.1.0 - MAGIX AG)
Samplitude Pro X Download Version (HKLM-x32\...\MAGIX_MSI_SamProX) (Version: 12.0.0.59 - MAGIX AG)
Samplitude Pro X Download Version (x32 Version: 12.0.0.59 - MAGIX AG) Hidden
Samplitude Pro X Pulse Responses for Samplitude Pro X Download Version (HKLM-x32\...\{B81DDFE5-5555-37CC-B421-601C0D1033C7}) (Version: 1.1.0.0 - MAGIX AG)
Samplitude Pro X Update (Version: 12.4.0.242 - MAGIX AG) Hidden
Samplitude Pro X Update (Version: 12.5.1.272 - MAGIX AG) Hidden
Samplitude Pro X Update (Version: 12.5.2.284 - MAGIX Software GmbH) Hidden
Sonnox Fraunhofer Codec Toolbox v1.0.6 (HKLM\...\Sonnox Fraunhofer Codec Toolbox v1.0.6_is1) (Version: 1.0.6 - Sonnox Ltd, Oxford, UK)
Sonnox Oxford SuprEsser for Native VST v1.2.2 (HKLM-x32\...\Sonnox Oxford SuprEsser for Native VST v1.2.2_is1) (Version: 1.2.2 - Sonnox Ltd, Oxford, UK)
Sonnox Oxford SuprEsser for Native VST v2.1.3 (HKLM\...\Sonnox Oxford SuprEsser for Native VST v2.1.3_is1) (Version: 2.1.3 - Sonnox Ltd, Oxford, UK)
Sonoris DDP Creator (HKLM-x32\...\Sonoris DDP Creator) (Version:  - Sonoris Audio Engineering)
Sonoris DDP Creator 64bit (HKLM\...\Sonoris DDP Creator 64bit) (Version:  - Sonoris Audio Engineering)
Sonoris License Activator (HKLM-x32\...\Sonoris License Activator) (Version:  - Sonoris Audio Engineering)
Sonoris Mastering Compressor 64bit (HKLM\...\Sonoris Mastering Compressor 64bit) (Version:  - Sonoris Audio Engineering)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 4.60 - NCH Software)
SySaver (HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\...\SySaver) (Version: 2 - SySaver)
Systweak Support Dock (HKLM-x32\...\{266DBE1C-B640-46ee-9A6D-86F0A1E483B9}_is1) (Version: 1.2.100.15961 - Systweak Software)
TonedPLUS version 1.0.0 (HKLM\...\TonedPLUS_is1) (Version: 1.0.0 - )
T-RackS CS version 4.5.1 (HKLM\...\{E931EBCC-55F9-4D67-BA0E-D57C4A893A44}_is1) (Version: 4.5.1 - IK Multimedia)
Tuneup Pro (HKLM-x32\...\Tuneup Pro_is1) (Version: 1.08 - tuneuppro.com)
UAD drivers. This may take a while... (x32 Version: 7.11.0.9364 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (HKLM-x32\...\{2cf1a5a9-8e7f-4e9e-a51c-e846837062e4}) (Version: 7.11.0.9364 - Universal Audio, Inc.)
UAD Powered Plug-Ins (Version: 7.11.0.9364 - Universal Audio, Inc.) Hidden
UAD Powered Plug-Ins (x32 Version: 7.11.0.9364 - Universal Audio, Inc.) Hidden
Voxengo Elephant (HKLM\...\Voxengo Elephant_is1) (Version: 3.11 - Voxengo)
Waves Complete V9r17 (HKLM-x32\...\{91000001-C561-4E32-99EB-3C5AD3683A70}) (Version: 9.1.17 - Waves)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Windows Driver Package - Universal Audio Inc. (UAD2Fw) UAD2DSP  (02/27/2013 6.05.0666) (HKLM\...\150F9D4167951864347E9F9DA30415563CB17757) (Version: 02/27/2013 6.05.0666 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP  (02/27/2013 6.05.0666) (HKLM\...\B1EBB39AB9DA01F1112F8CB4FDACD5C5BAB2E87C) (Version: 02/27/2013 6.05.0666 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2Pcie) UAD2DSP  (09/14/2012 6.03.0420) (HKLM\...\9E577FF8CA73CD32BD55D49A8B4AAD74F2693610) (Version: 09/14/2012 6.03.0420 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP  (02/27/2013 6.05.0666) (HKLM\...\AE6BFA7FECC5847880284C2C3A4983BE9687B46A) (Version: 02/27/2013 6.05.0666 - Universal Audio Inc.)
Windows Driver Package - Universal Audio Inc. (UAD2System) UAD2DSP  (09/14/2012 6.03.0420) (HKLM\...\21831831B795B28D5F20754E5039CAE1AA97A986) (Version: 09/14/2012 6.03.0420 - Universal Audio Inc.)
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E1}) (Version: 18.0.11023 - WinZip Computing, S.L. )
