Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow on startup!


  • This topic is locked This topic is locked
32 replies to this topic

#1 atro1

atro1

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 24 December 2014 - 01:14 AM

Just recently my pc has taken a long time to open the internet on startup. I can play a game off Freecell before its working.

I have tried rebooting the router.Its cable to pc. Its Virgin media BB just about as high as you can have. I have tried to shorten the startup button by unticking a few thins. But it has not helped.I have done a Hijackthis. But I really have no idea what I am doing.

I am a silver surfer I do not play any games other than ms games and a couple of kids games. Its a Dell i3. Copy of Hijack this log:-

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Alec (administrator) on ALEC-PC on 19-03-2014 17:55:48
Running from C:\Users\Alec\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) c:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe
(Microsoft Corporation) C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Users\Alec\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Reader_sl.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [obkagent] - C:\Program Files\Bitdefender\Bitdefender Safepay\obkagent.exe [477760 2014-01-08] (Bitdefender)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2014-01-03] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [SkyDrive] - C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-02-20] (Microsoft Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [Google+ Auto Backup] - C:\Users\Alec\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: HP Detect - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2012-12-13]
FF Extension: Wiktionary and Google Translate - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default\Extensions\googledictionary@toptip.ca.xpi [2014-02-22]
FF Extension: Thumbnail Zoom Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2013-11-23]
FF Extension: Google Translator for Firefox - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default\Extensions\translator@zoli.bod.xpi [2014-02-22]
FF Extension: NoScript - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\z4pc00hi.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-13]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-13]

==================== Services (Whitelisted) =================

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [387632 2014-01-08] (Bitdefender)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2013-10-18] (Bitdefender)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros)

==================== Drivers (Whitelisted) ====================

R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-19 17:31 - 2014-03-19 17:54 - 00000112 _____ () C:\Windows\setupact.log
2014-03-19 17:31 - 2014-03-19 17:31 - 00006138 _____ () C:\Windows\PFRO.log
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-19 13:25 - 2014-03-19 13:25 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-03-19 13:24 - 2014-03-19 17:54 - 00000000 ____D () C:\ProgramData\COMODO
2014-03-19 13:24 - 2014-03-19 17:54 - 00000000 ____D () C:\Program Files\COMODO
2014-03-19 13:24 - 2014-03-19 13:25 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-19 13:24 - 2014-03-19 13:24 - 00000000 ____D () C:\first_launch
2014-03-19 13:20 - 2014-03-19 13:21 - 211388240 _____ (COMODO) C:\Users\Alec\Downloads\cfw_installer_5732_83.exe
2014-03-19 13:17 - 2014-03-19 13:20 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-19 13:17 - 2014-03-19 13:17 - 00001081 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-03-19 13:17 - 2014-03-19 13:17 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-19 13:16 - 2014-03-19 13:16 - 04095448 _____ (BrightFort LLC ) C:\Users\Alec\Downloads\spywareblastersetup50.exe
2014-03-17 20:27 - 2014-03-17 20:27 - 00987442 _____ () C:\Users\Alec\Downloads\SecurityCheck.exe
2014-03-17 20:13 - 2014-03-17 20:13 - 01950720 _____ () C:\Users\Alec\Downloads\adwcleaner(1).exe
2014-03-16 20:15 - 2014-03-16 20:15 - 00002975 _____ () C:\Users\Alec\Desktop\JRT.txt
2014-03-16 20:11 - 2014-03-16 20:11 - 01037734 _____ (Thisisu) C:\Users\Alec\Downloads\JRT.exe
2014-03-16 20:11 - 2014-03-16 20:11 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 20:06 - 2014-03-16 20:06 - 00035974 _____ () C:\Users\Alec\Downloads\Addition.txt
2014-03-16 20:05 - 2014-03-19 17:55 - 00016000 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-03-16 20:05 - 2014-03-19 17:23 - 00000000 ____D () C:\FRST
2014-03-16 20:05 - 2014-03-16 20:05 - 02157056 _____ (Farbar) C:\Users\Alec\Downloads\FRST64.exe
2014-03-16 19:50 - 2014-03-17 20:15 - 00000000 ____D () C:\AdwCleaner
2014-03-16 19:50 - 2014-03-16 19:50 - 01950720 _____ () C:\Users\Alec\Downloads\adwcleaner.exe
2014-03-14 10:24 - 2014-03-14 10:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alec\Downloads\HijackThis.exe
2014-03-14 10:18 - 2014-03-14 10:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:18 - 2014-03-14 10:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 10:17 - 2014-03-14 10:17 - 13084896 _____ (Microsoft Corporation) C:\Users\Alec\Downloads\Silverlight_x64.exe
2014-03-13 20:37 - 2014-03-01 06:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 20:37 - 2014-03-01 05:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 20:37 - 2014-03-01 05:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 20:37 - 2014-03-01 04:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 20:37 - 2014-03-01 04:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 20:37 - 2014-03-01 04:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 20:37 - 2014-03-01 04:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 20:37 - 2014-03-01 04:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 20:37 - 2014-03-01 04:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 20:37 - 2014-03-01 04:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 20:37 - 2014-03-01 04:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 20:37 - 2014-03-01 04:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 20:37 - 2014-03-01 04:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 20:37 - 2014-03-01 04:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 20:37 - 2014-03-01 04:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 20:37 - 2014-03-01 04:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 20:37 - 2014-03-01 04:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 20:37 - 2014-03-01 03:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 20:37 - 2014-03-01 03:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 20:37 - 2014-03-01 03:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 20:37 - 2014-03-01 03:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 20:37 - 2014-03-01 03:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 20:37 - 2014-03-01 03:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 20:37 - 2014-03-01 03:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 20:37 - 2014-03-01 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 20:37 - 2014-03-01 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 20:37 - 2014-03-01 03:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 20:37 - 2014-03-01 03:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 20:37 - 2014-03-01 03:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 20:37 - 2014-03-01 03:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 20:37 - 2014-03-01 03:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 20:37 - 2014-03-01 03:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 20:37 - 2014-03-01 03:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 20:37 - 2014-03-01 03:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 20:37 - 2014-03-01 02:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 20:37 - 2014-03-01 02:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 20:37 - 2014-03-01 02:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 20:37 - 2014-03-01 02:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 20:37 - 2014-03-01 02:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 20:37 - 2014-03-01 02:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 20:37 - 2014-02-07 01:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 20:37 - 2014-01-29 02:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 20:37 - 2014-01-29 02:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 20:37 - 2014-01-28 02:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 20:36 - 2014-02-04 02:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 20:36 - 2014-02-04 02:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 20:36 - 2014-02-04 02:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 20:36 - 2014-02-04 02:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-05 07:27 - 2014-03-05 07:27 - 00000880 _____ () C:\Users\Alec\Desktop\Favorites - Shortcut.lnk
2014-03-05 06:40 - 2014-03-05 06:40 - 02150672 _____ () C:\Users\Alec\Downloads\videoperformerSetup.exe
2014-03-05 06:36 - 2014-03-05 06:37 - 00001681 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-03-05 06:33 - 2014-03-05 07:04 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\vlc
2014-03-05 06:32 - 2014-03-05 07:09 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 06:29 - 2014-03-05 06:29 - 00013068 _____ () C:\Users\Alec\AppData\Roaming\Bubble Dock.installation.log
2014-03-05 06:29 - 2014-03-05 06:29 - 00001269 _____ () C:\Users\Alec\AppData\Roaming\Bubble Dock.boostrap.log
2014-03-05 06:26 - 2014-03-05 06:26 - 00109120 _____ () C:\Users\Alec\Downloads\vlc_setup.exe
2014-03-03 19:51 - 2014-03-03 19:51 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 19:50 - 2014-03-03 19:51 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 19:50 - 2014-03-03 19:51 - 00000000 ____D () C:\Program Files\iTunes
2014-03-03 19:50 - 2014-03-03 19:51 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-03 19:50 - 2014-03-03 19:50 - 00000000 ____D () C:\Program Files\iPod
2014-03-03 19:47 - 2014-03-03 19:47 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-03 19:47 - 2014-03-03 19:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-26 10:42 - 2014-02-26 10:42 - 04765152 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup411.exe
2014-02-26 10:42 - 2014-02-26 10:42 - 04765152 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup411(1).exe
2014-02-25 12:14 - 2014-02-25 12:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-22 12:39 - 2014-02-22 12:39 - 00000000 ____D () C:\Windows\en-gb
2014-02-22 12:39 - 2014-02-22 12:39 - 00000000 ____D () C:\Windows\en
2014-02-20 07:35 - 2014-02-20 07:35 - 00002156 _____ () C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-20 07:34 - 2014-02-20 07:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive

