URL:Mal popped up randomly

Sega · October 29, 2014

I got a random warning while surfing youtube. Avast said it blocked the following:

hxxp://54.191.159.30/trinity.js?key_maker={%221131653%22:%2224d87f253daef818de75%22,%221131656%22:%223b9d0f7ad1c676301d8c%22,%2211

mbam log came up zilch:

Malwarebytes Anti-Malware

www.malwarebytes.org

Scan Date: 10/28/2014

Scan Time: 9:21:43 PM

Logfile: mbam.txt

Administrator: Yes

Version: 2.00.3.1025

Malware Database: v2014.10.29.02

Rootkit Database: v2014.10.22.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: owner

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 374884

Time Elapsed: 23 min, 11 sec

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

Processes: 0

(No malicious items detected)

Modules: 0

(No malicious items detected)

Registry Keys: 0

(No malicious items detected)

Registry Values: 0

(No malicious items detected)

Registry Data: 0

(No malicious items detected)

Folders: 0

(No malicious items detected)

Files: 0

(No malicious items detected)

Physical Sectors: 0

(No malicious items detected)

(end)

I also ran AdwCleaner, but I didn't delete anything:

# AdwCleaner v4.002 - Report created 28/10/2014 at 20:54:02

# Updated 27/10/2014 by Xplode

# Database : 2014-10-26.6

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : owner - OWNER-VAIO

# Running from : C:\Users\owner\Downloads\AdwCleaner.exe

# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17344

-\\ Mozilla Firefox v33.0 (x86 en-US)

-\\ Google Chrome v38.0.2125.104

*************************

AdwCleaner[R0].txt - [1024 octets] - [28/10/2014 20:54:02]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1084 octets] ##########

Should I delete those entries? Any help would be appreciated.

Maniac · November 1, 2014

Hello Sega! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Don't remove them.

Please follow the instructions here and then post your log files in a new reply in this thread:

https://forums.malwarebytes.org/index.php?/topic/9573-im-infected-what-do-i-do-now/

Sega · November 1, 2014

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014

Ran by owner (administrator) on OWNER-VAIO on 01-11-2014 11:54:42

Running from C:\Users\owner\Desktop

Loaded Profile: owner (Available profiles: boinc_master & owner)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-948751929-1012797079-1993627666-1005\...\Run: [Facebook Update] => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-02-02] (Facebook Inc.)

HKU\S-1-5-21-948751929-1012797079-1993627666-1005\...\Policies\Explorer: [NoDesktopCleanupWizard] 1

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT

SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:

========

FF ProfilePath: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tbanrluq.default

FF NewTab: about:blank

FF Homepage: hxxp://www.google.com/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tbanrluq.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-10-07]

FF Extension: NoScript - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tbanrluq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-07-10]

FF Extension: Adblock Plus - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\tbanrluq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-05-14]

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-21]

FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird

Chrome:

=======

CHR HomePage: Default -> https://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Profile: C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]

CHR Extension: (YouTube) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-15]

CHR Extension: (Google Search) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-15]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2012-08-23]

CHR Extension: (Google Wallet) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

CHR Extension: (Gmail) - C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-15]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-14] (AVAST Software)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-14] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-14] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-14] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-14] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-14] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-14] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-14] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-14] ()

S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()

S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [52736 2012-07-09] (Apple, Inc.) [File not signed]

S3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]

U2 MSSQL$DDNI; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 11:54 - 2014-11-01 11:55 - 00013781 _____ () C:\Users\owner\Desktop\FRST.txt

2014-11-01 11:54 - 2014-11-01 11:54 - 00000000 ____D () C:\FRST

2014-11-01 11:52 - 2014-11-01 11:52 - 02114048 _____ (Farbar) C:\Users\owner\Desktop\FRST64.exe

2014-10-31 20:00 - 2014-10-31 20:00 - 00000000 ____D () C:\Users\owner\Downloads\HD003

2014-10-31 19:57 - 2014-10-31 19:58 - 00035181 _____ () C:\Users\owner\Downloads\HD003.ZIP

2014-10-31 19:56 - 2014-10-31 19:56 - 00017452 _____ () C:\Users\owner\Downloads\HD001.ZIP

2014-10-31 19:02 - 2014-10-31 19:02 - 00011438 _____ () C:\Users\owner\Downloads\sine_jazz.ftm

2014-10-31 17:50 - 2014-10-31 17:50 - 00004303 _____ () C:\Users\owner\Downloads\bamboo-island.mid

2014-10-30 16:31 - 2014-10-30 16:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-10-28 21:45 - 2014-10-28 21:45 - 00001055 _____ () C:\Users\owner\Desktop\mbam.txt

2014-10-28 21:20 - 2014-10-28 21:20 - 00001172 _____ () C:\Users\owner\Desktop\AdwCleaner[R0].txt

2014-10-28 20:53 - 2014-10-28 20:56 - 00000000 ____D () C:\AdwCleaner

2014-10-28 20:52 - 2014-10-28 20:52 - 01998336 _____ () C:\Users\owner\Downloads\AdwCleaner.exe

2014-10-27 18:21 - 2014-10-27 18:24 - 13678073 _____ () C:\Users\owner\Downloads\sunvox-1.7.5.zip

2014-10-25 21:19 - 2014-10-25 21:19 - 19097761 _____ () C:\Users\owner\Downloads\DensinesOrchestral.zip

2014-10-24 15:57 - 2014-10-24 15:58 - 00026608 _____ () C:\Users\owner\Downloads\jos-2pir.xm

2014-10-22 19:06 - 2014-10-22 19:06 - 00001842 _____ () C:\Users\owner\Documents\ymo.mscz

2014-10-19 16:56 - 2014-10-19 16:56 - 00001776 _____ () C:\Users\owner\Downloads\Grace notes and glissando.mscz

2014-10-19 15:40 - 2014-10-19 15:40 - 00000000 ____D () C:\Users\owner\Documents\MuseScore2

2014-10-19 15:39 - 2014-10-19 15:39 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuseScore 2

2014-10-19 15:39 - 2014-10-19 15:39 - 00000000 ____D () C:\Program Files (x86)\MuseScore 2

2014-10-19 15:36 - 2014-10-19 15:37 - 50634984 _____ () C:\Users\owner\Downloads\MuseScore-2.0beta1.msi

2014-10-18 14:35 - 2014-10-18 14:34 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-10-18 14:34 - 2014-10-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-10-18 14:34 - 2014-10-18 14:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-10-18 14:34 - 2014-10-18 14:34 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-10-18 14:34 - 2014-10-18 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-18 14:34 - 2014-10-18 14:34 - 00000000 ____D () C:\Program Files (x86)\Java

2014-10-16 02:15 - 2014-08-18 20:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2014-10-16 02:15 - 2014-08-18 20:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2014-10-16 02:15 - 2014-08-18 20:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2014-10-16 02:15 - 2014-08-18 20:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2014-10-16 02:15 - 2014-08-18 20:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2014-10-16 02:15 - 2014-08-18 20:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2014-10-16 02:15 - 2014-07-06 19:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll

2014-10-16 02:15 - 2014-07-06 19:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll

2014-10-16 02:15 - 2014-07-06 19:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-10-16 02:15 - 2014-07-06 19:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-10-16 02:15 - 2014-07-06 19:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll

2014-10-16 02:15 - 2014-07-06 18:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys

2014-10-16 02:15 - 2014-07-06 18:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-10-16 02:15 - 2014-07-06 18:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll

2014-10-16 02:15 - 2014-07-06 18:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-10-16 02:15 - 2014-07-06 18:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-10-16 02:15 - 2014-06-27 17:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2014-10-16 02:15 - 2014-06-27 17:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2014-10-16 02:15 - 2014-06-27 17:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll

2014-10-16 02:14 - 2014-08-18 20:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2014-10-16 02:14 - 2014-08-18 20:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2014-10-16 02:14 - 2014-08-18 20:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2014-10-16 02:14 - 2014-08-18 20:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2014-10-16 02:14 - 2014-08-18 19:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2014-10-16 02:14 - 2014-08-18 19:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2014-10-16 02:14 - 2014-08-18 19:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2014-10-16 02:14 - 2014-07-06 19:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll

2014-10-16 02:14 - 2014-07-06 19:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe

2014-10-16 02:14 - 2014-07-06 19:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe

2014-10-16 02:14 - 2014-07-06 19:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll

2014-10-16 02:14 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx

2014-10-16 02:14 - 2014-07-06 19:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll

2014-10-16 02:14 - 2014-07-06 19:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL

2014-10-16 02:14 - 2014-07-06 19:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe

2014-10-16 02:14 - 2014-07-06 19:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll

2014-10-16 02:14 - 2014-07-06 18:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll

2014-10-16 02:14 - 2014-07-06 18:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll

2014-10-16 02:14 - 2014-07-06 18:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll

2014-10-16 02:14 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx

2014-10-16 02:14 - 2014-07-06 18:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll

2014-10-16 02:14 - 2014-07-06 18:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL

2014-10-16 02:14 - 2014-07-06 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe

2014-10-16 02:14 - 2014-07-06 18:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe

2014-10-16 02:14 - 2014-07-06 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll

2014-10-15 21:24 - 2014-10-09 19:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-10-15 21:24 - 2014-10-09 19:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-10-15 21:24 - 2014-10-09 19:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-10-15 21:24 - 2014-10-06 19:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-10-15 21:24 - 2014-10-06 19:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-10-15 21:24 - 2014-09-28 17:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-10-15 21:24 - 2014-09-25 15:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-10-15 21:24 - 2014-09-25 15:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-10-15 21:24 - 2014-09-25 15:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-10-15 21:24 - 2014-09-25 15:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-10-15 21:24 - 2014-09-25 15:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-10-15 21:24 - 2014-09-25 15:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-10-15 21:24 - 2014-09-25 15:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-10-15 21:24 - 2014-09-18 19:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-10-15 21:24 - 2014-09-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-10-15 21:24 - 2014-09-18 18:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-10-15 21:24 - 2014-09-18 18:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-10-15 21:24 - 2014-09-18 18:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-10-15 21:24 - 2014-09-18 18:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-10-15 21:24 - 2014-09-18 18:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-10-15 21:24 - 2014-09-18 18:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-10-15 21:24 - 2014-09-18 18:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-10-15 21:24 - 2014-09-18 18:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-10-15 21:24 - 2014-09-18 18:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-10-15 21:24 - 2014-09-18 18:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-10-15 21:24 - 2014-09-18 18:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-10-15 21:24 - 2014-09-18 18:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-10-15 21:24 - 2014-09-18 18:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-10-15 21:24 - 2014-09-18 18:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-10-15 21:24 - 2014-09-18 18:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-10-15 21:24 - 2014-09-18 18:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-15 21:24 - 2014-09-18 18:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-10-15 21:24 - 2014-09-18 18:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-10-15 21:24 - 2014-09-18 18:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-15 21:24 - 2014-09-18 18:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-10-15 21:24 - 2014-09-18 18:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-10-15 21:24 - 2014-09-18 18:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-10-15 21:24 - 2014-09-18 18:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-10-15 21:24 - 2014-09-18 18:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-10-15 21:24 - 2014-09-18 17:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-10-15 21:24 - 2014-09-18 17:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-10-15 21:24 - 2014-09-18 17:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-10-15 21:24 - 2014-09-18 17:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-10-15 21:24 - 2014-09-18 17:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-10-15 21:24 - 2014-09-18 17:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-10-15 21:24 - 2014-09-18 17:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-10-15 21:24 - 2014-09-18 17:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-10-15 21:24 - 2014-09-18 17:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-10-15 21:24 - 2014-09-18 17:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-10-15 21:24 - 2014-09-18 17:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-10-15 21:24 - 2014-09-18 17:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-10-15 21:24 - 2014-09-18 17:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-10-15 21:24 - 2014-09-18 17:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-10-15 21:24 - 2014-09-18 17:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-10-15 21:24 - 2014-09-18 17:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-10-15 21:24 - 2014-09-18 17:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-10-15 21:24 - 2014-09-18 16:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-10-15 21:24 - 2014-09-18 16:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-10-15 21:24 - 2014-09-18 16:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-10-15 21:24 - 2014-09-18 16:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-10-15 21:24 - 2014-08-28 19:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll

2014-10-15 21:24 - 2014-06-18 15:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll

2014-10-15 21:21 - 2014-09-17 19:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-10-15 21:21 - 2014-09-17 18:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-10-15 21:21 - 2014-09-03 22:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll

2014-10-15 21:21 - 2014-09-03 22:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll

2014-10-15 21:21 - 2014-07-16 19:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-10-15 21:21 - 2014-07-16 19:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-10-15 21:21 - 2014-07-16 19:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll

2014-10-15 21:21 - 2014-07-16 19:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll

2014-10-15 21:21 - 2014-07-16 19:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-10-15 21:21 - 2014-07-16 19:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-10-15 21:21 - 2014-07-16 18:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll

2014-10-15 21:21 - 2014-07-16 18:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-10-15 21:21 - 2014-07-16 18:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-10-15 21:21 - 2014-07-16 18:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys

2014-10-15 21:21 - 2014-07-16 18:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

2014-10-15 21:20 - 2014-09-12 18:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-10-15 21:20 - 2014-09-12 18:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-10-15 21:20 - 2014-09-04 19:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-10-15 21:20 - 2014-09-04 18:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-10-15 15:05 - 2014-10-15 15:21 - 00000000 ____D () C:\Users\owner\Downloads\DefleMask_Windows

2014-10-14 17:46 - 2014-10-14 17:46 - 00578300 _____ () C:\Users\owner\Downloads\wladx-9.5-20080814-win32-bin.zip

2014-10-14 17:45 - 2014-10-14 17:45 - 00000000 ____D () C:\Users\owner\Downloads\xpmck-32

2014-10-14 16:04 - 2014-10-14 16:04 - 00000000 ____D () C:\Users\owner\Downloads\husic_en

2014-10-14 02:31 - 2014-10-14 02:31 - 01043774 _____ () C:\Users\owner\Downloads\noobhusic.zip

2014-10-10 20:29 - 2014-10-10 20:29 - 00000704 _____ () C:\Users\owner\AppData\Local\recently-used.xbel

2014-10-05 18:00 - 2014-10-05 18:00 - 00011355 _____ () C:\Users\owner\Downloads\Metropolis.nsf

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 11:44 - 2014-04-06 21:27 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C68451D3-7038-4811-972E-2E2223AD392B}

2014-11-01 11:43 - 2009-07-13 21:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-11-01 11:43 - 2009-07-13 21:45 - 00022704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-11-01 11:40 - 2010-10-17 14:03 - 01072251 _____ () C:\Windows\WindowsUpdate.log

2014-11-01 11:35 - 2012-07-03 22:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-11-01 11:35 - 2011-01-16 22:09 - 00425988 _____ () C:\Windows\setupact.log

2014-11-01 11:35 - 2010-09-13 04:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-01 11:35 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-11-01 01:23 - 2011-05-15 22:57 - 00000000 ____D () C:\Users\owner\AppData\Roaming\foobar2000

2014-11-01 01:07 - 2012-12-15 22:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-01 01:06 - 2010-09-13 04:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-01 00:36 - 2011-09-23 20:43 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005UA.job

2014-11-01 00:36 - 2011-09-23 20:43 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005Core.job

2014-10-31 21:07 - 2014-05-05 00:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-10-31 18:27 - 2011-04-13 12:15 - 00000000 ____D () C:\Users\owner\AppData\Roaming\Audacity

2014-10-31 10:39 - 2012-04-25 13:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-29 19:14 - 2014-07-30 20:38 - 00000000 ____D () C:\Users\owner\Desktop\mml files

2014-10-28 06:34 - 2010-11-16 12:35 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-10-27 12:56 - 2014-09-13 22:40 - 00000000 ____D () C:\Users\owner\AppData\Local\Adobe

2014-10-27 12:56 - 2012-12-15 22:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-10-27 12:56 - 2012-12-15 22:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-27 12:56 - 2012-12-15 22:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-10-26 23:51 - 2013-10-20 04:42 - 00000000 ____D () C:\Users\owner\AppData\Roaming\HexChat

2014-10-26 23:40 - 2014-04-09 21:05 - 00000000 ____D () C:\Users\owner\Downloads\mummlppmck

2014-10-26 22:27 - 2014-05-25 21:55 - 00000000 ____D () C:\Users\owner\Downloads\mplayer

2014-10-26 13:32 - 2014-09-06 22:25 - 00000000 ____D () C:\Users\owner\Downloads\milkytracker-0.90.86-winnt

2014-10-25 21:29 - 2014-02-24 21:24 - 00000000 ____D () C:\Users\owner\Desktop\workspace

2014-10-25 21:07 - 2009-07-13 22:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-10-25 17:02 - 2014-05-05 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-10-25 17:02 - 2014-05-05 00:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-10-25 17:02 - 2012-01-03 23:06 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-10-21 19:55 - 2010-11-15 19:13 - 00000000 ____D () C:\Users\owner\AppData\Local\VirtualStore

2014-10-21 01:21 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache

2014-10-20 23:57 - 2014-04-13 23:22 - 00000000 ____D () C:\Users\owner\Desktop\RJDMCv1.05

2014-10-20 22:50 - 2013-11-13 17:56 - 00000000 ____D () C:\Users\owner\Downloads\dl folder

2014-10-19 16:04 - 2014-04-29 23:55 - 00000000 ____D () C:\Users\owner\AppData\Roaming\MuseScore

2014-10-19 15:39 - 2014-04-29 23:41 - 00000000 ____D () C:\Users\owner\AppData\Local\MuseScore

2014-10-18 20:01 - 2010-09-13 04:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-10-18 20:01 - 2010-09-13 04:29 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-10-18 14:35 - 2013-09-14 20:25 - 00000000 ____D () C:\ProgramData\Oracle

2014-10-16 02:57 - 2009-07-13 21:45 - 00295008 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-10-16 02:55 - 2014-04-29 17:31 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-10-16 02:55 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-10-16 02:55 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-10-16 02:25 - 2013-08-14 14:56 - 00000000 ____D () C:\Windows\system32\MRT

2014-10-16 02:16 - 2010-11-16 12:45 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-10-10 20:08 - 2013-10-20 05:43 - 00000000 ____D () C:\Users\owner\AppData\Local\gtk-2.0

Some content of TEMP:

====================

C:\Users\owner\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\owner\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-10-26 09:59

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014

Ran by owner at 2014-11-01 11:56:01

Running from C:\Users\owner\Desktop

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)

Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)

Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )

ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)

ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)

Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)

avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)

CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)

Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden

Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)

HexChat (HKLM\...\HexChat_is1) (Version: 2.10.1 - HexChat)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2555 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden

Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)

mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)

Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)

MuseScore (HKLM-x32\...\{813E140C-60A8-4E3D-A1C6-668AC0FBBBCD}) (Version: 1.95.0 - Werner Schweer and Others)

MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)

OOBE (x32 Version: 3.10.0630 - Sony Corporation) Hidden

OpenSSL 1.0.0l Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version: - OpenSSL Win64 Installer Team)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PMB (x32 Version: 5.3.00.06040 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)

Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden

Remote Play with PlayStation®3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.11.4.20100722.2739 - Sony Corporation)

Strawberry Perl (64-bit) (HKLM\...\{FB77A6B3-7107-1014-B6AA-DDC93567E6CE}) (Version: 5.18.2001 - strawberryperl.com project)

VAIO - Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden

VAIO - PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden

VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden

VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden

VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden

VAIO Control Center (x32 Version: 4.3.0.05310 - Sony Corporation) Hidden

VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden

VAIO DVD Menu Data (x32 Version: 2.2.00.05120 - Sony Corporation) Hidden

VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden

VAIO Gate Default (x32 Version: 2.2.0.07020 - Sony Corporation) Hidden

VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden

VAIO Manual (x32 Version: 1.1.0.05280 - Sony Corporation) Hidden

VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden

VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden

VAIO Media plus Opening Movie (x32 Version: 2.1.0.14080 - Sony Corporation) Hidden

VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden

VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden

VAIO Sample Contents (x32 Version: 1.2.0.16080 - Sony Corporation) Hidden

VAIO Survey (x32 Version: 6.00.1028 - Sony Corporation) Hidden

VAIO Transfer Support (x32 Version: 1.2.0.06230 - Sony Corporation) Hidden

VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden

VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

15-10-2014 21:13:42 Scheduled Checkpoint

16-10-2014 04:06:05 Windows Update

16-10-2014 09:15:56 Windows Update

18-10-2014 21:32:46 Installed Java 7 Update 71

19-10-2014 22:38:19 Installed MuseScore

21-10-2014 22:57:49 Windows Update

28-10-2014 18:45:47 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 19:34 - 2014-05-06 13:31 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06680745-3114-4F67-9A93-D9DFA59CCBA7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005UA => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-02] (Facebook Inc.)

Task: {06A8D0E8-7981-4D7B-94E1-08D6721CA6B6} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)

Task: {22AB1571-117B-4F28-99B7-23E85EE26308} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {27D62A7D-12D2-44EE-B86B-8C64E0920619} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()

Task: {2CABAF02-F04E-4FB2-973F-77BD3ECB3830} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe

Task: {43F0BE53-71DA-49EF-AE02-DBB93A9D21B6} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)

Task: {44564C9D-E016-4E9F-9AD7-5D9FC0555A12} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005Core => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-02-02] (Facebook Inc.)

Task: {4605FB14-1D67-4B68-8480-062146570BAF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-27] (Adobe Systems Incorporated)

Task: {5F101DCB-73D5-4865-8F14-52A0D3BE6BC2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)

Task: {7B272453-37EF-4BAE-8BFB-7FE84B964C71} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: {9158496C-01C2-4D02-A674-0C0EB1E78F4B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-14] (AVAST Software)

Task: {B14E1564-AA55-4FE1-933B-885D370107D8} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: {BAF71C55-72B8-4384-BC54-ABB6652F1E06} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe

Task: {BC129B97-ADD7-4867-BDA3-95BB55BF0011} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-06-22] (Sony Corporation)

Task: {DD8D03B5-2587-411F-B281-B261A09BB030} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {E1BE22C5-C9ED-4F4F-87EE-330952251701} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)

Task: {FFAF67B7-60B2-4A1D-9135-4DC4B60C9019} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005Core.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-948751929-1012797079-1993627666-1005UA.job => C:\Users\owner\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-14 01:49 - 2014-07-14 01:49 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

2014-10-31 10:40 - 2014-10-31 10:40 - 02898944 _____ () C:\Program Files\AVAST Software\Avast\defs\14103101\algo.dll

2014-11-01 11:36 - 2014-11-01 11:36 - 02898944 _____ () C:\Program Files\AVAST Software\Avast\defs\14110100\algo.dll

2010-09-13 04:53 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll

2010-09-13 04:53 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll

2014-07-14 01:50 - 2014-07-14 01:50 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-10-16 22:34 - 2014-10-16 22:34 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll

2010-07-12 14:29 - 2010-03-03 20:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2014-10-29 01:24 - 2014-10-21 21:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll

2014-10-29 01:24 - 2014-10-21 21:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll

2014-10-29 01:24 - 2014-10-21 21:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll

2014-10-29 01:24 - 2014-10-21 21:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

2014-11-01 11:56 - 2014-11-01 11:56 - 02898944 _____ () C:\Program Files\AVAST Software\Avast\defs\14110101\algo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-948751929-1012797079-1993627666-500 - Administrator - Disabled)

boinc_master (S-1-5-21-948751929-1012797079-1993627666-1000 - Limited - Enabled) => C:\Users\boinc_master

boinc_project (S-1-5-21-948751929-1012797079-1993627666-1001 - Limited - Enabled)

Guest (S-1-5-21-948751929-1012797079-1993627666-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-948751929-1012797079-1993627666-1007 - Limited - Enabled)

owner (S-1-5-21-948751929-1012797079-1993627666-1005 - Administrator - Enabled) => C:\Users\owner

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (10/26/2014 10:09:46 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/23/2014 07:19:33 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: mspaint.exe, version: 6.1.7600.16385, time stamp: 0x4a5bca29

Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f

Exception code: 0xc0000005

Fault offset: 0x00000000000011fd

Faulting process id: 0x126c

Faulting application start time: 0xmspaint.exe0

Faulting application path: mspaint.exe1

Faulting module path: mspaint.exe2

Report Id: mspaint.exe3

Error: (10/21/2014 01:20:15 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (10/19/2014 07:30:07 PM) (Source: Google Update) (EventID: 20) (User: owner-VAIO)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (10/17/2014 07:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Faulting module name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Exception code: 0x40000015

Fault offset: 0x00007e52

Faulting process id: 0x175c

Faulting application start time: 0xautoecho.exe0

Faulting application path: autoecho.exe1

Faulting module path: autoecho.exe2

Report Id: autoecho.exe3

Error: (10/17/2014 07:33:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Faulting module name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Exception code: 0x40000015

Fault offset: 0x00007e52

Faulting process id: 0x2d4

Faulting application start time: 0xautoecho.exe0

Faulting application path: autoecho.exe1

Faulting module path: autoecho.exe2

Report Id: autoecho.exe3

Error: (10/17/2014 07:33:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Faulting module name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Exception code: 0x40000015

Fault offset: 0x00007e52

Faulting process id: 0x1568

Faulting application start time: 0xautoecho.exe0

Faulting application path: autoecho.exe1

Faulting module path: autoecho.exe2

Report Id: autoecho.exe3

Error: (10/17/2014 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Faulting module name: autoecho.exe, version: 0.0.0.0, time stamp: 0x45f95c19

Exception code: 0x40000015

Fault offset: 0x00007e52

Faulting process id: 0x133c

Faulting application start time: 0xautoecho.exe0

Faulting application path: autoecho.exe1

Faulting module path: autoecho.exe2

Report Id: autoecho.exe3

Error: (10/16/2014 11:07:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: audacity.exe, version: 1.3.13.0, time stamp: 0x4d9cdea9

Faulting module name: wxbase28u_vc_custom.dll, version: 2.8.11.0, time stamp: 0x4d910057

Exception code: 0xc0000005

Fault offset: 0x00004444

Faulting process id: 0x1284

Faulting application start time: 0xaudacity.exe0

Faulting application path: audacity.exe1

Faulting module path: audacity.exe2

Report Id: audacity.exe3

Error: (10/15/2014 02:16:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:

=============

Error: (10/30/2014 08:08:24 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (10/25/2014 10:08:43 PM) (Source: Disk) (EventID: 11) (User: )

Description: The driver detected a controller error on \Device\Harddisk1\DR3.

Error: (10/24/2014 08:32:02 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (10/16/2014 03:09:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2952664).

Error: (10/08/2014 11:10:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: )

Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (10/06/2014 06:33:03 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (10/02/2014 09:20:25 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (09/28/2014 07:21:58 PM) (Source: ACPI) (EventID: 13) (User: )

Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.

Error: (09/21/2014 03:27:54 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (09/20/2014 02:57:49 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Microsoft Office Sessions:

=========================

Error: (10/26/2014 10:09:46 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/23/2014 07:19:33 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mspaint.exe6.1.7600.163854a5bca29msvcrt.dll7.0.7601.177444eeb033fc000000500000000000011fd126c01cfef30e35f8554C:\Windows\system32\mspaint.exeC:\Windows\system32\msvcrt.dll30aab240-5b24-11e4-9dc7-544249eda09c

Error: (10/21/2014 01:20:15 AM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/19/2014 07:30:07 PM) (Source: Google Update) (EventID: 20) (User: owner-VAIO)

Description: Network Request Error.

Error: 0x80072ee7. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=FireFox, direct connection.

trying CUP:WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying WinHTTP.

Send request returned 0x80072ee7. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x80

Error: (10/17/2014 07:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: autoecho.exe0.0.0.045f95c19autoecho.exe0.0.0.045f95c194000001500007e52175c01cfea7bdb72cd0eC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exeC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exe21c07b95-566f-11e4-8a64-544249eda09c

Error: (10/17/2014 07:33:10 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: autoecho.exe0.0.0.045f95c19autoecho.exe0.0.0.045f95c194000001500007e522d401cfea7bdb752e6eC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exeC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exe196b3682-566f-11e4-8a64-544249eda09c

Error: (10/17/2014 07:33:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: autoecho.exe0.0.0.045f95c19autoecho.exe0.0.0.045f95c194000001500007e52156801cfea7bd309f82bC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exeC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exe14d39c2f-566f-11e4-8a64-544249eda09c

Error: (10/17/2014 07:32:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: autoecho.exe0.0.0.045f95c19autoecho.exe0.0.0.045f95c194000001500007e52133c01cfea7bd309f82bC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exeC:\Users\owner\Downloads\husic_en\autoecho\autoecho.exe11625599-566f-11e4-8a64-544249eda09c

Error: (10/16/2014 11:07:06 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: audacity.exe1.3.13.04d9cdea9wxbase28u_vc_custom.dll2.8.11.04d910057c000000500004444128401cfe9d08fa8e003C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exeC:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\wxbase28u_vc_custom.dlld18541e5-55c3-11e4-97e8-544249eda09c

Error: (10/15/2014 02:16:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

CodeIntegrity Errors:

===================================

Date: 2012-09-21 18:30:22.622

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2012-09-21 18:30:22.454

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:26:20.227

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:26:20.211

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:26:20.196

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:26:20.180

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:18:36.672

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-12 15:18:36.657

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega.com\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-11 22:04:26.959

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2011-05-11 22:04:26.943

Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\sega\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz

Percentage of memory in use: 41%

Total physical RAM: 3758.1 MB

Available physical RAM: 2213.68 MB

Total Pagefile: 7514.38 MB

Available Pagefile: 5776.27 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:455.56 GB) (Free:303.01 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4103F02)

Partition 1: (Not Active) - (Size=10.1 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=455.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Maniac · November 2, 2014

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Sega · November 4, 2014

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.3.5 (10.31.2014:1)

OS: Windows 7 Home Premium x64

Ran by owner on Tue 11/04/2014 at 13:49:16.33

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\owner\AppData\Roaming\mozilla\firefox\profiles\tbanrluq.default\minidumps [42 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 11/04/2014 at 13:56:05.45

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Maniac · November 5, 2014

How about now? Is it a problem with a specific browser or with all of them?

Sega · November 6, 2014

haven't had any warnings. thanks

Maniac · November 9, 2014

Glad I could help!

Step 1

Download OTL to your desktop and run it.
Click on CleanUp button.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

Some malware preventions:

https://forums.malwarebytes.org/index.php?/topic/81386-so-how-did-i-get-infected-in-the-first-place/

Safe surfing!

AdvancedSetup · February 8, 2015

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

URL:Mal popped up randomly

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information