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1093419219-1301794617-2299922691-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {09E7B91D-C63F-4A69-A3F3-EFC9481612AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1CEB4EFD-AB3C-4BDB-B9C7-E7C017B06FD4} - System32\Tasks\Right Backup_startup => C:\Program Files (x86)\Right Backup\RightBackup.exe [2014-07-11] (Systweak)
Task: {1D9010F7-3E5B-435F-BA61-5963EFE97D36} - System32\Tasks\hpUrlLauncher.exe_{8DE23C23-AE7F-4554-B3B9-0F4C9A22612D} => C:\Program Files\HP\HP Officejet Pro 8600\Bin\utils\hpUrlLauncher.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {253A37F8-3F5D-421F-9662-080AC49F7318} - System32\Tasks\Advanced File Optimizer_checkupdate_startup => C:\Program Files (x86)\Advanced File Optimizer\AdvancedFileOptimizer.exe [2014-12-26] (Systweak)
Task: {4D99A5FE-EE33-4EDF-A915-6BACE1E8BC56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.)
Task: {5038846A-0264-4A58-A7EE-A7731AFCA7CD} - System32\Tasks\Advanced~System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2015-04-03] () <==== ATTENTION
Task: {56E05CE1-58DD-4C57-A7F3-66B0988CA961} - System32\Tasks\{F74B7F6F-785B-4EC5-8011-B7988995586F} => pcalua.exe -a "C:\Program Files (x86)\VSTPlugIns\Sonoris Mastering Compressor\smcp100VSTx64.exe" -d "C:\Program Files (x86)\VSTPlugIns\Sonoris Mastering Compressor"
Task: {57D0DAEC-439C-464F-901E-40B367712965} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-12] (Google Inc.)
Task: {6E41B07A-6237-40F8-9A03-4FD9474E2B71} - System32\Tasks\{A3C70F14-739C-4F46-889A-97E9522CDCF8} => pcalua.exe -a "C:\Users\PCAudioLabs User\Desktop\ddpc204.exe" -d "C:\Users\PCAudioLabs User\Desktop"
Task: {759D8A92-3FA8-435A-80FD-5C645148A6EE} - System32\Tasks\{DF718F86-EE05-4381-98C0-D62335EF7F4C} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Waves\Applications\wlc.exe"
Task: {77707CF3-F7B8-4B4C-83F2-39F076084840} - System32\Tasks\{1D344630-BCC6-4215-A422-72D6CA2903B2} => pcalua.exe -a "C:\Program Files (x86)\Universal Audio\UAD-Win-v652.exe" -d "C:\Program Files (x86)\Universal Audio"
Task: {824070AE-C7F7-460E-A689-36EDFCA153BA} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {875706A8-358B-40B0-AB61-A3EE44B222A4} - System32\Tasks\{C225F83C-C03D-4F8B-9CBF-6A50B1C2D832} => pcalua.exe -a "C:\Users\PCAudioLabs User\Downloads\WOLI (5).exe" -d "C:\Users\PCAudioLabs User\Downloads"
Task: {999F9B7B-C3A9-4821-BEFD-B65F0098CF09} - System32\Tasks\{2B0FA927-F460-47EC-8337-F4CCB4E80E8C} => C:\Program Files (x86)\Waves\Applications\wlc.exe
Task: {9B721D6F-4162-4248-B6D0-BC06F7DE7C9D} - System32\Tasks\{9E042656-D039-4332-86BC-49E4F5D97BFD} => C:\Program Files (x86)\Waves\Applications\wlc.exe
Task: {9D8C062C-11DF-407E-B476-B33F6C3C7894} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {A67EDE0C-0C54-429F-86A2-1FD57C20C226} - System32\Tasks\Tuneup Pro_DEFAULT => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe [2014-08-20] (Tuneup Pro)
Task: {AE3ADAFA-3626-48F7-8CA3-7C6D2AF9EF6B} - System32\Tasks\Tuneup Pro_UPDATES => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe [2014-08-20] (Tuneup Pro)
Task: {E65263AD-3E5F-414B-9908-8B7EA6DDDB5F} - System32\Tasks\{A5D25771-6AAD-4DFA-BBE9-82361255F790} => pcalua.exe -a "C:\Users\PCAudioLabs User\Downloads\WOLI.exe" -d "C:\Users\PCAudioLabs User\Downloads"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Tuneup Pro_DEFAULT.job => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe
Task: C:\Windows\Tasks\Tuneup Pro_UPDATES.job => C:\Program Files (x86)\Tuneup Pro\TuneupPro.exe