==================== One Month Modified Files and Folders =======

2014-03-19 17:56 - 2014-03-16 20:05 - 00016000 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-03-19 17:55 - 2012-12-10 12:51 - 00000000 ___RD () C:\Users\Alec\SkyDrive
2014-03-19 17:55 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-03-19 17:55 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-03-19 17:55 - 2012-08-31 05:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-03-19 17:54 - 2014-03-19 17:31 - 00000112 _____ () C:\Windows\setupact.log
2014-03-19 17:54 - 2014-03-19 13:24 - 00000000 ____D () C:\ProgramData\COMODO
2014-03-19 17:54 - 2014-03-19 13:24 - 00000000 ____D () C:\Program Files\COMODO
2014-03-19 17:54 - 2014-01-03 08:18 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-03-19 17:54 - 2014-01-03 08:18 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-03-19 17:54 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-19 17:53 - 2012-08-31 06:36 - 01923413 _____ () C:\Windows\WindowsUpdate.log
2014-03-19 17:39 - 2009-07-14 04:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-19 17:39 - 2009-07-14 04:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-19 17:35 - 2014-03-19 13:24 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-03-19 17:31 - 2014-03-19 17:31 - 00006138 _____ () C:\Windows\PFRO.log
2014-03-19 17:31 - 2014-03-19 17:31 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-19 17:23 - 2014-03-16 20:05 - 00000000 ____D () C:\FRST
2014-03-19 17:03 - 2012-08-31 04:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-19 13:32 - 2009-07-14 05:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-19 13:25 - 2014-03-19 13:25 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-03-19 13:24 - 2014-03-19 13:24 - 00000000 ____D () C:\first_launch
2014-03-19 13:21 - 2014-03-19 13:20 - 211388240 _____ (COMODO) C:\Users\Alec\Downloads\cfw_installer_5732_83.exe
2014-03-19 13:20 - 2014-03-19 13:17 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-03-19 13:17 - 2014-03-19 13:17 - 00001081 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-03-19 13:17 - 2014-03-19 13:17 - 00000000 ____D () C:\ProgramData\Licenses
2014-03-19 13:16 - 2014-03-19 13:16 - 04095448 _____ (BrightFort LLC ) C:\Users\Alec\Downloads\spywareblastersetup50.exe
2014-03-19 06:41 - 2013-08-15 04:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 06:41 - 2012-12-06 19:06 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 07:36 - 2012-12-21 07:16 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\HpUpdate
2014-03-17 20:27 - 2014-03-17 20:27 - 00987442 _____ () C:\Users\Alec\Downloads\SecurityCheck.exe
2014-03-17 20:15 - 2014-03-16 19:50 - 00000000 ____D () C:\AdwCleaner
2014-03-17 20:13 - 2014-03-17 20:13 - 01950720 _____ () C:\Users\Alec\Downloads\adwcleaner(1).exe
2014-03-16 20:15 - 2014-03-16 20:15 - 00002975 _____ () C:\Users\Alec\Desktop\JRT.txt
2014-03-16 20:11 - 2014-03-16 20:11 - 01037734 _____ (Thisisu) C:\Users\Alec\Downloads\JRT.exe
2014-03-16 20:11 - 2014-03-16 20:11 - 00000000 ____D () C:\Windows\ERUNT
2014-03-16 20:06 - 2014-03-16 20:06 - 00035974 _____ () C:\Users\Alec\Downloads\Addition.txt
2014-03-16 20:05 - 2014-03-16 20:05 - 02157056 _____ (Farbar) C:\Users\Alec\Downloads\FRST64.exe
2014-03-16 19:50 - 2014-03-16 19:50 - 01950720 _____ () C:\Users\Alec\Downloads\adwcleaner.exe
2014-03-14 10:24 - 2014-03-14 10:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Alec\Downloads\HijackThis.exe
2014-03-14 10:18 - 2014-03-14 10:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:18 - 2014-03-14 10:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 10:17 - 2014-03-14 10:17 - 13084896 _____ (Microsoft Corporation) C:\Users\Alec\Downloads\Silverlight_x64.exe
2014-03-13 23:28 - 2009-07-14 04:45 - 00413344 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 21:14 - 2012-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 14:03 - 2012-08-31 04:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 14:03 - 2012-08-31 04:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 14:03 - 2012-08-31 04:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 12:57 - 2013-10-03 13:23 - 00000000 ____D () C:\Users\Alec\AppData\Local\3AF59380-EF1E-49B7-A7C6-475B8EB8A377.aplzod
2014-03-09 07:25 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-05 07:27 - 2014-03-05 07:27 - 00000880 _____ () C:\Users\Alec\Desktop\Favorites - Shortcut.lnk
2014-03-05 07:09 - 2014-03-05 06:32 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-05 07:04 - 2014-03-05 06:33 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\vlc
2014-03-05 07:04 - 2012-12-13 18:01 - 00000000 ____D () C:\ProgramData\HP
2014-03-05 07:04 - 2012-12-06 17:10 - 00000000 ____D () C:\Users\Alec
2014-03-05 07:04 - 2010-11-21 07:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-05 07:04 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\registration
2014-03-05 06:40 - 2014-03-05 06:40 - 02150672 _____ () C:\Users\Alec\Downloads\videoperformerSetup.exe
2014-03-05 06:37 - 2014-03-05 06:36 - 00001681 _____ () C:\Windows\SysWOW64\${LOGFILE}
2014-03-05 06:34 - 2014-01-03 08:20 - 00000000 ____D () C:\Users\Alec\AppData\Local\cache
2014-03-05 06:29 - 2014-03-05 06:29 - 00013068 _____ () C:\Users\Alec\AppData\Roaming\Bubble Dock.installation.log
2014-03-05 06:29 - 2014-03-05 06:29 - 00001269 _____ () C:\Users\Alec\AppData\Roaming\Bubble Dock.boostrap.log
2014-03-05 06:26 - 2014-03-05 06:26 - 00109120 _____ () C:\Users\Alec\Downloads\vlc_setup.exe
2014-03-03 19:51 - 2014-03-03 19:51 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-03 19:51 - 2014-03-03 19:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-03 19:51 - 2014-03-03 19:50 - 00000000 ____D () C:\Program Files\iTunes
2014-03-03 19:51 - 2014-03-03 19:50 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-03 19:50 - 2014-03-03 19:50 - 00000000 ____D () C:\Program Files\iPod
2014-03-03 19:47 - 2014-03-03 19:47 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-03 19:47 - 2014-03-03 19:47 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-01 06:05 - 2014-03-13 20:37 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 05:17 - 2014-03-13 20:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 05:16 - 2014-03-13 20:37 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 - 2014-03-13 20:37 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 04:52 - 2014-03-13 20:37 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 04:51 - 2014-03-13 20:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 04:42 - 2014-03-13 20:37 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 04:40 - 2014-03-13 20:37 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 04:37 - 2014-03-13 20:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 04:33 - 2014-03-13 20:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 04:33 - 2014-03-13 20:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 04:32 - 2014-03-13 20:37 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 04:30 - 2014-03-13 20:37 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 04:23 - 2014-03-13 20:37 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 - 2014-03-13 20:37 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 04:11 - 2014-03-13 20:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 04:02 - 2014-03-13 20:37 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 03:54 - 2014-03-13 20:37 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 03:52 - 2014-03-13 20:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 03:51 - 2014-03-13 20:37 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 03:47 - 2014-03-13 20:37 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 03:43 - 2014-03-13 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 03:43 - 2014-03-13 20:37 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 03:42 - 2014-03-13 20:37 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 03:40 - 2014-03-13 20:37 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 03:38 - 2014-03-13 20:37 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 03:37 - 2014-03-13 20:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 03:35 - 2014-03-13 20:37 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 03:18 - 2014-03-13 20:37 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 03:16 - 2014-03-13 20:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 03:14 - 2014-03-13 20:37 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 03:10 - 2014-03-13 20:37 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 03:03 - 2014-03-13 20:37 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 03:00 - 2014-03-13 20:37 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 02:57 - 2014-03-13 20:37 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 02:38 - 2014-03-13 20:37 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 02:32 - 2014-03-13 20:37 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 02:27 - 2014-03-13 20:37 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 02:25 - 2014-03-13 20:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 02:25 - 2014-03-13 20:37 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-27 07:50 - 2012-12-06 16:22 - 00000000 ____D () C:\Users\Alec\AppData\Local\Windows Live Writer
2014-02-26 10:43 - 2013-01-04 14:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-26 10:43 - 2013-01-04 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-26 10:42 - 2014-02-26 10:42 - 04765152 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup411.exe
2014-02-26 10:42 - 2014-02-26 10:42 - 04765152 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup411(1).exe
2014-02-26 06:43 - 2011-02-10 16:10 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 12:15 - 2012-08-31 05:04 - 00000000 ____D () C:\ProgramData\Skype
2014-02-25 12:14 - 2014-02-25 12:14 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-22 12:39 - 2014-02-22 12:39 - 00000000 ____D () C:\Windows\en-gb
2014-02-22 12:39 - 2014-02-22 12:39 - 00000000 ____D () C:\Windows\en
2014-02-22 12:38 - 2012-12-06 16:20 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-22 12:38 - 2012-12-06 16:20 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-22 06:57 - 2012-12-06 16:18 - 00000000 ____D () C:\Users\Alec\AppData\Local\Windows Live
2014-02-20 07:35 - 2014-02-20 07:35 - 00002156 _____ () C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-20 07:34 - 2014-02-20 07:34 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-02-18 09:49 - 2014-01-03 08:17 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Real
2014-02-18 09:49 - 2014-01-03 08:17 - 00000000 ____D () C:\ProgramData\Real
2014-02-17 08:22 - 2012-12-06 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


Edited by hamluis, 24 December 2014 - 07:38 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 24 December 2014 - 01:27 PM

Hello and Welcome on board ,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 26 December 2014 - 03:35 AM

Hi Machiavelli.Merry Xmas to you.

Many thanks for coming to my aid.

