Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Raphael's Dad (administrator) on RAPHAELSDAD-PC on 08-07-2015 10:17:53
Running from C:\Users\Raphael's Dad\Desktop
Loaded Profiles: Raphael's Dad (Available Profiles: Raphael's Dad)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BitTorrent Inc.) C:\Users\Raphael's Dad\AppData\Roaming\BitTorrent\BitTorrent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamresearch.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-08] (Avast Software s.r.o.)
HKU\S-1-5-21-2314415000-3786125397-2692526694-1000\...\Run: [BitTorrent] => C:\Users\Raphael's Dad\AppData\Roaming\BitTorrent\BitTorrent.exe [1696104 2015-05-12] (BitTorrent Inc.)
HKU\S-1-5-21-2314415000-3786125397-2692526694-1000\...\Run: [GoogleChromeAutoLaunch_745578EB1C23DB9C76C1EFA86D41776B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-06] (Google Inc.)
HKU\S-1-5-21-2314415000-3786125397-2692526694-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31346784 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2314415000-3786125397-2692526694-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
Startup: C:\Users\Raphael's Dad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk [2015-03-28]
ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-08] (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2314415000-3786125397-2692526694-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-2314415000-3786125397-2692526694-1000 -> DefaultScope {5674F06A-37D1-4610-8194-6641C3A9B2D4} URL =
https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2314415000-3786125397-2692526694-1000 -> {5674F06A-37D1-4610-8194-6641C3A9B2D4} URL =
https://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-08] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-08] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 74.40.74.40
Tcpip\..\Interfaces\{314479DF-52C0-4887-B992-0E50C20E6D69}: [DhcpNameServer] 192.168.1.1 74.40.74.40
FireFox:
========
FF ProfilePath: C:\Users\Raphael's Dad\AppData\Roaming\Mozilla\Firefox\Profiles\j2dws978.default
FF DefaultSearchEngine.US: Google
FF Homepage:
www.kirotv.com
FF NetworkProxy: "type", 0
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Extension: WOT - C:\Users\Raphael's Dad\AppData\Roaming\Mozilla\Firefox\Profiles\j2dws978.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-08]
FF Extension: Adblock Plus - C:\Users\Raphael's Dad\AppData\Roaming\Mozilla\Firefox\Profiles\j2dws978.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [
wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-08]
Chrome:
=======
CHR Profile: C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-20]
CHR Extension: (Google Docs) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-20]
CHR Extension: (Google Drive) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-20]
CHR Extension: (YouTube) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-20]
CHR Extension: (Adblock Plus) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-07-08]
CHR Extension: (Google Search) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-20]
CHR Extension: (Google Sheets) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-20]
CHR Extension: (Avast Online Security) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-11]
CHR Extension: (Skype Click to Call) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-03-11]
CHR Extension: (Google Wallet) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-20]
CHR Extension: (Gmail) - C:\Users\Raphael's Dad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-08] (Avast Software s.r.o.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-08] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-08] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-08] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-08] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-08] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-08] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-08] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-08] ()
R3 bcm44amd64; C:\Windows\System32\DRIVERS\b44amd64.sys [87552 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 10:17 - 2015-07-08 10:18 - 00014637 _____ C:\Users\Raphael's Dad\Desktop\FRST.txt
2015-07-08 10:16 - 2015-07-08 10:18 - 00000000 ____D C:\FRST
2015-07-08 10:16 - 2015-07-08 10:16 - 02112512 _____ (Farbar) C:\Users\Raphael's Dad\Desktop\FRST64.exe
2015-07-08 10:11 - 2015-07-08 10:11 - 00002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-07-08 10:11 - 2015-07-08 10:11 - 00002124 _____ C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-07-08 10:11 - 2015-07-08 10:11 - 00000000 ____D C:\Program Files (x86)\Belarc
2015-07-08 10:00 - 2015-07-08 10:01 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-08 10:00 - 2015-07-08 10:00 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-08 10:00 - 2015-07-08 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-08 10:00 - 2015-07-08 10:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-08 10:00 - 2015-07-08 10:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-08 10:00 - 2015-06-18 09:27 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-08 10:00 - 2015-06-18 09:27 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-08 10:00 - 2015-06-18 09:27 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-08 09:56 - 2015-07-08 09:58 - 00000000 ____D C:\ProgramData\TEMP
2015-07-08 09:56 - 2015-07-08 09:57 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-07-08 09:56 - 2015-07-08 09:56 - 00001083 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-07-08 09:56 - 2015-07-08 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-07-08 09:56 - 2015-07-08 09:56 - 00000000 ____D C:\ProgramData\Licenses
2015-07-08 09:56 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2015-07-08 09:45 - 2015-07-08 09:52 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Local\Mozilla