==================== Loaded Modules (whitelisted) ==============

2013-07-11 10:03 - 2013-07-04 15:19 - 00182872 ____N () C:\Program Files (x86)\IDriveWindows\idwservice_600.exe
2013-07-11 10:03 - 2013-07-04 15:19 - 00125528 ____N () C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 ____N () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 ____N () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-06-13 11:03 - 2014-04-22 17:28 - 00156936 _____ () C:\Windows\system32\bdfwcore.dll
2014-04-22 17:29 - 2015-04-02 12:52 - 00785736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpbr.mdl
2014-04-22 17:29 - 2015-04-02 12:52 - 00706408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpdsp.mdl
2014-04-22 17:29 - 2015-04-02 12:52 - 02681448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttpph.mdl
2014-04-22 17:29 - 2015-04-02 12:52 - 01324432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\2.2.3.0\definitions\loc1\ashttprbl.mdl
2015-01-03 21:53 - 2014-12-15 02:03 - 00241704 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2014-11-13 04:59 - 2014-11-13 04:57 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2014-11-13 04:59 - 2014-11-13 04:57 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 ____N () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2013-07-11 10:03 - 2013-07-04 15:19 - 00560640 _____ () C:\Program Files (x86)\IDriveWindows\idcontext64.dll
2014-09-02 11:06 - 2015-04-03 15:18 - 06969128 _____ () C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2015-01-03 21:53 - 2014-12-15 02:04 - 00253992 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\TrayTipAgent.exe
2011-03-09 02:24 - 2011-03-09 02:24 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-10-15 17:49 - 2009-10-15 17:49 - 00610304 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\MDLL64.dll
2012-06-26 08:33 - 2012-06-26 08:33 - 00672768 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\MFL_X64_VC9.dll
2011-02-03 11:35 - 2011-02-03 11:35 - 12036608 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\samipp60_x64.dll
2013-11-13 04:18 - 2013-11-13 04:18 - 00900096 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\AAC2_x64.dll
2012-06-26 08:33 - 2012-06-26 08:33 - 00676352 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\Protein\MFL_u_x64_VC9.dll
2011-02-08 08:46 - 2011-02-08 08:46 - 12547072 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\DspDll\x64\samsig60_04_x64.dll
2012-12-18 05:04 - 2012-12-18 05:04 - 02783744 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\DspDll\x64\MxGUI_rel_dynMFC_x64_VC9_121218.dll
2012-12-18 05:02 - 2012-12-18 05:02 - 00450048 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\DspDll\x64\MFL_rel_dynMFC_x64_VC9_121218.dll
2012-01-09 04:26 - 2012-01-09 04:26 - 00412160 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\Bridge32_V103.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00098856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00031272 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00107560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00030248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00280104 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00754728 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00194088 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00135720 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00096808 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2015-02-04 12:38 - 2013-08-02 20:21 - 00886272 _____ () C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll
2015-01-03 21:53 - 2014-12-15 01:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2014-10-15 11:05 - 2014-10-15 11:05 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-04-07 14:14 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-02 11:06 - 2015-03-17 10:59 - 00886272 _____ () C:\Program Files (x86)\ASP\System.Data.SQLite.dll
