Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 01
Ran by Tom (administrator) on TOM-PC on 14-05-2015 13:18:46
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available profiles: Tom)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Promise Technology INC) C:\Windows\SysWOW64\BeepApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [17824256 2009-04-27] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\...\MountPoints2: {2bed5898-8de6-11e0-a2fb-0024e819d949} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\...\MountPoints2: {31b627d4-60f0-11e4-803e-0024e819d949} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1391616 2006-11-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-05-01] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
SearchScopes: HKU\S-1-5-21-3455538325-3860738269-3256896585-1000 -> DefaultScope {0C531029-7982-4909-9DF4-16DB025BFF31} URL = http://www.google.com/search?q={sea...startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3455538325-3860738269-3256896585-1000 -> {0C531029-7982-4909-9DF4-16DB025BFF31} URL = http://www.google.com/search?q={sea...startIndex={startIndex?}&startPage={startPage}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-24] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-05-01] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-05-01] (Avast Software s.r.o.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ge7wrjy.default-1426779424157
FF DefaultSearchEngine.US: Google
FF Homepage: https://flipboard.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-15]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! WebRep) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2014-10-02]
CHR Extension: (Google Wallet) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-03-16] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-05-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-01] (Avast Software)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-05-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-01] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-05-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-01] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-03] (REALiX(tm))
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2007-12-11] (Windows (R) Codename Longhorn DDK provider)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [273824 2015-05-01] (Avast Software)
R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [392704 2008-01-20] (Conexant Systems, Inc.)
R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1523712 2008-01-20] (Conexant Systems, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 13:18 - 2015-05-14 13:19 - 00012956 _____ () C:\Users\Tom\Downloads\FRST.txt.txt
2015-05-14 13:18 - 2015-05-14 13:18 - 00000000 ____D () C:\FRST
2015-05-14 13:02 - 2015-05-14 13:02 - 02105856 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2015-05-13 16:41 - 2015-05-14 12:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 16:41 - 2015-05-13 16:41 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-13 16:23 - 2015-04-19 17:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-05-13 16:23 - 2015-04-19 16:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-13 16:23 - 2015-04-19 16:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-05-13 16:23 - 2015-04-19 16:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-05-13 16:23 - 2015-04-19 16:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 16:23 - 2015-04-17 19:45 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 16:23 - 2015-04-17 19:44 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 16:23 - 2015-04-17 19:35 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 16:23 - 2015-04-17 19:33 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 16:23 - 2015-04-17 19:33 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 16:23 - 2015-04-17 19:30 - 02793472 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:14 - 2015-04-30 12:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:14 - 2015-04-30 11:41 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:04 - 2015-04-30 09:14 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:04 - 2015-04-30 09:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:04 - 2015-04-10 19:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:04 - 2015-04-10 19:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2015-05-13 07:51 - 2015-04-09 19:52 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 07:51 - 2015-04-09 19:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 07:51 - 2015-04-09 19:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 07:51 - 2015-04-09 19:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 07:51 - 2015-04-09 19:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 07:51 - 2015-04-09 19:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 07:51 - 2015-04-09 19:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 07:51 - 2015-04-09 19:14 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 07:51 - 2015-04-09 19:10 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 07:51 - 2015-04-09 19:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 07:51 - 2015-04-09 19:04 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 07:51 - 2015-04-09 19:03 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 07:50 - 2015-04-09 