Hopefully this is the file you require.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by Alec (administrator) on ALEC-PC on 26-12-2014 08:30:43
Running from C:\Users\Alec\Downloads
Loaded Profile: Alec (Available profiles: Alec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\005\mtgaotushb64.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Farbar) C:\Users\Alec\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [SkyDrive] => C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-968291121-692904103-2744852466-1001] =>
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\searchplugins\google-avast.xml
FF Extension: iCloud Bookmarks - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: LastPass - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\support@lastpass.com [2014-08-19]
FF Extension: Wiktionary and Google Translate - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\googledictionary@toptip.ca.xpi [2014-09-14]
FF Extension: Cashback Notifier - TopCashback - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\notifier@topcashback.com.xpi [2014-11-06]
FF Extension: Thumbnail Zoom Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-09-14]
FF Extension: Google Translator for Firefox - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\translator@zoli.bod.xpi [2014-09-14]
FF Extension: Adblock Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28]
CHR Extension: (Google Drive) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (Dualless) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2014-07-16]
CHR Extension: (YouTube) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google Search) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (laess2pay) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifbmjadegaajdlnieihbfmbllnbiddi [2014-06-16]
CHR Extension: (RealPlayer Downloader) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-28]
CHR Extension: (Benchwarmer  Dribbble for Chrome Tabs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdjhhpjicomphhjpehdhjenbaamdpnn [2014-06-30]
CHR Extension: (Google Wallet) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Gmail) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]
CHR Extension: (SEO Analysis with Seoptimer) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbjgemahdghhnelnlihpflpdkkmmgj [2014-06-16]
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AllDaySavingsService64; C:\Program Files (x86)\5176EA87-B7D4-4E04-A5D7-CF3FC0AAF7EC\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-06] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-06] (Avast Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 mtgaotushb64; C:\Program Files\005\mtgaotushb64.exe [709120 2014-08-06] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-18] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-24] (RaMMicHaeL)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-06] (Avast Software)
S1 netfilter64; system32\drivers\netfilter64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 08:27 - 2014-12-26 08:28 - 02122240 _____ (Farbar) C:\Users\Alec\Downloads\FRST64(1).exe
2014-12-26 07:59 - 2014-12-26 07:59 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-59-24.097-AvastVBoxSVC.exe-5044.log
2014-12-25 12:56 - 2014-12-25 12:56 - 00000197 _____ () C:\Windows\system32\2014-12-25-12-56-54.098-AvastVBoxSVC.exe-4204.log
2014-12-24 19:11 - 2014-12-24 19:12 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-11-56.099-aswFe.exe-1948.log
2014-12-24 19:06 - 2014-12-24 19:11 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-06-36.078-aswFe.exe-3552.log
2014-12-24 19:06 - 2014-12-24 19:06 - 00000197 _____ () C:\Windows\system32\2014-12-24-19-06-29.009-AvastVBoxSVC.exe-3968.log
2014-12-24 19:05 - 2014-12-24 19:05 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 09:27 - 2014-12-24 09:27 - 00000247 _____ () C:\Windows\system32\2014-12-24-09-27-50.000-aswFe.exe-3320.log
2014-12-24 09:27 - 2014-12-24 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-24-09-27-42.045-AvastVBoxSVC.exe-4968.log
2014-12-24 06:35 - 2014-12-24 06:35 - 00000197 _____ () C:\Windows\system32\2014-12-24-06-35-54.095-AvastVBoxSVC.exe-4568.log
2014-12-24 05:57 - 2014-12-24 05:57 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(2).msi
2014-12-24 05:56 - 2014-12-24 06:08 - 00002931 _____ () C:\Users\Alec\Desktop\HiJackThis.lnk
2014-12-24 05:56 - 2014-12-24 06:08 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-12-24 05:56 - 2014-12-24 05:56 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-12-24 05:54 - 2014-12-24 05:54 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(1).msi
2014-12-24 05:50 - 2014-12-24 05:50 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-50-38.055-AvastVBoxSVC.exe-4480.log
2014-12-24 05:45 - 2014-12-24 05:45 - 00000000 ____D () C:\Windows\pss
2014-12-24 05:30 - 2014-12-24 05:31 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-30-56.023-AvastVBoxSVC.exe-5180.log
2014-12-24 05:28 - 2014-12-26 07:55 - 00000392 _____ () C:\Windows\setupact.log
2014-12-24 05:28 - 2014-12-24 05:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 20:19 - 2014-12-23 20:19 - 00003120 _____ () C:\Windows\System32\Tasks\{D96BFE7B-389E-4D84-855A-639DF29CEBB9}
2014-12-23 20:11 - 2014-12-23 20:11 - 00014592 _____ () C:\Users\Alec\Downloads\hijackthis.log
2014-12-23 19:52 - 2014-12-23 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-23-19-52-40.002-AvastVBoxSVC.exe-2996.log
2014-12-23 18:24 - 2014-12-23 18:24 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-24-40.035-AvastVBoxSVC.exe-5148.log
2014-12-23 18:16 - 2014-12-23 18:16 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-16-26.011-AvastVBoxSVC.exe-6128.log
2014-12-22 17:55 - 2014-12-22 17:55 - 00000197 _____ () C:\Windows\system32\2014-12-22-17-55-38.035-AvastVBoxSVC.exe-5204.log
2014-12-22 07:04 - 2014-12-22 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-04-28.086-AvastVBoxSVC.exe-5048.log
2014-12-21 16:56 - 2014-12-21 16:56 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-56-28.064-AvastVBoxSVC.exe-5488.log
2014-12-21 08:00 - 2014-12-21 08:00 - 00000197 _____ () C:\Windows\system32\2014-12-21-08-00-38.011-AvastVBoxSVC.exe-1028.log
2014-12-20 10:07 - 2014-12-20 10:07 - 00000197 _____ () C:\Windows\system32\2014-12-20-10-07-58.033-AvastVBoxSVC.exe-1868.log
2014-12-20 07:10 - 2014-12-20 07:10 - 00000197 _____ () C:\Windows\system32\2014-12-20-07-10-27.032-AvastVBoxSVC.exe-3028.log
2014-12-19 16:25 - 2014-12-19 16:25 - 00083086 _____ () C:\Users\Alec\Documents\envelope18.html
2014-12-19 14:12 - 2014-12-19 14:12 - 05317104 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup501.exe
2014-12-19 14:04 - 2014-12-19 14:04 - 00000197 _____ () C:\Windows\system32\2014-12-19-14-04-48.035-AvastVBoxSVC.exe-5216.log
2014-12-19 06:51 - 2014-12-19 06:51 - 00000197 _____ () C:\Windows\system32\2014-12-19-06-51-47.074-AvastVBoxSVC.exe-5396.log
2014-12-18 10:22 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:22 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:14 - 2014-12-18 10:14 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-14-24.091-AvastVBoxSVC.exe-5236.log
2014-12-17 07:48 - 2014-12-17 07:48 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-48-53.017-AvastVBoxSVC.exe-6032.log
2014-12-16 20:38 - 2014-12-16 20:38 - 00000197 _____ () C:\Windows\system32\2014-12-16-20-38-51.067-AvastVBoxSVC.exe-3788.log
2014-12-16 09:32 - 2014-12-16 09:32 - 00000197 _____ () C:\Windows\system32\2014-12-16-09-32-46.075-AvastVBoxSVC.exe-5740.log
2014-12-16 06:26 - 2014-12-16 06:26 - 00000197 _____ () C:\Windows\system32\2014-12-16-06-26-07.026-AvastVBoxSVC.exe-5032.log
2014-12-15 17:31 - 2014-12-15 17:31 - 00000197 _____ () C:\Windows\system32\2014-12-15-17-31-07.011-AvastVBoxSVC.exe-4976.log
2014-12-15 17:25 - 2014-12-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-15 16:06 - 2014-12-15 16:07 - 00000197 _____ () C:\Windows\system32\2014-12-15-16-06-59.004-AvastVBoxSVC.exe-2688.log
2014-12-15 10:02 - 2014-12-15 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-02-42.032-AvastVBoxSVC.exe-4144.log
2014-12-15 07:40 - 2014-12-15 07:40 - 00000197 _____ () C:\Windows\system32\2014-12-15-07-40-34.072-AvastVBoxSVC.exe-5236.log
2014-12-14 22:19 - 2014-12-14 22:19 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-19-56.071-AvastVBoxSVC.exe-5832.log
2014-12-14 10:18 - 2014-12-14 13:07 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonEPP
2014-12-14 10:17 - 2014-12-14 10:17 - 00002011 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-12-14 10:16 - 2014-12-14 10:16 - 27110984 _____ () C:\Users\Alec\Downloads\mp68-win-mg5500-1_02-ea32_2.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 18280024 _____ () C:\Users\Alec\Downloads\ewpx-win-1_5_0-ea23.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 09625160 _____ () C:\Users\Alec\Downloads\qm__-win-2_4_1-ea31_2.exe
2014-12-14 10:14 - 2014-12-14 10:14 - 05541448 _____ () C:\Users\Alec\Downloads\mypr-win-3_2_1-ea11_2.exe
2014-12-14 10:12 - 2014-12-14 10:13 - 306527824 _____ () C:\Users\Alec\Downloads\mig_-win-3_0_1-ea31_2.exe
2014-12-14 10:11 - 2014-12-14 10:11 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en(1).exe
2014-12-14 10:06 - 2014-12-14 10:06 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en.exe
2014-12-14 09:59 - 2014-12-14 10:03 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-12-14 08:20 - 2014-12-14 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-20-11.042-AvastVBoxSVC.exe-5632.log
2014-12-13 14:44 - 2014-12-13 14:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-14-44-31.082-AvastVBoxSVC.exe-304.log
2014-12-13 07:09 - 2014-12-13 07:09 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-09-12.093-AvastVBoxSVC.exe-1892.log
2014-12-13 07:07 - 2014-12-25 12:53 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-13 07:07 - 2014-12-25 12:53 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-12 17:01 - 2014-12-12 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-01-07.054-AvastVBoxSVC.exe-6116.log
2014-12-12 09:48 - 2014-12-12 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-48-10.053-AvastVBoxSVC.exe-4068.log
2014-12-12 09:04 - 2014-12-12 09:04 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-04-08.081-AvastVBoxSVC.exe-1324.log
2014-12-10 10:11 - 2014-12-10 10:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-10-11-19.081-AvastVBoxSVC.exe-3468.log
2014-12-10 10:08 - 2014-12-10 10:08 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 07:35 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:35 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:35 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:35 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:26 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:26 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:25 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:25 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:25 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:25 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:25 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:25 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:25 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:25 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:25 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:25 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:25 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:25 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:25 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:25 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:25 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:25 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:25 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:25 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:25 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:25 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:25 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:25 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:25 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:25 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:25 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:25 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:25 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:25 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:48 - 2014-12-09 17:48 - 00000197 _____ () C:\Windows\system32\2014-12-09-17-48-44.034-AvastVBoxSVC.exe-3400.log
2014-12-09 14:08 - 2014-12-09 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 07:04 - 2014-12-09 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-09-07-04-19.088-AvastVBoxSVC.exe-5352.log
2014-12-08 14:54 - 2014-12-08 14:54 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-54-47.062-AvastVBoxSVC.exe-5992.log
2014-12-08 06:48 - 2014-12-08 06:49 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-48-58.059-AvastVBoxSVC.exe-4752.log
2014-12-07 20:31 - 2014-12-07 20:31 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-31-50.022-AvastVBoxSVC.exe-4972.log
2014-12-07 20:20 - 2014-12-07 20:21 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-20-30.046-AvastVBoxSVC.exe-4568.log
2014-12-07 07:36 - 2014-12-07 07:36 - 05162080 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup500.exe
2014-12-06 12:23 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-23-55.065-aswFe.exe-4380.log
2014-12-06 12:18 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-18-28.057-aswFe.exe-3048.log
2014-12-06 12:18 - 2014-12-06 12:18 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-18-25.087-AvastVBoxSVC.exe-2076.log
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-06 12:01 - 2014-12-06 12:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-06 12:01 - 2014-12-06 12:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-06 12:01 - 2014-12-06 12:01 - 00001992 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-06 12:01 - 2014-12-06 12:01 - 00001932 _____ () C:\Users\Public\Desktop\Avast Internet Security.lnk
2014-12-06 12:01 - 2014-12-06 12:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 12:01 - 2014-12-06 12:00 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-06 12:00 - 2014-12-06 12:00 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 08:30 - 2014-03-16 20:05 - 00021203 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-12-26 08:30 - 2014-03-16 20:05 - 00000000 ____D () C:\FRST
2014-12-26 08:04 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 08:04 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 08:03 - 2012-08-31 04:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 08:02 - 2012-08-31 06:36 - 01468006 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 07:56 - 2012-12-10 12:51 - 00000000 ___RD () C:\Users\Alec\SkyDrive
2014-12-26 07:56 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-26 07:56 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-26 07:56 - 2012-08-31 05:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-26 07:55 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-26 07:55 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 12:53 - 2014-08-27 06:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-24 05:29 - 2014-09-22 06:18 - 00000000 ___RD () C:\Users\Alec\iCloudDrive
2014-12-23 18:28 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-19 14:12 - 2013-01-04 14:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 14:12 - 2013-01-04 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-15 18:40 - 2013-10-03 13:23 - 00000000 ____D () C:\Users\Alec\AppData\Local\3AF59380-EF1E-49B7-A7C6-475B8EB8A377.aplzod
2014-12-15 07:49 - 2014-07-01 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-12-15 07:40 - 2014-08-27 09:01 - 00000000 ____D () C:\Users\Alec\AppData\Local\Adobe
2014-12-15 07:40 - 2012-08-31 04:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 07:40 - 2012-08-31 04:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 07:40 - 2012-08-31 04:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 22:51 - 2014-07-01 11:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-14 22:23 - 2014-10-19 07:45 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 22:23 - 2012-12-06 18:12 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 10:17 - 2014-07-01 11:18 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-14 10:17 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-12-14 10:16 - 2014-07-01 11:24 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-12-14 10:15 - 2014-07-01 11:20 - 00000000 ____D () C:\Program Files\Canon
2014-12-14 10:03 - 2014-07-01 11:27 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Canon
2014-12-12 18:58 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:05 - 2012-12-20 06:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:08 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:40 - 2012-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:39 - 2013-08-15 04:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:36 - 2012-12-06 19:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:45 - 2012-12-06 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 14:21 - 2014-11-11 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-06 12:01 - 2014-08-27 06:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 05:38

==================== End Of Log ============================



#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 26 December 2014 - 04:52 AM

Running from C:\Users\Alec\Downloads

Would you please follow my instructions?

Merry Christmas!

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 26 December 2014 - 07:19 AM

Hopefully its right this time!!! i am sdory but I cannot see the difference.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2014
Ran by Alec (administrator) on ALEC-PC on 26-12-2014 12:11:59
Running from C:\Users\Alec\Downloads
Loaded Profile: Alec (Available profiles: Alec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\005\mtgaotushb64.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Farbar) C:\Users\Alec\Downloads\FRST64(2).exe
(Farbar) C:\Users\Alec\Downloads\FRST64(2).exe
(Farbar) C:\Users\Alec\Downloads\FRST64(3).exe
(Farbar) C:\Users\Alec\Downloads\FRST64(3).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Alec\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [SkyDrive] => C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-968291121-692904103-2744852466-1001] =>
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\searchplugins\google-avast.xml
FF Extension: iCloud Bookmarks - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: LastPass - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\support@lastpass.com [2014-08-19]
FF Extension: Wiktionary and Google Translate - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\googledictionary@toptip.ca.xpi [2014-09-14]
FF Extension: Cashback Notifier - TopCashback - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\notifier@topcashback.com.xpi [2014-11-06]
FF Extension: Thumbnail Zoom Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-09-14]
FF Extension: Google Translator for Firefox - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\translator@zoli.bod.xpi [2014-09-14]
FF Extension: Adblock Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28]
CHR Extension: (Google Drive) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (Dualless) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2014-07-16]
CHR Extension: (YouTube) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google Search) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (laess2pay) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifbmjadegaajdlnieihbfmbllnbiddi [2014-06-16]
CHR Extension: (RealPlayer Downloader) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-28]
CHR Extension: (Benchwarmer  Dribbble for Chrome Tabs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdjhhpjicomphhjpehdhjenbaamdpnn [2014-06-30]
CHR Extension: (Google Wallet) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Gmail) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]
CHR Extension: (SEO Analysis with Seoptimer) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbjgemahdghhnelnlihpflpdkkmmgj [2014-06-16]
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AllDaySavingsService64; C:\Program Files (x86)\5176EA87-B7D4-4E04-A5D7-CF3FC0AAF7EC\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-06] (Avast Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 mtgaotushb64; C:\Program Files\005\mtgaotushb64.exe [709120 2014-08-06] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-18] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-24] (RaMMicHaeL)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-06] (Avast Software)
S1 netfilter64; system32\drivers\netfilter64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 12:09 - 2014-12-26 12:09 - 02122240 _____ (Farbar) C:\Users\Alec\Downloads\FRST64(3).exe
2014-12-26 12:07 - 2014-12-26 12:07 - 02122240 _____ (Farbar) C:\Users\Alec\Downloads\FRST64(2).exe
2014-12-26 12:06 - 2014-12-26 12:06 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-26 12:06 - 2014-12-06 12:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-26 08:27 - 2014-12-26 08:28 - 02122240 _____ (Farbar) C:\Users\Alec\Downloads\FRST64(1).exe
2014-12-26 07:59 - 2014-12-26 07:59 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-59-24.097-AvastVBoxSVC.exe-5044.log
2014-12-25 12:56 - 2014-12-25 12:56 - 00000197 _____ () C:\Windows\system32\2014-12-25-12-56-54.098-AvastVBoxSVC.exe-4204.log
2014-12-24 19:11 - 2014-12-24 19:12 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-11-56.099-aswFe.exe-1948.log
2014-12-24 19:06 - 2014-12-24 19:11 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-06-36.078-aswFe.exe-3552.log
2014-12-24 19:06 - 2014-12-24 19:06 - 00000197 _____ () C:\Windows\system32\2014-12-24-19-06-29.009-AvastVBoxSVC.exe-3968.log
2014-12-24 19:05 - 2014-12-24 19:05 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 09:27 - 2014-12-24 09:27 - 00000247 _____ () C:\Windows\system32\2014-12-24-09-27-50.000-aswFe.exe-3320.log
2014-12-24 09:27 - 2014-12-24 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-24-09-27-42.045-AvastVBoxSVC.exe-4968.log
2014-12-24 06:35 - 2014-12-24 06:35 - 00000197 _____ () C:\Windows\system32\2014-12-24-06-35-54.095-AvastVBoxSVC.exe-4568.log
2014-12-24 05:57 - 2014-12-24 05:57 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(2).msi
2014-12-24 05:56 - 2014-12-24 06:08 - 00002931 _____ () C:\Users\Alec\Desktop\HiJackThis.lnk
2014-12-24 05:56 - 2014-12-24 06:08 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-12-24 05:56 - 2014-12-24 05:56 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-12-24 05:54 - 2014-12-24 05:54 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(1).msi
2014-12-24 05:50 - 2014-12-24 05:50 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-50-38.055-AvastVBoxSVC.exe-4480.log
2014-12-24 05:45 - 2014-12-24 05:45 - 00000000 ____D () C:\Windows\pss
2014-12-24 05:30 - 2014-12-24 05:31 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-30-56.023-AvastVBoxSVC.exe-5180.log
2014-12-24 05:28 - 2014-12-26 07:55 - 00000392 _____ () C:\Windows\setupact.log
2014-12-24 05:28 - 2014-12-24 05:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 20:19 - 2014-12-23 20:19 - 00003120 _____ () C:\Windows\System32\Tasks\{D96BFE7B-389E-4D84-855A-639DF29CEBB9}
2014-12-23 20:11 - 2014-12-23 20:11 - 00014592 _____ () C:\Users\Alec\Downloads\hijackthis.log
2014-12-23 19:52 - 2014-12-23 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-23-19-52-40.002-AvastVBoxSVC.exe-2996.log
2014-12-23 18:24 - 2014-12-23 18:24 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-24-40.035-AvastVBoxSVC.exe-5148.log
2014-12-23 18:16 - 2014-12-23 18:16 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-16-26.011-AvastVBoxSVC.exe-6128.log
2014-12-22 17:55 - 2014-12-22 17:55 - 00000197 _____ () C:\Windows\system32\2014-12-22-17-55-38.035-AvastVBoxSVC.exe-5204.log
2014-12-22 07:04 - 2014-12-22 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-04-28.086-AvastVBoxSVC.exe-5048.log
2014-12-21 16:56 - 2014-12-21 16:56 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-56-28.064-AvastVBoxSVC.exe-5488.log
2014-12-21 08:00 - 2014-12-21 08:00 - 00000197 _____ () C:\Windows\system32\2014-12-21-08-00-38.011-AvastVBoxSVC.exe-1028.log
2014-12-20 10:07 - 2014-12-20 10:07 - 00000197 _____ () C:\Windows\system32\2014-12-20-10-07-58.033-AvastVBoxSVC.exe-1868.log
2014-12-20 07:10 - 2014-12-20 07:10 - 00000197 _____ () C:\Windows\system32\2014-12-20-07-10-27.032-AvastVBoxSVC.exe-3028.log
2014-12-19 16:25 - 2014-12-19 16:25 - 00083086 _____ () C:\Users\Alec\Documents\envelope18.html
2014-12-19 14:12 - 2014-12-19 14:12 - 05317104 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup501.exe
2014-12-19 14:04 - 2014-12-19 14:04 - 00000197 _____ () C:\Windows\system32\2014-12-19-14-04-48.035-AvastVBoxSVC.exe-5216.log
2014-12-19 06:51 - 2014-12-19 06:51 - 00000197 _____ () C:\Windows\system32\2014-12-19-06-51-47.074-AvastVBoxSVC.exe-5396.log
2014-12-18 10:22 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:22 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:14 - 2014-12-18 10:14 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-14-24.091-AvastVBoxSVC.exe-5236.log
2014-12-17 07:48 - 2014-12-17 07:48 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-48-53.017-AvastVBoxSVC.exe-6032.log
2014-12-16 20:38 - 2014-12-16 20:38 - 00000197 _____ () C:\Windows\system32\2014-12-16-20-38-51.067-AvastVBoxSVC.exe-3788.log
2014-12-16 09:32 - 2014-12-16 09:32 - 00000197 _____ () C:\Windows\system32\2014-12-16-09-32-46.075-AvastVBoxSVC.exe-5740.log
2014-12-16 06:26 - 2014-12-16 06:26 - 00000197 _____ () C:\Windows\system32\2014-12-16-06-26-07.026-AvastVBoxSVC.exe-5032.log
2014-12-15 17:31 - 2014-12-15 17:31 - 00000197 _____ () C:\Windows\system32\2014-12-15-17-31-07.011-AvastVBoxSVC.exe-4976.log
2014-12-15 17:25 - 2014-12-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-15 16:06 - 2014-12-15 16:07 - 00000197 _____ () C:\Windows\system32\2014-12-15-16-06-59.004-AvastVBoxSVC.exe-2688.log
2014-12-15 10:02 - 2014-12-15 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-02-42.032-AvastVBoxSVC.exe-4144.log
2014-12-15 07:40 - 2014-12-15 07:40 - 00000197 _____ () C:\Windows\system32\2014-12-15-07-40-34.072-AvastVBoxSVC.exe-5236.log
2014-12-14 22:19 - 2014-12-14 22:19 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-19-56.071-AvastVBoxSVC.exe-5832.log
2014-12-14 10:18 - 2014-12-14 13:07 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonEPP
2014-12-14 10:17 - 2014-12-14 10:17 - 00002011 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-12-14 10:16 - 2014-12-14 10:16 - 27110984 _____ () C:\Users\Alec\Downloads\mp68-win-mg5500-1_02-ea32_2.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 18280024 _____ () C:\Users\Alec\Downloads\ewpx-win-1_5_0-ea23.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 09625160 _____ () C:\Users\Alec\Downloads\qm__-win-2_4_1-ea31_2.exe
2014-12-14 10:14 - 2014-12-14 10:14 - 05541448 _____ () C:\Users\Alec\Downloads\mypr-win-3_2_1-ea11_2.exe
2014-12-14 10:12 - 2014-12-14 10:13 - 306527824 _____ () C:\Users\Alec\Downloads\mig_-win-3_0_1-ea31_2.exe
2014-12-14 10:11 - 2014-12-14 10:11 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en(1).exe
2014-12-14 10:06 - 2014-12-14 10:06 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en.exe
2014-12-14 09:59 - 2014-12-14 10:03 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-12-14 08:20 - 2014-12-14 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-20-11.042-AvastVBoxSVC.exe-5632.log
2014-12-13 14:44 - 2014-12-13 14:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-14-44-31.082-AvastVBoxSVC.exe-304.log
2014-12-13 07:09 - 2014-12-13 07:09 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-09-12.093-AvastVBoxSVC.exe-1892.log
2014-12-13 07:07 - 2014-12-25 12:53 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-13 07:07 - 2014-12-25 12:53 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-12 17:01 - 2014-12-12 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-01-07.054-AvastVBoxSVC.exe-6116.log
2014-12-12 09:48 - 2014-12-12 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-48-10.053-AvastVBoxSVC.exe-4068.log
2014-12-12 09:04 - 2014-12-12 09:04 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-04-08.081-AvastVBoxSVC.exe-1324.log
2014-12-10 10:11 - 2014-12-10 10:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-10-11-19.081-AvastVBoxSVC.exe-3468.log
2014-12-10 10:08 - 2014-12-10 10:08 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 07:35 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:35 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:35 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:35 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:26 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:26 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:25 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:25 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:25 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:25 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:25 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:25 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:25 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:25 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:25 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:25 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:25 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:25 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:25 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:25 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:25 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:25 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:25 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:25 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:25 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:25 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:25 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:25 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:25 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:25 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:25 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:25 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:25 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:25 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:48 - 2014-12-09 17:48 - 00000197 _____ () C:\Windows\system32\2014-12-09-17-48-44.034-AvastVBoxSVC.exe-3400.log
2014-12-09 14:08 - 2014-12-09 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 07:04 - 2014-12-09 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-09-07-04-19.088-AvastVBoxSVC.exe-5352.log
2014-12-08 14:54 - 2014-12-08 14:54 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-54-47.062-AvastVBoxSVC.exe-5992.log
2014-12-08 06:48 - 2014-12-08 06:49 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-48-58.059-AvastVBoxSVC.exe-4752.log
2014-12-07 20:31 - 2014-12-07 20:31 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-31-50.022-AvastVBoxSVC.exe-4972.log
2014-12-07 20:20 - 2014-12-07 20:21 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-20-30.046-AvastVBoxSVC.exe-4568.log
2014-12-07 07:36 - 2014-12-07 07:36 - 05162080 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup500.exe
2014-12-06 12:23 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-23-55.065-aswFe.exe-4380.log
2014-12-06 12:18 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-18-28.057-aswFe.exe-3048.log
2014-12-06 12:18 - 2014-12-06 12:18 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-18-25.087-AvastVBoxSVC.exe-2076.log
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-06 12:01 - 2014-12-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 12:01 - 2014-12-06 12:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 12:12 - 2014-03-16 20:05 - 00000000 ____D () C:\FRST
2014-12-26 12:11 - 2014-03-16 20:05 - 00021150 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-12-26 12:06 - 2014-08-27 06:18 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-26 12:05 - 2012-08-31 06:36 - 01468415 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 12:05 - 2012-08-31 04:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 08:04 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 08:04 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 07:56 - 2012-12-10 12:51 - 00000000 ___RD () C:\Users\Alec\SkyDrive
2014-12-26 07:56 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-26 07:56 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-26 07:56 - 2012-08-31 05:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-26 07:55 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-26 07:55 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-24 05:29 - 2014-09-22 06:18 - 00000000 ___RD () C:\Users\Alec\iCloudDrive
2014-12-23 18:28 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-19 14:12 - 2013-01-04 14:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 14:12 - 2013-01-04 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-15 18:40 - 2013-10-03 13:23 - 00000000 ____D () C:\Users\Alec\AppData\Local\3AF59380-EF1E-49B7-A7C6-475B8EB8A377.aplzod
2014-12-15 07:49 - 2014-07-01 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-12-15 07:40 - 2014-08-27 09:01 - 00000000 ____D () C:\Users\Alec\AppData\Local\Adobe
2014-12-15 07:40 - 2012-08-31 04:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 07:40 - 2012-08-31 04:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 07:40 - 2012-08-31 04:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 22:51 - 2014-07-01 11:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-14 22:23 - 2014-10-19 07:45 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 22:23 - 2012-12-06 18:12 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 10:17 - 2014-07-01 11:18 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-14 10:17 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-12-14 10:16 - 2014-07-01 11:24 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-12-14 10:15 - 2014-07-01 11:20 - 00000000 ____D () C:\Program Files\Canon
2014-12-14 10:03 - 2014-07-01 11:27 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Canon
2014-12-12 18:58 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:05 - 2012-12-20 06:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:08 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:40 - 2012-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:39 - 2013-08-15 04:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:36 - 2012-12-06 19:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:45 - 2012-12-06 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 14:21 - 2014-11-11 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-06 12:01 - 2014-08-27 06:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 05:38

==================== End Of Log ============================



#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 26 December 2014 - 07:38 AM

Please download FRST (by Farbar) from the link below and save it to your Desktop.

What did you do?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 26 December 2014 - 09:27 AM

I clicked on download mirror 1 saved it to desktop right clicked ;'run as admininstartor' did scan. from edit in result select all, and copy.once again sorry if i am missing something out.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Alec (administrator) on ALEC-PC on 26-12-2014 14:19:39
Running from C:\Users\Alec\Downloads
Loaded Profile: Alec (Available profiles: Alec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\005\mtgaotushb64.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [SkyDrive] => C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-968291121-692904103-2744852466-1001] =>
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\searchplugins\google-avast.xml
FF Extension: iCloud Bookmarks - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: LastPass - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\support@lastpass.com [2014-08-19]
FF Extension: Wiktionary and Google Translate - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\googledictionary@toptip.ca.xpi [2014-09-14]
FF Extension: Cashback Notifier - TopCashback - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\notifier@topcashback.com.xpi [2014-11-06]
FF Extension: Thumbnail Zoom Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-09-14]
FF Extension: Google Translator for Firefox - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\translator@zoli.bod.xpi [2014-09-14]
FF Extension: Adblock Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28]
CHR Extension: (Google Drive) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (Dualless) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2014-07-16]
CHR Extension: (YouTube) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google Search) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (laess2pay) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifbmjadegaajdlnieihbfmbllnbiddi [2014-06-16]
CHR Extension: (RealPlayer Downloader) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-28]
CHR Extension: (Benchwarmer  Dribbble for Chrome Tabs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdjhhpjicomphhjpehdhjenbaamdpnn [2014-06-30]
CHR Extension: (Google Wallet) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Gmail) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]
CHR Extension: (SEO Analysis with Seoptimer) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbjgemahdghhnelnlihpflpdkkmmgj [2014-06-16]
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AllDaySavingsService64; C:\Program Files (x86)\5176EA87-B7D4-4E04-A5D7-CF3FC0AAF7EC\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-06] (Avast Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 mtgaotushb64; C:\Program Files\005\mtgaotushb64.exe [709120 2014-08-06] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-18] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-24] (RaMMicHaeL)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-06] (Avast Software)
S1 netfilter64; system32\drivers\netfilter64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 14:19 - 2014-12-26 14:19 - 00000000 ____D () C:\Users\Alec\Downloads\FRST-OlderVersion
2014-12-26 14:18 - 2014-12-26 14:19 - 00001418 _____ () C:\Users\Alec\Desktop\FRST64(1) - Shortcut.lnk
2014-12-26 12:39 - 2014-12-26 12:39 - 00000247 _____ () C:\Windows\system32\2014-12-26-12-39-23.029-aswFe.exe-4684.log
2014-12-26 12:39 - 2014-12-26 12:39 - 00000197 _____ () C:\Windows\system32\2014-12-26-12-39-16.045-AvastVBoxSVC.exe-4800.log
2014-12-26 12:23 - 2014-12-26 12:23 - 00028056 _____ () C:\Windows\PFRO.log
2014-12-26 12:06 - 2014-12-26 12:06 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-26 12:06 - 2014-12-06 12:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-26 07:59 - 2014-12-26 07:59 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-59-24.097-AvastVBoxSVC.exe-5044.log
2014-12-25 12:56 - 2014-12-25 12:56 - 00000197 _____ () C:\Windows\system32\2014-12-25-12-56-54.098-AvastVBoxSVC.exe-4204.log
2014-12-24 19:11 - 2014-12-24 19:12 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-11-56.099-aswFe.exe-1948.log
2014-12-24 19:06 - 2014-12-24 19:11 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-06-36.078-aswFe.exe-3552.log
2014-12-24 19:06 - 2014-12-24 19:06 - 00000197 _____ () C:\Windows\system32\2014-12-24-19-06-29.009-AvastVBoxSVC.exe-3968.log
2014-12-24 19:05 - 2014-12-24 19:05 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 09:27 - 2014-12-24 09:27 - 00000247 _____ () C:\Windows\system32\2014-12-24-09-27-50.000-aswFe.exe-3320.log
2014-12-24 09:27 - 2014-12-24 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-24-09-27-42.045-AvastVBoxSVC.exe-4968.log
2014-12-24 06:35 - 2014-12-24 06:35 - 00000197 _____ () C:\Windows\system32\2014-12-24-06-35-54.095-AvastVBoxSVC.exe-4568.log
2014-12-24 05:57 - 2014-12-24 05:57 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(2).msi
2014-12-24 05:56 - 2014-12-24 06:08 - 00002931 _____ () C:\Users\Alec\Desktop\HiJackThis.lnk
2014-12-24 05:56 - 2014-12-24 06:08 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-12-24 05:56 - 2014-12-24 05:56 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-12-24 05:54 - 2014-12-24 05:54 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(1).msi
2014-12-24 05:50 - 2014-12-24 05:50 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-50-38.055-AvastVBoxSVC.exe-4480.log
2014-12-24 05:45 - 2014-12-24 05:45 - 00000000 ____D () C:\Windows\pss
2014-12-24 05:30 - 2014-12-24 05:31 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-30-56.023-AvastVBoxSVC.exe-5180.log
2014-12-24 05:28 - 2014-12-26 12:23 - 00000448 _____ () C:\Windows\setupact.log
2014-12-24 05:28 - 2014-12-24 05:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 20:19 - 2014-12-23 20:19 - 00003120 _____ () C:\Windows\System32\Tasks\{D96BFE7B-389E-4D84-855A-639DF29CEBB9}
2014-12-23 20:11 - 2014-12-23 20:11 - 00014592 _____ () C:\Users\Alec\Downloads\hijackthis.log
2014-12-23 19:52 - 2014-12-23 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-23-19-52-40.002-AvastVBoxSVC.exe-2996.log
2014-12-23 18:24 - 2014-12-23 18:24 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-24-40.035-AvastVBoxSVC.exe-5148.log
2014-12-23 18:16 - 2014-12-23 18:16 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-16-26.011-AvastVBoxSVC.exe-6128.log
2014-12-22 17:55 - 2014-12-22 17:55 - 00000197 _____ () C:\Windows\system32\2014-12-22-17-55-38.035-AvastVBoxSVC.exe-5204.log
2014-12-22 07:04 - 2014-12-22 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-04-28.086-AvastVBoxSVC.exe-5048.log
2014-12-21 16:56 - 2014-12-21 16:56 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-56-28.064-AvastVBoxSVC.exe-5488.log
2014-12-21 08:00 - 2014-12-21 08:00 - 00000197 _____ () C:\Windows\system32\2014-12-21-08-00-38.011-AvastVBoxSVC.exe-1028.log
2014-12-20 10:07 - 2014-12-20 10:07 - 00000197 _____ () C:\Windows\system32\2014-12-20-10-07-58.033-AvastVBoxSVC.exe-1868.log
2014-12-20 07:10 - 2014-12-20 07:10 - 00000197 _____ () C:\Windows\system32\2014-12-20-07-10-27.032-AvastVBoxSVC.exe-3028.log
2014-12-19 16:25 - 2014-12-19 16:25 - 00083086 _____ () C:\Users\Alec\Documents\envelope18.html
2014-12-19 14:12 - 2014-12-19 14:12 - 05317104 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup501.exe
2014-12-19 14:04 - 2014-12-19 14:04 - 00000197 _____ () C:\Windows\system32\2014-12-19-14-04-48.035-AvastVBoxSVC.exe-5216.log
2014-12-19 06:51 - 2014-12-19 06:51 - 00000197 _____ () C:\Windows\system32\2014-12-19-06-51-47.074-AvastVBoxSVC.exe-5396.log
2014-12-18 10:22 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:22 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:14 - 2014-12-18 10:14 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-14-24.091-AvastVBoxSVC.exe-5236.log
2014-12-17 07:48 - 2014-12-17 07:48 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-48-53.017-AvastVBoxSVC.exe-6032.log
2014-12-16 20:38 - 2014-12-16 20:38 - 00000197 _____ () C:\Windows\system32\2014-12-16-20-38-51.067-AvastVBoxSVC.exe-3788.log
2014-12-16 09:32 - 2014-12-16 09:32 - 00000197 _____ () C:\Windows\system32\2014-12-16-09-32-46.075-AvastVBoxSVC.exe-5740.log
2014-12-16 06:26 - 2014-12-16 06:26 - 00000197 _____ () C:\Windows\system32\2014-12-16-06-26-07.026-AvastVBoxSVC.exe-5032.log
2014-12-15 17:31 - 2014-12-15 17:31 - 00000197 _____ () C:\Windows\system32\2014-12-15-17-31-07.011-AvastVBoxSVC.exe-4976.log
2014-12-15 17:25 - 2014-12-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-15 16:06 - 2014-12-15 16:07 - 00000197 _____ () C:\Windows\system32\2014-12-15-16-06-59.004-AvastVBoxSVC.exe-2688.log
2014-12-15 10:02 - 2014-12-15 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-02-42.032-AvastVBoxSVC.exe-4144.log
2014-12-15 07:40 - 2014-12-15 07:40 - 00000197 _____ () C:\Windows\system32\2014-12-15-07-40-34.072-AvastVBoxSVC.exe-5236.log
2014-12-14 22:19 - 2014-12-14 22:19 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-19-56.071-AvastVBoxSVC.exe-5832.log
2014-12-14 10:18 - 2014-12-14 13:07 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonEPP
2014-12-14 10:17 - 2014-12-14 10:17 - 00002011 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-12-14 10:16 - 2014-12-14 10:16 - 27110984 _____ () C:\Users\Alec\Downloads\mp68-win-mg5500-1_02-ea32_2.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 18280024 _____ () C:\Users\Alec\Downloads\ewpx-win-1_5_0-ea23.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 09625160 _____ () C:\Users\Alec\Downloads\qm__-win-2_4_1-ea31_2.exe
2014-12-14 10:14 - 2014-12-14 10:14 - 05541448 _____ () C:\Users\Alec\Downloads\mypr-win-3_2_1-ea11_2.exe
2014-12-14 10:12 - 2014-12-14 10:13 - 306527824 _____ () C:\Users\Alec\Downloads\mig_-win-3_0_1-ea31_2.exe
2014-12-14 10:11 - 2014-12-14 10:11 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en(1).exe
2014-12-14 10:06 - 2014-12-14 10:06 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en.exe
2014-12-14 09:59 - 2014-12-14 10:03 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-12-14 08:20 - 2014-12-14 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-20-11.042-AvastVBoxSVC.exe-5632.log
2014-12-13 14:44 - 2014-12-13 14:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-14-44-31.082-AvastVBoxSVC.exe-304.log
2014-12-13 07:09 - 2014-12-13 07:09 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-09-12.093-AvastVBoxSVC.exe-1892.log
2014-12-13 07:07 - 2014-12-25 12:53 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-13 07:07 - 2014-12-25 12:53 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-12 17:01 - 2014-12-12 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-01-07.054-AvastVBoxSVC.exe-6116.log
2014-12-12 09:48 - 2014-12-12 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-48-10.053-AvastVBoxSVC.exe-4068.log
2014-12-12 09:04 - 2014-12-12 09:04 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-04-08.081-AvastVBoxSVC.exe-1324.log
2014-12-10 10:11 - 2014-12-10 10:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-10-11-19.081-AvastVBoxSVC.exe-3468.log
2014-12-10 10:08 - 2014-12-10 10:08 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 07:35 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:35 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:35 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:35 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:26 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:26 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:25 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:25 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:25 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:25 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:25 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:25 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:25 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:25 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:25 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:25 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:25 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:25 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:25 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:25 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:25 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:25 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:25 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:25 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:25 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:25 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:25 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:25 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:25 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:25 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:25 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:25 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:25 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:25 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:48 - 2014-12-09 17:48 - 00000197 _____ () C:\Windows\system32\2014-12-09-17-48-44.034-AvastVBoxSVC.exe-3400.log
2014-12-09 14:08 - 2014-12-09 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 07:04 - 2014-12-09 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-09-07-04-19.088-AvastVBoxSVC.exe-5352.log
2014-12-08 14:54 - 2014-12-08 14:54 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-54-47.062-AvastVBoxSVC.exe-5992.log
2014-12-08 06:48 - 2014-12-08 06:49 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-48-58.059-AvastVBoxSVC.exe-4752.log
2014-12-07 20:31 - 2014-12-07 20:31 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-31-50.022-AvastVBoxSVC.exe-4972.log
2014-12-07 20:20 - 2014-12-07 20:21 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-20-30.046-AvastVBoxSVC.exe-4568.log
2014-12-07 07:36 - 2014-12-07 07:36 - 05162080 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup500.exe
2014-12-06 12:23 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-23-55.065-aswFe.exe-4380.log
2014-12-06 12:18 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-18-28.057-aswFe.exe-3048.log
2014-12-06 12:18 - 2014-12-06 12:18 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-18-25.087-AvastVBoxSVC.exe-2076.log
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-06 12:01 - 2014-12-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 12:01 - 2014-12-06 12:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-26 14:19 - 2014-03-16 20:05 - 02122752 _____ (Farbar) C:\Users\Alec\Downloads\FRST64.exe
2014-12-26 14:19 - 2014-03-16 20:05 - 00020542 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-12-26 14:19 - 2014-03-16 20:05 - 00000000 ____D () C:\FRST
2014-12-26 14:11 - 2012-08-31 06:36 - 01476091 _____ () C:\Windows\WindowsUpdate.log
2014-12-26 14:11 - 2012-08-31 04:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 12:32 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-26 12:32 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-26 12:24 - 2012-12-10 12:51 - 00000000 ___RD () C:\Users\Alec\SkyDrive
2014-12-26 12:24 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-26 12:24 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-26 12:24 - 2012-08-31 05:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-26 12:24 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-26 12:06 - 2014-08-27 06:18 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-26 07:55 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-24 05:29 - 2014-09-22 06:18 - 00000000 ___RD () C:\Users\Alec\iCloudDrive
2014-12-23 18:28 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-19 14:12 - 2013-01-04 14:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 14:12 - 2013-01-04 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-15 18:40 - 2013-10-03 13:23 - 00000000 ____D () C:\Users\Alec\AppData\Local\3AF59380-EF1E-49B7-A7C6-475B8EB8A377.aplzod
2014-12-15 07:49 - 2014-07-01 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-12-15 07:40 - 2014-08-27 09:01 - 00000000 ____D () C:\Users\Alec\AppData\Local\Adobe
2014-12-15 07:40 - 2012-08-31 04:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 07:40 - 2012-08-31 04:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 07:40 - 2012-08-31 04:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 22:51 - 2014-07-01 11:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-14 22:23 - 2014-10-19 07:45 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 22:23 - 2012-12-06 18:12 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 10:17 - 2014-07-01 11:18 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-14 10:17 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-12-14 10:16 - 2014-07-01 11:24 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-12-14 10:15 - 2014-07-01 11:20 - 00000000 ____D () C:\Program Files\Canon
2014-12-14 10:03 - 2014-07-01 11:27 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Canon
2014-12-12 18:58 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:05 - 2012-12-20 06:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:08 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:40 - 2012-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:39 - 2013-08-15 04:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:36 - 2012-12-06 19:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:45 - 2012-12-06 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 14:21 - 2014-11-11 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-06 12:01 - 2014-08-27 06:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 05:38

==================== End Of Log ============================



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 26 December 2014 - 01:10 PM

saved it to desktop

Did you?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 27 December 2014 - 02:51 AM

I think I have. I have tried several other ways.

I have an icon on my desktop which states. 'FRST64 shortcut'.and of course the F icon!



#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 27 December 2014 - 05:01 AM

But we don't want to have a shortcut of FRST on your desktop, we want the FRST64.exe on your Desktop.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 27 December 2014 - 06:57 AM

how do I do that?



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 27 December 2014 - 08:18 AM

Move the FRST64.exe file from C:\Users\Alec\Downloads to your Desktop.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 28 December 2014 - 04:06 AM

hopefully this is now correct.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-12-2014
Ran by Alec at 2014-12-28 08:59:40
Running from C:\Users\Alec\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled Deluxe 1.87 (HKLM-x32\...\Bejeweled Deluxe 1.87) (Version:  - )
Bitdefender Safepay™ (HKLM\...\Bitdefender Safepay) (Version: 1.9.0.239 - Bitdefender)
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BookSmart® 3.4.3 3.4.3 (HKLM-x32\...\BookSmart® 3.4.3 3.4.3) (Version:  - Blurb, Inc)
Brorsoft DVD Ripper Ver 1.4.0.5345 (HKLM-x32\...\{33CA6560-19AE-45c3-A4D1-48EC122A5C18}_is1) (Version:  - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.02 - Canon Inc.)
Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG5500 series User Registration (HKLM-x32\...\Canon MG5500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.8.0 - Conexant)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.5127 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)
Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)
Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Jewel Quest (remove only) (HKLM-x32\...\Jewel Quest) (Version:  - )
Jewel Quest II (remove only) (HKLM-x32\...\Jewel Quest II) (Version:  - )
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes Anti-Malware version 1.65.1.1000 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.1.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\OneDriveSetup.exe) (Version: 17.0.4029.0217 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 17.0.15.7 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.15 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Unchecky v0.3.5 (HKLM-x32\...\Unchecky) (Version: 0.3.5 - RaMMicHaeL)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-968291121-692904103-2744852466-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-968291121-692904103-2744852466-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-968291121-692904103-2744852466-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-968291121-692904103-2744852466-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-968291121-692904103-2744852466-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

07-11-2014 06:52:23 Windows Update
11-11-2014 07:12:50 Windows Update
12-11-2014 11:21:54 Windows Update
18-11-2014 07:53:20 Windows Update
19-11-2014 08:37:41 Windows Update
05-12-2014 20:23:05 Windows Update
06-12-2014 11:59:57 avast! antivirus system restore point
06-12-2014 12:01:26 Device Driver Package Install: Avast Network Service
09-12-2014 07:27:44 Windows Update
10-12-2014 07:34:09 Windows Update
12-12-2014 09:37:33 Windows Update
16-12-2014 06:29:44 Windows Update
18-12-2014 17:49:34 Windows Update
23-12-2014 06:39:49 Windows Update
24-12-2014 05:55:33 Installed HiJackThis
26-12-2014 08:01:34 Windows Update
26-12-2014 12:05:58 avast! antivirus system restore point
27-12-2014 07:25:27 Removed HiJackThis

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-08-28 18:33 - 2014-12-28 08:45 - 00001993 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com

There are 4 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AA77A4D-733C-4C18-9BF4-408BE924EE20} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-15] (Adobe Systems Incorporated)
Task: {0E786D1F-6D35-4B4E-BF9A-BA613FA31C85} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {149AE187-0C16-485A-895C-F0C0C7E95475} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {3E7098C7-7F7C-4F81-B49D-1E6E7D7EFDFF} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2014-10-29] ()
Task: {462992F6-9D58-4F7E-98E4-F66B0CB1BAD3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-10-30] (RealNetworks, Inc.)
Task: {64BF0A1C-1233-47A1-A928-CA779CE9FB05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {69996E47-22C0-4D0E-8297-8A6FEE31892D} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {6E7AA72C-762B-4B48-B1C3-D2BF2A643B30} - System32\Tasks\{D96BFE7B-389E-4D84-855A-639DF29CEBB9} => pcalua.exe -a C:\Users\Alec\Downloads\HijackThis.exe -d C:\Users\Alec\Downloads
Task: {8C4625C6-B9CD-475E-BFCC-344A17FE64DA} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-26] (RealNetworks, Inc.)
Task: {AA0C3F50-E58A-417A-B83A-43A34469B0DF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-06] (AVAST Software)
Task: {D12E5FEC-749A-4854-BB2D-DD0A2D323541} - System32\Tasks\Games\UpdateCheck_S-1-5-21-968291121-692904103-2744852466-1001
Task: {F1612A6D-2F10-4205-A33A-1E0C4DA3AF5D} - System32\Tasks\{29224737-8C86-4C4F-ACBE-F85165481476} => C:\Program Files (x86)\hijack\Trend Micro\HiJackThis\HiJackThis.exe
Task: {F424BB61-3732-4CAE-BF6D-653B547F25A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F62FF816-2833-4C19-BF64-D4517C5932F2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-12-06 16:28 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-07-01 11:26 - 2013-05-14 09:50 - 00140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-08-06 09:46 - 2014-08-06 09:46 - 00709120 _____ () C:\Program Files\005\mtgaotushb64.exe
2014-10-26 22:59 - 2014-10-26 22:59 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-10-30 05:41 - 2014-10-30 05:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-08-31 05:03 - 2012-01-27 02:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-12-06 12:00 - 2014-12-06 12:00 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-06 12:00 - 2014-12-06 12:00 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-12-27 11:55 - 2014-12-27 11:55 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122700\algo.dll
2014-12-06 12:00 - 2014-12-06 12:00 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-28 08:45 - 2014-12-28 08:45 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122701\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-25 15:14 - 2014-09-25 15:14 - 00081056 _____ () C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2014-06-30 06:37 - 2014-11-18 10:14 - 00865880 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2014-10-30 05:41 - 2014-10-30 05:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll
2014-12-06 12:01 - 2014-12-06 12:01 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 17:32 - 2014-10-16 17:32 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-08-31 04:57 - 2012-02-01 21:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2012-08-31 04:55 - 2011-12-16 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00270016 _____ () C:\Program Files (x86)\Windows Live\Writer\en\WindowsLive.Writer.Localization.resources.dll
2014-03-31 20:35 - 2014-03-31 20:35 - 00270016 _____ () C:\Program Files (x86)\Windows Live\Writer\en-GB\WindowsLive.Writer.Localization.resources.dll
2014-12-09 14:08 - 2014-12-09 14:08 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Alec\Documents\09072009.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\09072009_001.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\20122008(001).jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\20122008.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Alec card2.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Alec card3.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\baby nu nu:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Back up:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\birds of a feather2 Your Travelodge Invoice.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\birds of a feather3 Travelodge Insurance.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\birds of feather 1.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\Blackbox - Right On Time.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Can I go now.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Cher - It's In His Kiss (The Shoop Shoop Song)(1).mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\chris passport.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\DCIM:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\dishwasher Homebase - Thank you for your order number 4050052333.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\Dont wanna play the game.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Downloads:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\DSCF0035.JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Emailing_ img041, img040.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\florida. 2009 084 (1).jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\florida. 2009 084.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Game over.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Give me a call.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\I am so in love with you.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\img004.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\img005.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\jamie14.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\jb (Small).JPG:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Just another fool.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\My Webs:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\myphotobook:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\o2mms.jpg:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\play com.eml:OECustomProperty
AlternateDataStreams: C:\Users\Alec\Documents\RCT3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Recycle Bin:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\restore:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Soulmate.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Sues invoices:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Tell me babe.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Tictac classic.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\Wizard - I Wish It Could Be Christmas Everyday.mp3:Roxio EMC Stream
AlternateDataStreams: C:\Users\Alec\Documents\You know you got it.mp3:Roxio EMC Stream
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass FF RunOnce.lnk => C:\Windows\pss\Install LastPass FF RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Install LastPass IE RunOnce.lnk => C:\Windows\pss\Install LastPass IE RunOnce.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RealDownloader => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-968291121-692904103-2744852466-500 - Administrator - Disabled)
Alec (S-1-5-21-968291121-692904103-2744852466-1001 - Administrator - Enabled) => C:\Users\Alec
Guest (S-1-5-21-968291121-692904103-2744852466-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-968291121-692904103-2744852466-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: netfilter64
Description: netfilter64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: netfilter64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2014 08:47:01 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
 failed with 2

Error: (12/28/2014 08:45:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/27/2014 07:11:52 AM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64SvcInit, failed to connect to driver, status: -1
 failed with 2

Error: (12/27/2014 07:10:40 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/26/2014 02:52:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5086

Error: (12/26/2014 02:52:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5086

Error: (12/26/2014 02:52:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 02:52:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4088

Error: (12/26/2014 02:52:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4088

Error: (12/26/2014 02:52:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (12/28/2014 08:47:01 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AllDaySavingsService64 service terminated with service-specific error %%-1.

Error: (12/28/2014 08:47:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The netfilter64 service failed to start due to the following error:
%%2

Error: (12/28/2014 08:47:00 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error:
%%5

Error: (12/28/2014 08:46:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
netfilter64

Error: (12/28/2014 08:46:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The AllDaySavingsService64 service hung on starting.

Error: (12/27/2014 07:11:54 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for Type with the following error:
%%5

Error: (12/27/2014 07:11:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
netfilter64

Error: (12/27/2014 07:11:52 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AllDaySavingsService64 service terminated with service-specific error %%-1.

Error: (12/27/2014 07:11:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The netfilter64 service failed to start due to the following error:
%%2

Error: (12/27/2014 07:11:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The AllDaySavingsService64 service hung on starting.


Microsoft Office Sessions:
=========================
Error: (08/07/2014 04:41:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 46 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 58%
Total physical RAM: 3974.15 MB
Available physical RAM: 1665.78 MB
Total Pagefile: 7946.48 MB
Available Pagefile: 5297.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.62 GB) (Free:318.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 53EC0F8C)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-12-2014
Ran by Alec (administrator) on ALEC-PC on 28-12-2014 08:58:31
Running from C:\Users\Alec\Desktop
Loaded Profile: Alec (Available profiles: Alec)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\005\mtgaotushb64.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [729272 2014-01-28] (Nico Mak Computing)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-12] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [SkyDrive] => C:\Users\Alec\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\S-1-5-21-968291121-692904103-2744852466-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-968291121-692904103-2744852466-1001] =>
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {ED858D4C-395F-4623-987B-B420994790C9} ->  No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: https://www.google.com/?trackid=sp-006
FF Keyword.URL: https://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.15 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.15.10 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF SearchPlugin: C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\searchplugins\google-avast.xml
FF Extension: iCloud Bookmarks - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\firefoxdav@icloud.com [2014-11-15]
FF Extension: LastPass - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\support@lastpass.com [2014-08-19]
FF Extension: Wiktionary and Google Translate - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\googledictionary@toptip.ca.xpi [2014-09-14]
FF Extension: Cashback Notifier - TopCashback - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\notifier@topcashback.com.xpi [2014-11-06]
FF Extension: Thumbnail Zoom Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-09-14]
FF Extension: Google Translator for Firefox - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\translator@zoli.bod.xpi [2014-09-14]
FF Extension: Adblock Plus - C:\Users\Alec\AppData\Roaming\Mozilla\Firefox\Profiles\6x8hhl8x.default-1407407482348\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-09-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-11-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11]
FF HKLM-x32\...\Firefox\Extensions: [{338950EA-82DB-44C1-930D-0C28E023C9F0}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - wrc@avast.com [Not Found]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-28]
CHR Extension: (Google Drive) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
CHR Extension: (Dualless) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgdpkilkheacbboffppjgceiplijhfpd [2014-07-16]
CHR Extension: (YouTube) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-28]
CHR Extension: (Google Search) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-28]
CHR Extension: (laess2pay) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifbmjadegaajdlnieihbfmbllnbiddi [2014-06-16]
CHR Extension: (RealPlayer Downloader) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-28]
CHR Extension: (Benchwarmer  Dribbble for Chrome Tabs) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdjhhpjicomphhjpehdhjenbaamdpnn [2014-06-30]
CHR Extension: (Google Wallet) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28]
CHR Extension: (Gmail) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-28]
CHR Extension: (SEO Analysis with Seoptimer) - C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pplbjgemahdghhnelnlihpflpdkkmmgj [2014-06-16]
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-06]
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2014-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AllDaySavingsService64; C:\Program Files (x86)\5176EA87-B7D4-4E04-A5D7-CF3FC0AAF7EC\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-06] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-06] (Avast Software)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 mtgaotushb64; C:\Program Files\005\mtgaotushb64.exe [709120 2014-08-06] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-10-26] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-11-18] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [31856 2014-10-30] ()
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2014-12-24] (RaMMicHaeL)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-02-08] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-06] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-19] (Siliten)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-06] (Avast Software)
S1 netfilter64; system32\drivers\netfilter64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 08:58 - 2014-12-28 08:59 - 00020929 _____ () C:\Users\Alec\Desktop\FRST.txt
2014-12-27 07:46 - 2014-12-27 07:47 - 00047032 _____ () C:\Users\Alec\Downloads\FRST.txt
2014-12-27 07:32 - 2014-12-27 07:32 - 02122752 _____ (Farbar) C:\Users\Alec\Desktop\FRST64.exe
2014-12-26 12:39 - 2014-12-26 12:39 - 00000247 _____ () C:\Windows\system32\2014-12-26-12-39-23.029-aswFe.exe-4684.log
2014-12-26 12:39 - 2014-12-26 12:39 - 00000197 _____ () C:\Windows\system32\2014-12-26-12-39-16.045-AvastVBoxSVC.exe-4800.log
2014-12-26 12:23 - 2014-12-26 12:23 - 00028056 _____ () C:\Windows\PFRO.log
2014-12-26 12:06 - 2014-12-26 12:06 - 00001926 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-26 12:06 - 2014-12-06 12:01 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-26 07:59 - 2014-12-26 07:59 - 00000197 _____ () C:\Windows\system32\2014-12-26-07-59-24.097-AvastVBoxSVC.exe-5044.log
2014-12-25 12:56 - 2014-12-25 12:56 - 00000197 _____ () C:\Windows\system32\2014-12-25-12-56-54.098-AvastVBoxSVC.exe-4204.log
2014-12-24 19:11 - 2014-12-24 19:12 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-11-56.099-aswFe.exe-1948.log
2014-12-24 19:06 - 2014-12-24 19:11 - 00000247 _____ () C:\Windows\system32\2014-12-24-19-06-36.078-aswFe.exe-3552.log
2014-12-24 19:06 - 2014-12-24 19:06 - 00000197 _____ () C:\Windows\system32\2014-12-24-19-06-29.009-AvastVBoxSVC.exe-3968.log
2014-12-24 19:05 - 2014-12-24 19:05 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-24 09:27 - 2014-12-24 09:27 - 00000247 _____ () C:\Windows\system32\2014-12-24-09-27-50.000-aswFe.exe-3320.log
2014-12-24 09:27 - 2014-12-24 09:27 - 00000197 _____ () C:\Windows\system32\2014-12-24-09-27-42.045-AvastVBoxSVC.exe-4968.log
2014-12-24 06:35 - 2014-12-24 06:35 - 00000197 _____ () C:\Windows\system32\2014-12-24-06-35-54.095-AvastVBoxSVC.exe-4568.log
2014-12-24 05:57 - 2014-12-24 05:57 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(2).msi
2014-12-24 05:54 - 2014-12-24 05:54 - 01402880 _____ () C:\Users\Alec\Downloads\HiJackThis(1).msi
2014-12-24 05:50 - 2014-12-24 05:50 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-50-38.055-AvastVBoxSVC.exe-4480.log
2014-12-24 05:45 - 2014-12-24 05:45 - 00000000 ____D () C:\Windows\pss
2014-12-24 05:30 - 2014-12-24 05:31 - 00000197 _____ () C:\Windows\system32\2014-12-24-05-30-56.023-AvastVBoxSVC.exe-5180.log
2014-12-24 05:28 - 2014-12-28 08:45 - 00000560 _____ () C:\Windows\setupact.log
2014-12-24 05:28 - 2014-12-24 05:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-23 20:19 - 2014-12-23 20:19 - 00003120 _____ () C:\Windows\System32\Tasks\{D96BFE7B-389E-4D84-855A-639DF29CEBB9}
2014-12-23 20:11 - 2014-12-23 20:11 - 00014592 _____ () C:\Users\Alec\Downloads\hijackthis.log
2014-12-23 19:52 - 2014-12-23 19:52 - 00000197 _____ () C:\Windows\system32\2014-12-23-19-52-40.002-AvastVBoxSVC.exe-2996.log
2014-12-23 18:24 - 2014-12-23 18:24 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-24-40.035-AvastVBoxSVC.exe-5148.log
2014-12-23 18:16 - 2014-12-23 18:16 - 00000197 _____ () C:\Windows\system32\2014-12-23-18-16-26.011-AvastVBoxSVC.exe-6128.log
2014-12-22 17:55 - 2014-12-22 17:55 - 00000197 _____ () C:\Windows\system32\2014-12-22-17-55-38.035-AvastVBoxSVC.exe-5204.log
2014-12-22 07:04 - 2014-12-22 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-22-07-04-28.086-AvastVBoxSVC.exe-5048.log
2014-12-21 16:56 - 2014-12-21 16:56 - 00000197 _____ () C:\Windows\system32\2014-12-21-16-56-28.064-AvastVBoxSVC.exe-5488.log
2014-12-21 08:00 - 2014-12-21 08:00 - 00000197 _____ () C:\Windows\system32\2014-12-21-08-00-38.011-AvastVBoxSVC.exe-1028.log
2014-12-20 10:07 - 2014-12-20 10:07 - 00000197 _____ () C:\Windows\system32\2014-12-20-10-07-58.033-AvastVBoxSVC.exe-1868.log
2014-12-20 07:10 - 2014-12-20 07:10 - 00000197 _____ () C:\Windows\system32\2014-12-20-07-10-27.032-AvastVBoxSVC.exe-3028.log
2014-12-19 16:25 - 2014-12-19 16:25 - 00083086 _____ () C:\Users\Alec\Documents\envelope18.html
2014-12-19 14:12 - 2014-12-19 14:12 - 05317104 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup501.exe
2014-12-19 14:04 - 2014-12-19 14:04 - 00000197 _____ () C:\Windows\system32\2014-12-19-14-04-48.035-AvastVBoxSVC.exe-5216.log
2014-12-19 06:51 - 2014-12-19 06:51 - 00000197 _____ () C:\Windows\system32\2014-12-19-06-51-47.074-AvastVBoxSVC.exe-5396.log
2014-12-18 10:22 - 2014-12-13 05:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:22 - 2014-12-13 03:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-18 10:14 - 2014-12-18 10:14 - 00000197 _____ () C:\Windows\system32\2014-12-18-10-14-24.091-AvastVBoxSVC.exe-5236.log
2014-12-17 07:48 - 2014-12-17 07:48 - 00000197 _____ () C:\Windows\system32\2014-12-17-07-48-53.017-AvastVBoxSVC.exe-6032.log
2014-12-16 20:38 - 2014-12-16 20:38 - 00000197 _____ () C:\Windows\system32\2014-12-16-20-38-51.067-AvastVBoxSVC.exe-3788.log
2014-12-16 09:32 - 2014-12-16 09:32 - 00000197 _____ () C:\Windows\system32\2014-12-16-09-32-46.075-AvastVBoxSVC.exe-5740.log
2014-12-16 06:26 - 2014-12-16 06:26 - 00000197 _____ () C:\Windows\system32\2014-12-16-06-26-07.026-AvastVBoxSVC.exe-5032.log
2014-12-15 17:31 - 2014-12-15 17:31 - 00000197 _____ () C:\Windows\system32\2014-12-15-17-31-07.011-AvastVBoxSVC.exe-4976.log
2014-12-15 17:25 - 2014-12-15 17:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-12-15 16:06 - 2014-12-15 16:07 - 00000197 _____ () C:\Windows\system32\2014-12-15-16-06-59.004-AvastVBoxSVC.exe-2688.log
2014-12-15 10:02 - 2014-12-15 10:02 - 00000197 _____ () C:\Windows\system32\2014-12-15-10-02-42.032-AvastVBoxSVC.exe-4144.log
2014-12-15 07:40 - 2014-12-15 07:40 - 00000197 _____ () C:\Windows\system32\2014-12-15-07-40-34.072-AvastVBoxSVC.exe-5236.log
2014-12-14 22:19 - 2014-12-14 22:19 - 00000197 _____ () C:\Windows\system32\2014-12-14-22-19-56.071-AvastVBoxSVC.exe-5832.log
2014-12-14 10:18 - 2014-12-14 13:07 - 00000000 ___HD () C:\ProgramData\CanonIJMIG
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonIJEPPEX2
2014-12-14 10:18 - 2014-12-14 10:18 - 00000000 ___HD () C:\ProgramData\CanonEPP
2014-12-14 10:17 - 2014-12-14 10:17 - 00002011 _____ () C:\Users\Public\Desktop\Canon IJ Network Tool.lnk
2014-12-14 10:16 - 2014-12-14 10:16 - 27110984 _____ () C:\Users\Alec\Downloads\mp68-win-mg5500-1_02-ea32_2.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 18280024 _____ () C:\Users\Alec\Downloads\ewpx-win-1_5_0-ea23.exe
2014-12-14 10:15 - 2014-12-14 10:15 - 09625160 _____ () C:\Users\Alec\Downloads\qm__-win-2_4_1-ea31_2.exe
2014-12-14 10:14 - 2014-12-14 10:14 - 05541448 _____ () C:\Users\Alec\Downloads\mypr-win-3_2_1-ea11_2.exe
2014-12-14 10:12 - 2014-12-14 10:13 - 306527824 _____ () C:\Users\Alec\Downloads\mig_-win-3_0_1-ea31_2.exe
2014-12-14 10:11 - 2014-12-14 10:11 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en(1).exe
2014-12-14 10:06 - 2014-12-14 10:06 - 60337752 _____ () C:\Users\Alec\Downloads\eppx-win-4_5_0-en.exe
2014-12-14 09:59 - 2014-12-14 10:03 - 00000000 ___HD () C:\ProgramData\CanonIJScan
2014-12-14 08:20 - 2014-12-14 08:20 - 00000197 _____ () C:\Windows\system32\2014-12-14-08-20-11.042-AvastVBoxSVC.exe-5632.log
2014-12-13 14:44 - 2014-12-13 14:44 - 00000197 _____ () C:\Windows\system32\2014-12-13-14-44-31.082-AvastVBoxSVC.exe-304.log
2014-12-13 07:09 - 2014-12-13 07:09 - 00000197 _____ () C:\Windows\system32\2014-12-13-07-09-12.093-AvastVBoxSVC.exe-1892.log
2014-12-13 07:07 - 2014-12-25 12:53 - 00003336 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-13 07:07 - 2014-12-25 12:53 - 00003200 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-968291121-692904103-2744852466-1001
2014-12-12 17:01 - 2014-12-12 17:01 - 00000197 _____ () C:\Windows\system32\2014-12-12-17-01-07.054-AvastVBoxSVC.exe-6116.log
2014-12-12 09:48 - 2014-12-12 09:48 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-48-10.053-AvastVBoxSVC.exe-4068.log
2014-12-12 09:04 - 2014-12-12 09:04 - 00000197 _____ () C:\Windows\system32\2014-12-12-09-04-08.081-AvastVBoxSVC.exe-1324.log
2014-12-10 10:11 - 2014-12-10 10:11 - 00000197 _____ () C:\Windows\system32\2014-12-10-10-11-19.081-AvastVBoxSVC.exe-3468.log
2014-12-10 10:08 - 2014-12-10 10:08 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-10 07:35 - 2014-10-18 02:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-10 07:35 - 2014-10-18 01:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-10 07:35 - 2014-07-07 02:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 02:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 02:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-10 07:35 - 2014-07-07 01:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-10 07:35 - 2014-07-07 01:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-10 07:35 - 2014-07-07 01:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-10 07:35 - 2014-07-07 01:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-10 06:26 - 2014-12-04 02:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-10 06:26 - 2014-12-04 02:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-10 06:26 - 2014-12-01 23:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-10 06:25 - 2014-11-27 01:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-10 06:25 - 2014-11-27 01:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-10 06:25 - 2014-11-22 03:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 06:25 - 2014-11-22 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 06:25 - 2014-11-22 02:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 02:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-10 06:25 - 2014-11-22 02:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 06:25 - 2014-11-22 02:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-10 06:25 - 2014-11-22 02:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 06:25 - 2014-11-22 02:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 02:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-10 06:25 - 2014-11-22 02:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 06:25 - 2014-11-22 02:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 06:25 - 2014-11-22 02:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 02:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-10 06:25 - 2014-11-22 02:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 06:25 - 2014-11-22 02:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-10 06:25 - 2014-11-22 02:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 02:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-10 06:25 - 2014-11-22 02:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 06:25 - 2014-11-22 01:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 06:25 - 2014-11-22 01:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-10 06:25 - 2014-11-22 01:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 06:25 - 2014-11-22 01:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-10 06:25 - 2014-11-22 01:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 06:25 - 2014-11-22 01:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-10 06:25 - 2014-11-22 01:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-10 06:25 - 2014-11-22 01:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 06:25 - 2014-11-22 01:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 06:25 - 2014-11-22 01:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 06:25 - 2014-11-22 01:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 06:25 - 2014-11-22 01:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 06:25 - 2014-11-22 01:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 06:25 - 2014-11-22 01:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-10 06:25 - 2014-11-22 01:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 06:25 - 2014-11-22 01:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 06:25 - 2014-11-22 01:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-10 06:25 - 2014-11-22 01:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 06:25 - 2014-11-22 00:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 06:25 - 2014-11-22 00:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-10 06:25 - 2014-11-11 03:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 02:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-10 06:25 - 2014-11-11 01:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-10 06:25 - 2014-11-08 03:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-10 06:25 - 2014-11-08 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-10 06:25 - 2014-10-30 02:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-10 06:25 - 2014-10-30 01:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-10 06:25 - 2014-10-03 02:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 02:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 02:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-10 06:25 - 2014-10-03 01:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-10 06:25 - 2014-10-03 01:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-10 06:25 - 2014-10-03 01:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-09 17:48 - 2014-12-09 17:48 - 00000197 _____ () C:\Windows\system32\2014-12-09-17-48-44.034-AvastVBoxSVC.exe-3400.log
2014-12-09 14:08 - 2014-12-09 14:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 07:04 - 2014-12-09 07:04 - 00000197 _____ () C:\Windows\system32\2014-12-09-07-04-19.088-AvastVBoxSVC.exe-5352.log
2014-12-08 14:54 - 2014-12-08 14:54 - 00000197 _____ () C:\Windows\system32\2014-12-08-14-54-47.062-AvastVBoxSVC.exe-5992.log
2014-12-08 06:48 - 2014-12-08 06:49 - 00000197 _____ () C:\Windows\system32\2014-12-08-06-48-58.059-AvastVBoxSVC.exe-4752.log
2014-12-07 20:31 - 2014-12-07 20:31 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-31-50.022-AvastVBoxSVC.exe-4972.log
2014-12-07 20:20 - 2014-12-07 20:21 - 00000197 _____ () C:\Windows\system32\2014-12-07-20-20-30.046-AvastVBoxSVC.exe-4568.log
2014-12-07 07:36 - 2014-12-07 07:36 - 05162080 _____ (Piriform Ltd) C:\Users\Alec\Downloads\ccsetup500.exe
2014-12-06 12:23 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-23-55.065-aswFe.exe-4380.log
2014-12-06 12:18 - 2014-12-06 12:23 - 00000247 _____ () C:\Windows\system32\2014-12-06-12-18-28.057-aswFe.exe-3048.log
2014-12-06 12:18 - 2014-12-06 12:18 - 00000197 _____ () C:\Windows\system32\2014-12-06-12-18-25.087-AvastVBoxSVC.exe-2076.log
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-06 12:08 - 2014-12-06 12:08 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-06 12:01 - 2014-12-26 12:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-06 12:01 - 2014-12-06 12:01 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 08:58 - 2014-03-16 20:05 - 00000000 ____D () C:\FRST
2014-12-28 08:56 - 2012-12-10 12:51 - 00000000 ___RD () C:\Users\Alec\SkyDrive
2014-12-28 08:56 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 08:56 - 2009-07-14 04:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 08:52 - 2012-08-31 06:36 - 01516720 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 08:45 - 2014-08-27 06:18 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-28 08:45 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-12-28 08:45 - 2012-08-31 05:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-12-28 08:45 - 2012-08-31 05:02 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-12-28 08:45 - 2009-07-14 05:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 12:03 - 2012-08-31 04:42 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-26 07:55 - 2009-07-14 05:08 - 00032620 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-24 05:29 - 2014-09-22 06:18 - 00000000 ___RD () C:\Users\Alec\iCloudDrive
2014-12-23 18:28 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-19 14:12 - 2013-01-04 14:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-19 14:12 - 2013-01-04 14:46 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-15 18:40 - 2013-10-03 13:23 - 00000000 ____D () C:\Users\Alec\AppData\Local\3AF59380-EF1E-49B7-A7C6-475B8EB8A377.aplzod
2014-12-15 07:49 - 2014-07-01 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-12-15 07:40 - 2014-08-27 09:01 - 00000000 ____D () C:\Users\Alec\AppData\Local\Adobe
2014-12-15 07:40 - 2012-08-31 04:42 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-15 07:40 - 2012-08-31 04:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-15 07:40 - 2012-08-31 04:42 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 22:51 - 2014-07-01 11:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-12-14 22:23 - 2014-10-19 07:45 - 00001137 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-14 22:23 - 2012-12-06 18:12 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-14 10:17 - 2014-07-01 11:18 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-12-14 10:17 - 2009-07-14 03:20 - 00000000 __RSD () C:\Windows\Media
2014-12-14 10:16 - 2014-07-01 11:24 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-12-14 10:15 - 2014-07-01 11:20 - 00000000 ____D () C:\Program Files\Canon
2014-12-14 10:03 - 2014-07-01 11:27 - 00000000 ____D () C:\Users\Alec\AppData\Roaming\Canon
2014-12-12 18:58 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\rescache
2014-12-12 09:05 - 2012-12-20 06:27 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 10:08 - 2014-05-06 11:38 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 10:08 - 2009-07-14 03:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-10 07:40 - 2012-12-06 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 07:39 - 2013-08-15 04:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 07:36 - 2012-12-06 19:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 17:45 - 2012-12-06 18:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 14:21 - 2014-11-11 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-12-06 12:01 - 2014-08-27 06:18 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-06 12:01 - 2014-08-27 06:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 05:38

==================== End Of Log ============================



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:30 AM

Posted 28 December 2014 - 07:32 AM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 atro1

atro1
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:05:30 PM

Posted 29 December 2014 - 03:11 AM

Adware scan

# AdwCleaner v4.106 - Report created 29/12/2014 at 08:06:34
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Alec - ALEC-PC
# Running from : C:\Users\Alec\Downloads\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : AllDaySavingsService64
[#] Service Deleted : netfilter64
Service Deleted : mtgaotushb64

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\dEAl2dealIIt
Folder Deleted : C:\ProgramData\9f1e2c3327c5adf2
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin.com Games
Folder Deleted : C:\Program Files (x86)\iWin.com Games
Folder Deleted : C:\Program Files (x86)\dEAl2dealIIt
Folder Deleted : C:\Program Files\AllDaySavings
Folder Deleted : C:\Program Files\005
Folder Deleted : C:\Users\Alec\AppData\Roaming\iWin
Folder Deleted : C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\Extensions\fifbmjadegaajdlnieihbfmbllnbiddi
File Deleted : C:\Users\Alec\AppData\Roaming\Bubble Dock.installation.log

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\deal2diEaliti.deal2diEaliti
Key Deleted : HKLM\SOFTWARE\Classes\deal2diEaliti.deal2diEaliti.2.0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{77141F4B-B7C7-14C0-089C-B097E18F9799}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{77141F4B-B7C7-14C0-089C-B097E18F9799}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{77141F4B-B7C7-14C0-089C-B097E18F9799}
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKLM\SOFTWARE\SweetIM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D831E399-50FE-84AE-F5F7-0A63AC282464}
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


-\\ Google Chrome v

[C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : fifbmjadegaajdlnieihbfmbllnbiddi
[C:\Users\Alec\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://searchy.easylifeapp.com/

*************************

AdwCleaner[R4].txt - [2776 octets] - [29/12/2014 08:01:06]
AdwCleaner[S3].txt - [2666 octets] - [29/12/2014 08:06:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2726 octets] ##########
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users