2014-09-02 11:06 - 2015-04-03 15:18 - 01730856 _____ () C:\Program Files (x86)\ASP\aspsys.dll
2013-07-11 10:03 - 2013-07-05 21:06 - 00061440 _____ () C:\Program Files (x86)\IDriveWindows\LogViewerControl.dll
2014-03-25 02:00 - 2014-03-25 02:00 - 00033792 _____ () C:\Program Files\Lynx Studio Technology\LKBH32.dll
2015-04-09 10:54 - 2015-04-09 10:54 - 00043008 _____ () c:\Users\PCAudioLabs User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzd7_1o.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00750080 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00047616 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00865280 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 16:45 - 2015-03-04 16:45 - 00200704 _____ () C:\Users\PCAudioLabs User\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-11-06 19:30 - 2014-11-06 19:30 - 00210432 _____ () C:\Windows\system32\UAD2DriverClient.dll
2015-01-03 21:53 - 2014-12-15 02:04 - 00223272 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\traynet.dll
2015-01-03 21:53 - 2014-12-15 02:04 - 00275496 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\libcurl.dll
2015-01-03 21:53 - 2014-12-15 02:04 - 00118328 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\zlib1.dll
2015-01-03 21:53 - 2014-12-15 02:04 - 00249896 _____ () C:\Program Files (x86)\EaseUS\TrayPopup\uexper.dll
2010-10-18 15:22 - 2010-10-18 15:22 - 00851968 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\AAC.dll
2010-01-08 12:32 - 2010-01-08 12:32 - 00116224 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\LibFlac++_vc9.dll
2009-04-20 13:41 - 2009-04-20 13:41 - 00159744 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\libFLAC.dll
2006-02-09 17:50 - 2006-02-09 17:50 - 00205824 _____ () C:\Program Files (x86)\MAGIX\Samplitude_Pro_X_Download_Version\MPEGI.DLL
2015-04-01 13:47 - 2015-03-30 16:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-01 13:47 - 2015-03-30 16:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-01 13:47 - 2015-03-30 16:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
2015-04-01 13:47 - 2015-03-30 16:07 - 14974280 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:bkUeAN5TQgAG8iKJb78I2C
AlternateDataStreams: C:\ProgramData\Microsoft:CAMEJVM6oviY67EKdjRpRW
AlternateDataStreams: C:\ProgramData\Microsoft:iC0sAoFfHu9R6nHUZkRnP2yIR
AlternateDataStreams: C:\ProgramData\Microsoft:JDJhBBH5ZClsbXpM13g2yvTYMK
AlternateDataStreams: C:\ProgramData\Microsoft:K7y14ivCI9x7VVR3GoikSK3
AlternateDataStreams: C:\ProgramData\Microsoft:Lj0ia4rpZddBWExUwmSH09A7i
AlternateDataStreams: C:\ProgramData\Microsoft:LvBjcY43ay8Ej1d61sR8OUQHf
AlternateDataStreams: C:\ProgramData\Microsoft:QotbPLCARIuyv8Be7sHlS4vtB
AlternateDataStreams: C:\ProgramData\Microsoft:RvvultQgjmhbQNF77iH
AlternateDataStreams: C:\ProgramData\Microsoft:uxpU2AOra0jUtQVR8bQ8LtL
AlternateDataStreams: C:\ProgramData\Microsoft:ZSQ57onakCRmcKFARYhSx9
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\Guest\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\PCAudioLabs User\Local Settings:UIB2vWyqLeNrsR2RzsttAD4Pg
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local:UIB2vWyqLeNrsR2RzsttAD4Pg
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local\Application Data:UIB2vWyqLeNrsR2RzsttAD4Pg
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local\MDbIQr1o:aG4Lt0YPURv6SoQhFp0
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local\Temp:9k2FMnlmvsGdSkB0mEPv
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local\Temp:FYuUUUW4YCkaqIZD7BrSUAXwwp
AlternateDataStreams: C:\Users\PCAudioLabs User\AppData\Local\Temporary Internet Files:bWKmRhyrFIqnnvVS1anUGwqa