20:10 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 07:50 - 2015-04-09 19:55 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 07:50 - 2015-04-09 19:53 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 07:50 - 2015-04-09 19:48 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 07:50 - 2015-04-09 19:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 07:50 - 2015-04-09 19:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 07:50 - 2015-04-09 19:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-13 07:50 - 2015-04-09 19:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 07:50 - 2015-04-09 19:08 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 07:50 - 2015-04-09 19:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 07:50 - 2015-04-09 19:05 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 07:50 - 2015-04-09 19:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 07:50 - 2015-04-09 19:03 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-13 07:50 - 2015-04-09 19:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-04 17:50 - 2015-05-04 17:51 - 00000368 _____ () C:\Users\Tom\Documents\cc_20150504_175057.reg
2015-05-04 17:47 - 2015-05-04 17:47 - 06484352 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup505.exe
2015-05-01 07:30 - 2015-05-01 07:30 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-01 07:30 - 2015-05-01 07:30 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-23 00:03 - 2015-04-23 00:03 - 00001328 _____ () C:\Users\Tom\Documents\cc_20150423_000314.reg
2015-04-21 19:48 - 2015-04-21 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 18:11 - 2015-04-18 18:11 - 00000420 _____ () C:\Users\Tom\Documents\cc_20150418_181114.reg
2015-04-15 10:34 - 2015-03-04 22:25 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:34 - 2015-03-04 21:58 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:33 - 2015-03-13 22:22 - 01585248 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:33 - 2015-03-13 22:22 - 01168080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:33 - 2015-03-12 21:44 - 04691384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33 - 2015-03-12 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:33 - 2015-03-12 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33 - 2015-03-12 20:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:33 - 2015-03-12 20:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:33 - 2015-03-12 20:08 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:23 - 2015-03-04 22:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:23 - 2015-03-04 22:14 - 00360384 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:23 - 2015-03-04 21:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:22 - 2015-03-08 21:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:22 - 2015-03-08 20:40 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 02:35 - 2015-04-14 02:35 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-04-14 02:35 - 2015-04-14 02:35 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-04-14 02:26 - 2015-04-14 02:26 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-04-14 02:26 - 2015-04-14 02:26 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 12:48 - 2011-10-18 13:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 12:28 - 2006-11-02 11:22 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-14 12:28 - 2006-11-02 11:22 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-14 11:48 - 2011-10-18 13:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 07:40 - 2008-01-20 21:53 - 01197864 ____N () C:\Windows\WindowsUpdate.log
2015-05-13 16:42 - 2011-06-15 18:54 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-13 16:41 - 2012-06-14 17:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-13 16:41 - 2011-06-04 09:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-13 16:34 - 2006-11-02 08:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 16:28 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 16:28 - 2006-11-02 11:21 - 00234888 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 16:26 - 2011-05-12 23:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 16:26 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 16:24 - 2006-11-02 11:42 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-13 16:21 - 2014-10-02 13:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 16:16 - 2006-11-02 08:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 10:04 - 2011-05-12 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 10:04 - 2006-11-02 11:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-05-13 07:44 - 2015-03-24 22:24 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Tom
2015-05-13 07:44 - 2010-10-27 18:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\Deployment
2015-05-13 07:37 - 2014-10-02 10:25 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-11 18:47 - 2015-02-03 23:21 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-06 18:23 - 2015-02-23 16:20 - 00000000 ____D () C:\Users\Tom\Desktop\Pics
2015-05-04 17:48 - 2014-10-02 13:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-01 07:30 - 2014-10-03 08:03 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-01 07:30 - 2014-10-03 08:00 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-01 07:30 - 2014-10-03 08:00 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-01 07:30 - 2011-06-15 19:31 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00065224 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00064712 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-04-24 16:05 - 2014-10-02 10:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 10:31 - 2014-10-02 14:50 - 00752894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2011-11-11 22:48 - 2011-11-12 00:16 - 0000118 _____ () C:\Users\Tom\AppData\Roaming\MIDIMAST.INI
2014-10-06 17:41 - 2014-10-06 17:41 - 0030707 _____ () C:\Users\Tom\AppData\Roaming\UserTile.png
2015-02-24 10:54 - 2015-04-02 11:10 - 0231659 _____ () C:\Users\Tom\AppData\Local\ars.cache
2015-02-24 10:54 - 2015-04-02 11:10 - 0404592 _____ () C:\Users\Tom\AppData\Local\census.cache
2010-10-26 18:47 - 2010-10-26 16:02 - 0000732 _____ () C:\Users\Tom\AppData\Local\d3d9caps64.dat
2010-10-27 18:08 - 2015-03-09 08:26 - 0006656 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-31 21:16 - 2010-10-31 21:16 - 0229834 _____ () C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924MSI15DA.txt
2010-10-31 21:16 - 2010-10-31 21:16 - 0011760 _____ () C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924UI15DA.txt
2010-10-26 15:59 - 2010-10-26 16:00 - 0428498 _____ () C:\Users\Tom\AppData\Local\dd_vcredistMSI1D00.txt
2015-01-26 16:34 - 2015-01-26 16:34 - 0388780 _____ () C:\Users\Tom\AppData\Local\dd_vcredistMSI33D2.txt
2010-10-26 15:59 - 2010-10-26 16:00 - 0012766 _____ () C:\Users\Tom\AppData\Local\dd_vcredistUI1D00.txt
2015-01-26 16:34 - 2015-01-26 16:34 - 0012126 _____ () C:\Users\Tom\AppData\Local\dd_vcredistUI33D2.txt
2015-02-24 10:46 - 2015-02-24 10:46 - 0000036 _____ () C:\Users\Tom\AppData\Local\housecall.guid.cache
2015-03-12 19:23 - 2015-04-02 11:07 - 0000010 _____ () C:\Users\Tom\AppData\Local\sponge.last.runtime.cache
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 04:35
==================== End Of Log ============================
Ran by Tom (administrator) on TOM-PC on 14-05-2015 13:18:46
Running from C:\Users\Tom\Downloads
Loaded Profiles: Tom (Available profiles: Tom)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avast Software) C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\ng\ngservice.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Avast Software s.r.o.) C:\Program Files\Alwil Software\Avast5\avastui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Promise Technology INC) C:\Windows\SysWOW64\BeepApp.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [17824256 2009-04-27] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\...\MountPoints2: {2bed5898-8de6-11e0-a2fb-0024e819d949} - J:\LaunchU3.exe -a
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\...\MountPoints2: {31b627d4-60f0-11e4-803e-0024e819d949} - J:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Aurora.scr [1391616 2006-11-02] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2015-05-01] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-10] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3455538325-3860738269-3256896585-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.msn.com/
SearchScopes: HKU\S-1-5-21-3455538325-3860738269-3256896585-1000 -> DefaultScope {0C531029-7982-4909-9DF4-16DB025BFF31} URL = http://www.google.com/search?q={sea...startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKU\S-1-5-21-3455538325-3860738269-3256896585-1000 -> {0C531029-7982-4909-9DF4-16DB025BFF31} URL = http://www.google.com/search?q={sea...startIndex={startIndex?}&startPage={startPage}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-24] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2015-05-01] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2015-05-01] (Avast Software s.r.o.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 65.32.5.111 65.32.5.112
FireFox:
========
FF ProfilePath: C:\Users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\9ge7wrjy.default-1426779424157
FF DefaultSearchEngine.US: Google
FF Homepage: https://flipboard.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-06-15]
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (avast! WebRep) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2014-10-02]
CHR Extension: (Google Wallet) - C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-03-16] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [343336 2015-05-01] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\Alwil Software\Avast5\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-01] (Avast Software)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-20] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-01] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-05-01] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-01] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-01] (Avast Software s.r.o.)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-05-01] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-01] ()
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-03] (REALiX(tm))
R2 RtNdPt60; C:\Windows\System32\DRIVERS\RtNdPt60.sys [26624 2007-12-11] (Windows (R) Codename Longhorn DDK provider)
R2 VBoxAswDrv; C:\Program Files\Alwil Software\Avast5\ng\vbox\VBoxAswDrv.sys [273824 2015-05-01] (Avast Software)
R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [392704 2008-01-20] (Conexant Systems, Inc.)
R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1523712 2008-01-20] (Conexant Systems, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 13:18 - 2015-05-14 13:19 - 00012956 _____ () C:\Users\Tom\Downloads\FRST.txt.txt
2015-05-14 13:18 - 2015-05-14 13:18 - 00000000 ____D () C:\FRST
2015-05-14 13:02 - 2015-05-14 13:02 - 02105856 _____ (Farbar) C:\Users\Tom\Downloads\FRST64.exe
2015-05-13 16:41 - 2015-05-14 12:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-13 16:41 - 2015-05-13 16:41 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-13 16:23 - 2015-04-19 17:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-05-13 16:23 - 2015-04-19 17:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-05-13 16:23 - 2015-04-19 16:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-13 16:23 - 2015-04-19 16:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-05-13 16:23 - 2015-04-19 16:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-05-13 16:23 - 2015-04-19 16:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 16:23 - 2015-04-17 20:16 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 16:23 - 2015-04-17 19:45 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 16:23 - 2015-04-17 19:44 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 16:23 - 2015-04-17 19:35 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 16:23 - 2015-04-17 19:33 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 16:23 - 2015-04-17 19:33 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 16:23 - 2015-04-17 19:30 - 02793472 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:14 - 2015-04-30 12:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:14 - 2015-04-30 11:41 - 00347648 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:04 - 2015-04-30 09:14 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:04 - 2015-04-30 09:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:04 - 2015-04-10 19:33 - 00384512 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:04 - 2015-04-10 19:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\services.exe
2015-05-13 07:51 - 2015-04-09 19:52 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 07:51 - 2015-04-09 19:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 07:51 - 2015-04-09 19:46 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 07:51 - 2015-04-09 19:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 07:51 - 2015-04-09 19:45 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 07:51 - 2015-04-09 19:45 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 07:51 - 2015-04-09 19:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 07:51 - 2015-04-09 19:14 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 07:51 - 2015-04-09 19:10 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 07:51 - 2015-04-09 19:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 07:51 - 2015-04-09 19:04 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 07:51 - 2015-04-09 19:03 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 07:51 - 2015-04-09 19:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 07:50 - 2015-04-09 20:10 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 07:50 - 2015-04-09 19:55 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 07:50 - 2015-04-09 19:53 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 07:50 - 2015-04-09 19:48 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 07:50 - 2015-04-09 19:46 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 07:50 - 2015-04-09 19:46 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 07:50 - 2015-04-09 19:45 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 07:50 - 2015-04-09 19:45 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-13 07:50 - 2015-04-09 19:45 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 07:50 - 2015-04-09 19:08 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 07:50 - 2015-04-09 19:08 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 07:50 - 2015-04-09 19:05 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 07:50 - 2015-04-09 19:04 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-13 07:50 - 2015-04-09 19:04 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 07:50 - 2015-04-09 19:03 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-13 07:50 - 2015-04-09 19:03 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-13 07:50 - 2015-04-09 19:03 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-04 17:50 - 2015-05-04 17:51 - 00000368 _____ () C:\Users\Tom\Documents\cc_20150504_175057.reg
2015-05-04 17:47 - 2015-05-04 17:47 - 06484352 _____ (Piriform Ltd) C:\Users\Tom\Downloads\ccsetup505.exe
2015-05-01 07:30 - 2015-05-01 07:30 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-01 07:30 - 2015-05-01 07:30 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-23 00:03 - 2015-04-23 00:03 - 00001328 _____ () C:\Users\Tom\Documents\cc_20150423_000314.reg
2015-04-21 19:48 - 2015-04-21 19:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 18:11 - 2015-04-18 18:11 - 00000420 _____ () C:\Users\Tom\Documents\cc_20150418_181114.reg
2015-04-15 10:34 - 2015-03-04 22:25 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 10:34 - 2015-03-04 21:58 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 10:33 - 2015-03-13 22:22 - 01585248 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 10:33 - 2015-03-13 22:22 - 01168080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 10:33 - 2015-03-12 21:44 - 04691384 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 10:33 - 2015-03-12 21:44 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 10:33 - 2015-03-12 21:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 10:33 - 2015-03-12 21:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 10:33 - 2015-03-12 20:08 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 10:33 - 2015-03-12 20:08 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 10:33 - 2015-03-12 20:08 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 10:23 - 2015-03-04 22:23 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:23 - 2015-03-04 22:14 - 00360384 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 10:23 - 2015-03-04 21:58 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 10:22 - 2015-03-08 21:01 - 01249280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 10:22 - 2015-03-08 20:40 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-14 02:35 - 2015-04-14 02:35 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-04-14 02:35 - 2015-04-14 02:35 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-04-14 02:26 - 2015-04-14 02:26 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-04-14 02:26 - 2015-04-14 02:26 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 12:48 - 2011-10-18 13:18 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-14 12:28 - 2006-11-02 11:22 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-14 12:28 - 2006-11-02 11:22 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-14 11:48 - 2011-10-18 13:18 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 07:40 - 2008-01-20 21:53 - 01197864 ____N () C:\Windows\WindowsUpdate.log
2015-05-13 16:42 - 2011-06-15 18:54 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-13 16:41 - 2012-06-14 17:35 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-13 16:41 - 2011-06-04 09:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-13 16:34 - 2006-11-02 08:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-13 16:28 - 2006-11-02 11:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-13 16:28 - 2006-11-02 11:21 - 00234888 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 16:26 - 2011-05-12 23:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 16:26 - 2006-11-02 11:07 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 16:24 - 2006-11-02 11:42 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-13 16:21 - 2014-10-02 13:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 16:16 - 2006-11-02 08:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 10:04 - 2011-05-12 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 10:04 - 2006-11-02 11:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-05-13 07:44 - 2015-03-24 22:24 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Tom
2015-05-13 07:44 - 2010-10-27 18:30 - 00000000 ____D () C:\Users\Tom\AppData\Local\Deployment
2015-05-13 07:37 - 2014-10-02 10:25 - 00004184 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-11 18:47 - 2015-02-03 23:21 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-06 18:23 - 2015-02-23 16:20 - 00000000 ____D () C:\Users\Tom\Desktop\Pics
2015-05-04 17:48 - 2014-10-02 13:34 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-01 07:30 - 2014-10-03 08:03 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-01 07:30 - 2014-10-03 08:00 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-01 07:30 - 2014-10-03 08:00 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-01 07:30 - 2011-06-15 19:31 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00065224 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswTdi.sys
2015-05-01 07:30 - 2010-10-26 16:00 - 00064712 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr.sys
2015-04-24 16:05 - 2014-10-02 10:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-15 10:31 - 2014-10-02 14:50 - 00752894 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
==================== Files in the root of some directories =======
2011-11-11 22:48 - 2011-11-12 00:16 - 0000118 _____ () C:\Users\Tom\AppData\Roaming\MIDIMAST.INI
2014-10-06 17:41 - 2014-10-06 17:41 - 0030707 _____ () C:\Users\Tom\AppData\Roaming\UserTile.png
2015-02-24 10:54 - 2015-04-02 11:10 - 0231659 _____ () C:\Users\Tom\AppData\Local\ars.cache
2015-02-24 10:54 - 2015-04-02 11:10 - 0404592 _____ () C:\Users\Tom\AppData\Local\census.cache
2010-10-26 18:47 - 2010-10-26 16:02 - 0000732 _____ () C:\Users\Tom\AppData\Local\d3d9caps64.dat
2010-10-27 18:08 - 2015-03-09 08:26 - 0006656 _____ () C:\Users\Tom\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-31 21:16 - 2010-10-31 21:16 - 0229834 _____ () C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924MSI15DA.txt
2010-10-31 21:16 - 2010-10-31 21:16 - 0011760 _____ () C:\Users\Tom\AppData\Local\dd_ATL90SP1_KB973924UI15DA.txt
2010-10-26 15:59 - 2010-10-26 16:00 - 0428498 _____ () C:\Users\Tom\AppData\Local\dd_vcredistMSI1D00.txt
2015-01-26 16:34 - 2015-01-26 16:34 - 0388780 _____ () C:\Users\Tom\AppData\Local\dd_vcredistMSI33D2.txt
2010-10-26 15:59 - 2010-10-26 16:00 - 0012766 _____ () C:\Users\Tom\AppData\Local\dd_vcredistUI1D00.txt
2015-01-26 16:34 - 2015-01-26 16:34 - 0012126 _____ () C:\Users\Tom\AppData\Local\dd_vcredistUI33D2.txt
2015-02-24 10:46 - 2015-02-24 10:46 - 0000036 _____ () C:\Users\Tom\AppData\Local\housecall.guid.cache
2015-03-12 19:23 - 2015-04-02 11:07 - 0000010 _____ () C:\Users\Tom\AppData\Local\sponge.last.runtime.cache
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 04:35
==================== End Of Log ============================