2015-07-08 09:45 - 2015-07-08 09:45 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\Mozilla
2015-07-08 09:44 - 2015-07-08 09:44 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-08 09:44 - 2015-07-08 09:44 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-08 09:44 - 2015-07-08 09:44 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-08 09:44 - 2015-07-08 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 09:44 - 2015-07-08 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-08 09:06 - 2015-07-08 09:06 - 00000000 ____D C:\SUPERDelete
2015-07-08 09:04 - 2015-07-08 09:04 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\SUPERAntiSpyware.com
2015-07-08 09:03 - 2015-07-08 09:04 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-07-08 09:03 - 2015-07-08 09:03 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2015-07-08 09:03 - 2015-07-08 09:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-07-08 08:55 - 2015-07-08 08:57 - 22457640 _____ (SUPERAntiSpyware) C:\Users\Raphael's Dad\Desktop\SUPERAntiSpyware.exe
2015-07-08 08:51 - 2015-07-08 08:53 - 24344040 _____ (Malwarebytes Corporation ) C:\Users\Raphael's Dad\Desktop\mbam-setup-techspot-2.1.8.1057.exe
2015-07-08 08:25 - 2015-07-08 08:25 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\AVAST Software
2015-07-08 08:22 - 2015-07-08 08:22 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-08 08:22 - 2015-07-08 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-08 08:21 - 2015-07-08 08:21 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-08 08:18 - 2015-07-08 08:21 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-07-08 08:18 - 2015-07-08 08:18 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-08 08:18 - 2015-07-08 08:18 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-07-08 08:18 - 2015-07-08 08:16 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-08 08:17 - 2015-07-08 08:17 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-07-08 08:14 - 2015-07-08 08:14 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-08 08:08 - 2015-07-08 08:09 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-08 07:57 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-08 07:57 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-08 07:57 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-08 07:57 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-08 07:57 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-08 07:57 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-08 07:57 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-08 07:57 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-08 07:57 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-08 07:57 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-08 07:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-08 07:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-08 07:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-08 07:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-21 11:42 - 2015-06-21 11:43 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Alone.S01E01.And.So.It.Begins.HDTV.x264-W4F[ettv]
2015-06-12 15:14 - 2015-06-12 15:42 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Project Almanac (2014)
2015-06-12 14:36 - 2015-06-12 15:10 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Time Lapse (2014)
2015-06-12 12:59 - 2015-06-12 14:24 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Kurt Cobain Montage of Heck (2015) [1080p]
2015-06-12 11:56 - 2015-06-12 12:02 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\The.Big.Bang.Theory.S08E23.HDTV.x264-LOL[ettv]
2015-06-12 11:24 - 2015-06-12 11:38 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Get Hard (2015)
2015-06-09 00:45 - 2015-06-09 01:06 - 00000000 ____D C:\Users\Raphael's Dad\Downloads\Run All Night (2015)
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-08 10:19 - 2014-10-30 08:34 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\BitTorrent
2015-07-08 10:18 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-08 10:18 - 2009-07-13 21:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-08 10:10 - 2014-11-19 19:10 - 00000314 _____ C:\Windows\Tasks\UpdaterEX.job
2015-07-08 09:43 - 2014-10-29 21:28 - 00617470 _____ C:\Windows\WindowsUpdate.log
2015-07-08 09:34 - 2014-11-20 16:02 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-08 09:33 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-08 09:33 - 2009-07-13 21:51 - 00038428 _____ C:\Windows\setupact.log
2015-07-08 09:32 - 2010-11-20 20:47 - 00009004 _____ C:\Windows\PFRO.log
2015-07-08 09:23 - 2014-11-20 16:02 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-08 08:10 - 2009-07-13 22:13 - 00713888 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-08 07:48 - 2015-03-05 13:42 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\Skype
2015-07-08 07:26 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-07 19:43 - 2014-10-31 14:08 - 00000000 ____D C:\Users\Raphael's Dad\AppData\Roaming\vlc
2015-07-07 19:31 - 2014-11-20 16:06 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-14 17:26 - 2015-03-18 11:38 - 00013405 _____ C:\Windows\BRRBCOM.INI
2015-06-13 14:23 - 2015-03-18 11:44 - 00000000 ____D C:\Users\Raphael's Dad\Documents\CE 2015 - Shiraz
Some files in TEMP:
====================
C:\Users\Raphael's Dad\AppData\Local\Temp\install_flash_player_ax.exe
C:\Users\Raphael's Dad\AppData\Local\Temp\install_reader10_en_mssd_aaa_aih.exe
C:\Users\Raphael's Dad\AppData\Local\Temp\install_reader11_en_gtba_chra_dy_aaa_aih[1].exe
C:\Users\Raphael's Dad\AppData\Local\Temp\install_reader11_en_gtba_chra_dy_aaa_aih[1]_1.exe
C:\Users\Raphael's Dad\AppData\Local\Temp\install_reader11_en_gtbd_chrd_dn_aaa_aih[1].exe
C:\Users\Raphael's Dad\AppData\Local\Temp\_isEB80.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 00:07
==================== End of log ============================