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1093419219-1301794617-2299922691-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PCAudioLabs User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.1.10.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

==================== Accounts: =============================

Administrator (S-1-5-21-1093419219-1301794617-2299922691-500 - Administrator - Disabled)
Guest (S-1-5-21-1093419219-1301794617-2299922691-501 - Limited - Enabled) => C:\Users\Guest
PCAudioLabs User (S-1-5-21-1093419219-1301794617-2299922691-1001 - Administrator - Enabled) => C:\Users\PCAudioLabs User

==================== Faulty Device Manager Devices =============

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/08/2015 03:18:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (04/07/2015 00:17:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (04/04/2015 03:15:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\DrvInst.exe "4" "20" "C:\Users\PCAUDI~1\AppData\Local\Temp\{71b2b219-3802-388c-13e7-7611c133dc5b}\iLokDrvr64.inf" "9" "693ab7ff7" "0000000000000410" "WinSta0\Default" "0000000000000690" "208" "C:\Users\PCAUDI~1\AppData\Local\Temp\t8667.tmp"; Description = Device Driver Package Install: PACE Anti-Piracy, Inc. Dongles; Error = 0x80070422).

Error: (04/04/2015 03:15:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PCAudioLabs-DAW)
Description: Application or service 'PACE License Services' could not be shut down.

Error: (04/04/2015 03:15:25 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Users\PCAudioLabs User\Downloads\LicenseSupportInstallerWin64 (1)\LicenseSupportInstallerWin64_v2.4.7_r27997\License Support Win64.exe User\Downloads\LicenseSupportInstallerWin64 (1)\LicenseSupportInstallerWin64_v2.4.7_r27997\License Support Win64.exe" ; Description = Configured PACE License Support Win64; Error = 0x80070422).

Error: (04/03/2015 10:37:48 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (04/02/2015 11:21:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x80070422).

Error: (04/01/2015 01:40:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Drobo Dashboard.; Error = 0x80070422).

Error: (04/01/2015 01:40:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Drobo Dashboard.; Error = 0x80070422).

Error: (04/01/2015 01:40:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\msiexec.exe /V; Description = Removed Drobo Dashboard.; Error = 0x80070422).


System errors:
=============
Error: (04/09/2015 10:54:48 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:54:48 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:54:48 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:54:47 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:54:47 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:54:47 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:49:18 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:49:18 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:49:18 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.

Error: (04/09/2015 10:49:17 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.


Microsoft Office Sessions:
=========================
Error: (04/08/2015 03:18:19 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (04/07/2015 00:17:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (04/04/2015 03:15:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\DrvInst.exe "4" "20" "C:\Users\PCAUDI~1\AppData\Local\Temp\{71b2b219-3802-388c-13e7-7611c133dc5b}\iLokDrvr64.inf" "9" "693ab7ff7" "0000000000000410" "WinSta0\Default" "0000000000000690" "208" "C:\Users\PCAUDI~1\AppData\Local\Temp\t8667.tmp"Device Driver Package Install: PACE Anti-Piracy, Inc. Dongles0x80070422

Error: (04/04/2015 03:15:48 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PCAudioLabs-DAW)
Description: 0LDSvc.exePACE License Services0302621612076143003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0043006F006D006D006F006E002000460069006C00650073005C0050004100430045005C00530065007200760069006300650073005C004C006900630065006E0073006500530065007200760069006300650073005C004C0044005300760063002E006500780065000000

Error: (04/04/2015 03:15:25 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\PCAudioLabs User\Downloads\LicenseSupportInstallerWin64 (1)\LicenseSupportInstallerWin64_v2.4.7_r27997\License Support Win64.exe User\Downloads\LicenseSupportInstallerWin64 (1)\LicenseSupportInstallerWin64_v2.4.7_r27997\License Support Win64.exe" Configured PACE License Support Win640x80070422

Error: (04/03/2015 10:37:48 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (04/02/2015 11:21:35 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x80070422

Error: (04/01/2015 01:40:42 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Drobo Dashboard.0x80070422

Error: (04/01/2015 01:40:41 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Drobo Dashboard.0x80070422

Error: (04/01/2015 01:40:40 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\msiexec.exe /VRemoved Drobo Dashboard.0x80070422


CodeIntegrity Errors:
===================================
  Date: 2011-09-22 14:06:22.909
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:22.892
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:22.834
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:22.819
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:22.715
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:22.700
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:11.000
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:10.985
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:10.875
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-09-22 14:06:10.860
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\MAGIX\Samplitude_11_Pro\mxasio.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 970 @ 3.20GHz
Percentage of memory in use: 35%
Total physical RAM: 8183.11 MB
Available physical RAM: 5282.48 MB
Total Pagefile: 9205.3 MB
Available Pagefile: 5719.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Win7Pro64) (Fixed) (Total:238.47 GB) (Free:157.93 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Audio1) (Fixed) (Total:931.51 GB) (Free:238.36 GB) NTFS
Drive f: (Audio2) (Fixed) (Total:931.51 GB) (Free:696.88 GB) NTFS
Drive g: (My Passport for Mac) (Fixed) (Total:1862.67 GB) (Free:1827.62 GB) HFSJ
Drive h: (CODEMETER) (Fixed) (Total:0.04 GB) (Free:0 GB) FAT32
Drive x: () (Network) (Total:16362.08 GB) (Free:15019.21 GB)
Drive y: () (Network) (Total:16362.08 GB) (Free:15019.21 GB)
Drive z: () (Network) (Total:16362.08 GB) (Free:15019.21 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F0B392FC)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D22FEE57)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D22FEE54)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Attached Files


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

 

I'm reviewing your logs now.


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I do see a bunch that needs to be cleaned up but before we do we need to be able to create a restore point and it appears yours may be broke. Was your machine possibly imaged at one point? Cloned from another machine or the drive cloned from one to another?

 

Please do the following and let me know what you see.

 

1. Click your start button, right-click on Computer and click on Properties.

ComputerProperties.JPG

 

2. Click the System protection link on the left side of the screen that comes up.

SystemProtectionLink.JPG

 

3. In the Protection Settings area, Do any drives show Protection set On but it says (Missing)? If so, please select each one that shows missing and then click the Configure button and then simply click OK. You may get an error and this is OK. Also make sure that the C:\ drive (the one that doesn't show missing) is selected and choose Configure and make sure you select "Restore system settings and previous version of files".

ProtectionSettings.JPG

 

Thank you.


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics


Also tagged with one or more of these keywords: windows7, pc

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP