Page 1 of 9 12345 ... LastLast
Results 1 to 10 of 81

Thread: Youtube popup havoc

  1. #1
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default Youtube popup havoc

    I was watching a Youtube History Channel video two days ago when a popup appeared in the middle of the video. I clicked on the X and a full screen ad appeared for ProForMax or PerForMax. Nothing would get rid of it. I rebooted the computer and it was still there when the computer came back on. Also, Windows Live Messenger was installed (apparently in Russian at that) and on when the computer restarted. I also have Windows Live and Windows Live Mail now. I saw that the PerForMax was in the uninstall list, and I wasn't able to uninstall it for a while, it kept saying that it was in use. Eventually, I was able to select uninstall, and appears to have been done, but is it really gone, and I don't know where Messenger came from or whats really going on here. The Russian (or some such language) Messenger opens every time the computer is started. Thanks for your help.

    Here is the FRST:
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
    Ran by Computer (administrator) on COMPUTER-PC on 22-09-2014 22:04:53
    Running from C:\Users\Computer\Downloads
    Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
    (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
    () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    (ArcSoft, Inc.) C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe
    (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
    (Microsoft Corporation) C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
    HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
    HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-12] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2688920 2014-05-26] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
    HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
    HKLM-x32\...\Run: [ArcSoft MediaImpression Monitor] => C:\Program Files (x86)\Kodak\MediaImpression\ArcMonitor.exe [73728 2010-11-12] (ArcSoft, Inc.)
    HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
    HKLM-x32\...\Run: [Search Protection] => C:\ProgramData\Search Protection\SearchProtection.exe
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-04-30] (Microsoft Corporation)
    HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2234064 2014-05-06] (Eastman Kodak Company)
    HKU\S-1-5-21-3631100180-372296517-2715455636-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
    HKU\S-1-5-21-3631100180-372296517-2715455636-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3631100180-372296517-2715455636-1000\...\MountPoints2: {262e6610-a165-11e2-a6b9-806e6f6e6963} - D:\ASRSetup.exe
    HKU\S-1-5-21-3631100180-372296517-2715455636-1000\...\MountPoints2: {3386465a-a169-11e2-bdde-806e6f6e6963} - D:\Autorun.exe
    HKU\S-1-5-21-3631100180-372296517-2715455636-1000\...\MountPoints2: {62200ff3-090b-11e4-bab4-f84e697c68e4} - E:\MI.exe
    HKU\S-1-5-21-3631100180-372296517-2715455636-1001\...\MountPoints2: {262e6610-a165-11e2-a6b9-806e6f6e6963} - D:\ASRSetup.exe
    HKU\S-1-5-21-3631100180-372296517-2715455636-1001\...\MountPoints2: {3386465a-a169-11e2-bdde-806e6f6e6963} - D:\shellexe.exe Start.htm
    HKU\S-1-5-21-3631100180-372296517-2715455636-1001\...\MountPoints2: {62200ff3-090b-11e4-bab4-f84e697c68e4} - E:\MI.exe
    ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    ProxyServer: http=127.0.0.1:53575;https=127.0.0.1:53575
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=58&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&q={searchTerms}&SSPV=
    SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=58&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&q={searchTerms}&SSPV=
    SearchScopes: HKCU - {5C58855A-DD1C-4494-895A-BEC9BA9BC7F7} URL = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10266&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^AGX&apn_dtid=^YYYYYY^YY^US&apn_uid=ffb2f987-f112-49fa-892b-ff3b5edb30ea&apn_sauid=40532622-B5B4-46F5-A5ED-E657BB64CE9F
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
    Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
    Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

    FireFox:
    ========
    FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default
    FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3
    FF DefaultSearchEngine: Ixquick HTTPS
    FF SearchEngineOrder.1: Ask.com
    FF SelectedSearchEngine: Ixquick HTTPS
    FF Homepage: hxxp://www.biblegateway.com/versions/King-James-Version-KJV-Bible/#books
    FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Computer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Computer, Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Computer, Inc.)
    FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\searchplugins\avira-safesearch.xml
    FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\searchplugins\ixquick-https.xml
    FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\searchplugins\securesearch.xml
    FF SearchPlugin: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\searchplugins\trovi-search.xml
    FF Extension: Avira Browser Safety - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\Extensions\abs@avira.com [2014-09-04]
    FF Extension: Avira SafeSearch - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\Extensions\safesearch@avira.com [2014-08-12]
    FF Extension: Pin It button - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\Extensions\pinterest@robertnyman.com.xpi [2013-10-09]
    FF Extension: Social Fixer - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\Extensions\socialfixer@mattkruse.com.xpi [2013-05-13]
    FF Extension: Adblock Plus - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-23]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=55&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&SSPV=
    CHR RestoreOnStartup: Default -> "hxxp://www.google.com/"
    CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=55&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&SSPV="
    CHR DefaultSearchKeyword: Default -> ask.com
    CHR DefaultSearchURL: Default -> http://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10266&locale=en_US&apn_uid=ffb2f987-f112-49fa-892b-ff3b5edb30ea&apn_ptnrs=%5EAGX&apn_sauid=40532622-B5B4-46F5-A5ED-E657BB64CE9F&apn_dtid=%5EYYYYYY%5EYY%5EUS&q={searchTerms}
    CHR DefaultSuggestURL: Default -> http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
    CHR Profile: C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Avira Toolbar) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2013-04-16]
    CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-16]
    CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-16]
    CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-16]
    CHR Extension: (Google Search) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-16]
    CHR Extension: (Google Wallet) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-05]
    CHR Extension: (Gmail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-16]
    CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Computer\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.24.0.crx [2013-04-16]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
    R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
    R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-12] (Avira Operations GmbH & Co. KG)
    R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
    R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
    R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
    R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-03] (Avira Operations GmbH & Co. KG)
    R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
    R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
    R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
    R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
    R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
    R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
    S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
    R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-22] ()
    S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-22 22:04 - 2014-09-22 22:05 - 00023639 _____ () C:\Users\Computer\Downloads\FRST.txt
    2014-09-22 22:03 - 2014-09-22 22:05 - 00000000 ____D () C:\FRST
    2014-09-22 22:02 - 2014-09-22 22:02 - 02105856 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe
    2014-09-22 21:58 - 2014-09-22 21:58 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-COMPUTER-PC-Microsoft-Windows-7-Professional-(64-bit).dat
    2014-09-22 21:56 - 2014-09-22 21:56 - 00000000 ____D () C:\RegBackup
    2014-09-22 21:55 - 2014-09-22 21:55 - 01346048 _____ (Indigo Rose Corporation) C:\Users\Computer\Desktop\uninstall.exe
    2014-09-22 21:55 - 2014-09-22 21:55 - 00325960 _____ () C:\Users\Computer\Desktop\lua5.1.dll
    2014-09-22 21:55 - 2014-09-22 21:55 - 00001532 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\Uninstall
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\files
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\color_presets
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-22 21:54 - 2014-09-22 21:55 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-22 21:49 - 2014-09-22 21:49 - 04057608 _____ () C:\Users\Computer\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-22 21:24 - 2014-09-22 21:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
    2014-09-20 02:13 - 2009-06-10 17:00 - 00000824 _____ () C:\Windows\system32\Drivers\etc\hosts.20140920-021310.backup
    2014-09-20 02:07 - 2014-09-20 02:09 - 00008137 _____ () C:\Windows\wininit.ini
    2014-09-20 01:08 - 2014-09-20 02:09 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-20 01:08 - 2014-09-20 01:11 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-20 01:08 - 2014-09-20 01:08 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-09-20 01:08 - 2014-09-20 01:08 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-09-20 01:08 - 2014-09-20 01:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-09-20 01:08 - 2014-09-20 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-09-20 01:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
    2014-09-20 01:06 - 2014-09-20 01:06 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Lavasoft
    2014-09-20 00:50 - 2014-09-22 21:27 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2014-09-20 00:50 - 2014-09-20 00:50 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\LavasoftStatistics
    2014-09-20 00:50 - 2014-09-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2014-09-20 00:49 - 2014-09-20 00:49 - 00000000 ____D () C:\Program Files\Lavasoft
    2014-09-20 00:48 - 2014-09-20 00:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\SecureSearch
    2014-09-20 00:47 - 2014-09-22 13:02 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
    2014-09-20 00:46 - 2014-09-20 00:46 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2014-09-20 00:45 - 2014-09-20 00:46 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Computer\Downloads\spybot-2.4.exe
    2014-09-20 00:45 - 2014-09-20 00:45 - 02806920 _____ () C:\Users\Computer\Downloads\Adaware_Installer.exe
    2014-09-20 00:45 - 2014-09-20 00:45 - 00000000 ____D () C:\ProgramData\Lavasoft
    2014-09-19 22:48 - 2014-09-22 21:25 - 00000000 ____D () C:\Users\Computer\Tracing
    2014-09-19 22:46 - 2014-09-19 22:46 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2014-09-19 22:46 - 2014-09-19 22:46 - 00000000 ____D () C:\Windows\ru
    2014-09-19 22:46 - 2014-09-19 22:46 - 00000000 ____D () C:\Windows\en
    2014-09-19 22:45 - 2014-09-19 22:45 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2014-09-19 22:44 - 2014-09-19 22:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2014-09-19 22:44 - 2014-09-19 22:45 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-09-19 22:44 - 2014-09-19 22:44 - 00000000 ____D () C:\Program Files\Windows Live
    2014-09-19 22:44 - 2014-03-31 21:06 - 00058056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fssfltr.sys
    2014-09-19 22:40 - 2014-09-19 22:40 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:40 - 2014-09-19 22:40 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:40 - 2014-09-19 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
    2014-09-19 22:39 - 2014-09-19 22:39 - 00002186 _____ () C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:39 - 2014-09-19 22:39 - 00000000 ___RD () C:\Users\Computer\OneDrive
    2014-09-19 22:39 - 2014-09-19 22:39 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
    2014-09-19 22:32 - 2014-09-22 21:26 - 00000000 ____D () C:\Users\Computer\AppData\Local\Windows Live
    2014-09-19 22:31 - 2014-09-19 22:31 - 00000000 ____D () C:\Users\Computer\AppData\Local\IsolatedStorage
    2014-09-19 22:30 - 2014-09-20 02:09 - 00000000 ____D () C:\Users\Computer\AppData\Local\SearchProtect
    2014-09-19 22:30 - 2014-09-20 02:07 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
    2014-09-19 22:30 - 2014-09-19 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
    2014-09-19 22:29 - 2014-09-19 22:29 - 00634992 _____ (© 2014 ClientConnect Ltd.) C:\Users\Computer\Downloads\Windows_Movie_Maker_TSV3CYINX.exe
    2014-09-19 22:29 - 2014-09-19 22:29 - 00000000 ____D () C:\Users\Computer\Downloads\Windows_Movie_Maker_TSV3CYINX
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-09-19 17:25 - 2014-09-19 17:25 - 13087456 _____ (Microsoft Corporation) C:\Users\Computer\Downloads\Silverlight_x64(3).exe
    2014-09-19 00:34 - 2014-09-19 00:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-18 23:43 - 2014-09-18 23:43 - 00668304 _____ () C:\Users\Computer\Desktop\rock gardens.htm
    2014-09-13 04:43 - 2014-09-13 05:56 - 00000000 ____D () C:\Users\Computer\Desktop\Trips
    2014-09-12 01:21 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-12 01:21 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-12 01:21 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-12 01:21 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-12 01:21 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-12 01:21 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-12 01:21 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-12 01:21 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-12 01:21 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-12 01:21 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-12 01:21 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-12 01:21 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-12 01:21 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-09-12 01:21 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-12 01:21 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-12 01:21 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-12 01:21 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-12 01:21 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-12 01:21 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-12 01:21 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-12 01:21 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-12 01:21 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-12 01:21 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-09-12 01:21 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-12 01:21 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-12 01:21 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-09-12 01:21 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-09-12 01:21 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-12 01:21 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-12 01:21 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-12 01:21 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-12 01:21 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-12 01:21 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-12 01:21 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-12 01:21 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-12 01:21 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-09-12 01:21 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-09-12 01:21 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-12 01:21 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-12 01:21 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-12 01:21 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-12 01:21 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-09-12 01:21 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-09-12 01:21 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-09-12 01:21 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-12 01:21 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-12 01:21 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-12 01:21 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-12 01:21 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-12 01:21 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-12 01:21 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-09-12 01:21 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-12 01:21 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-12 01:21 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-12 01:21 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-12 01:21 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-09-12 01:16 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-12 01:16 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-09-11 22:22 - 2014-09-11 22:22 - 00622529 _____ () C:\Users\Computer\Desktop\flea.htm
    2014-09-11 21:51 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-11 21:51 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-09-11 21:51 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-11 21:51 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-09-11 21:50 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-11 21:50 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-11 21:50 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-11 21:50 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-11 21:50 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-09-11 21:50 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-09-11 21:50 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-09-10 00:25 - 2014-09-10 00:25 - 00549006 _____ () C:\Users\Computer\Desktop\mercy grace forgiveness.php
    2014-09-04 23:30 - 2014-09-04 23:30 - 00000142 _____ () C:\Users\Computer\Desktop\Jerry Gmail.url
    2014-09-04 22:17 - 2014-09-04 22:18 - 00000000 ____D () C:\Users\Computer\Desktop\Beans and Rice
    2014-09-04 21:33 - 2014-09-04 21:33 - 00000000 ____D () C:\Users\Computer\Documents\The Final Scene
    2014-09-04 19:03 - 2014-09-04 19:03 - 00001285 _____ () C:\Users\Public\Desktop\Nancy Drew - The Final Scene.lnk
    2014-09-04 16:36 - 2014-09-04 16:42 - 543118728 _____ () C:\Users\Computer\Downloads\InstallNancyDrewFinalScene.exe
    2014-09-03 15:45 - 2014-09-03 15:45 - 00001325 _____ () C:\Users\Public\Desktop\Nancy Drew - Resorting To Danger.lnk
    2014-09-03 15:41 - 2014-09-03 15:44 - 281705360 _____ () C:\Users\Computer\Downloads\InstallNancyDrewResortingToDanger.exe
    2014-09-02 20:50 - 2014-09-05 00:13 - 00000000 ____D () C:\Users\Computer\Desktop\Miniatures
    2014-09-01 23:00 - 2014-09-03 00:48 - 00000000 ____D () C:\Users\Computer\Documents\The Silent Spy
    2014-09-01 22:59 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
    2014-09-01 22:59 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2014-09-01 22:59 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
    2014-09-01 22:59 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2014-09-01 22:59 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2014-09-01 22:59 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2014-09-01 22:59 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2014-09-01 22:59 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2014-09-01 22:59 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2014-09-01 22:59 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2014-09-01 22:59 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
    2014-09-01 22:59 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2014-09-01 22:59 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2014-09-01 22:59 - 2008-10-10 04:52 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
    2014-09-01 22:59 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
    2014-09-01 22:59 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2014-09-01 22:59 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2014-09-01 22:59 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
    2014-09-01 22:59 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2014-09-01 22:59 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
    2014-09-01 22:59 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
    2014-09-01 22:59 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2014-09-01 22:59 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
    2014-09-01 22:59 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2014-09-01 22:59 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
    2014-09-01 22:59 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2014-09-01 22:59 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2014-09-01 22:59 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
    2014-09-01 22:59 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
    2014-09-01 22:59 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2014-09-01 22:59 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2014-09-01 22:59 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
    2014-09-01 22:59 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
    2014-09-01 22:59 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2014-09-01 22:59 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
    2014-09-01 22:59 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2014-09-01 22:59 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
    2014-09-01 22:59 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
    2014-09-01 22:59 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2014-09-01 22:59 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2014-09-01 22:59 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
    2014-09-01 22:59 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2014-09-01 22:59 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
    2014-09-01 22:59 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2014-09-01 22:59 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
    2014-09-01 22:59 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2014-09-01 22:59 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
    2014-09-01 22:59 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2014-09-01 22:59 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
    2014-09-01 22:59 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2014-09-01 22:59 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
    2014-09-01 22:59 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2014-09-01 22:59 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
    2014-09-01 22:59 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2014-09-01 22:59 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
    2014-09-01 22:59 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2014-09-01 22:59 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
    2014-09-01 22:59 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2014-09-01 22:59 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2014-09-01 22:59 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
    2014-09-01 22:59 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2014-09-01 22:59 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2014-09-01 22:59 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
    2014-09-01 22:59 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2014-09-01 22:59 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
    2014-09-01 22:59 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2014-09-01 22:59 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
    2014-09-01 22:59 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2014-09-01 22:59 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
    2014-09-01 22:59 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2014-09-01 22:59 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
    2014-09-01 22:59 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2014-09-01 22:59 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
    2014-09-01 22:59 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2014-09-01 22:59 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
    2014-09-01 22:59 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
    2014-09-01 22:59 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2014-09-01 22:59 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2014-09-01 22:59 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
    2014-09-01 22:59 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2014-09-01 22:59 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
    2014-09-01 22:58 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2014-09-01 22:58 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
    2014-09-01 22:58 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
    2014-09-01 22:58 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2014-09-01 22:58 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2014-09-01 22:58 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2014-09-01 22:58 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
    2014-09-01 22:58 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
    2014-09-01 22:58 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
    2014-09-01 22:58 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2014-09-01 22:58 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2014-09-01 22:58 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
    2014-09-01 22:58 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2014-09-01 22:58 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
    2014-09-01 22:58 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2014-09-01 22:58 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
    2014-09-01 22:58 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2014-09-01 22:58 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
    2014-09-01 22:58 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2014-09-01 22:58 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
    2014-09-01 22:58 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2014-09-01 22:58 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
    2014-09-01 22:58 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2014-09-01 22:58 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
    2014-09-01 22:58 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2014-09-01 22:58 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
    2014-09-01 22:58 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2014-09-01 22:58 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
    2014-09-01 22:58 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2014-09-01 22:58 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
    2014-09-01 22:58 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2014-09-01 22:58 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
    2014-09-01 22:56 - 2014-09-01 22:59 - 00000000 ____D () C:\Windows\SysWOW64\directx
    2014-09-01 22:56 - 2014-09-01 22:58 - 00000000 ___HD () C:\Windows\msdownld.tmp
    2014-09-01 22:04 - 2014-09-01 22:04 - 00001275 _____ () C:\Users\Public\Desktop\Nancy Drew - The Silent Spy.lnk
    2014-09-01 21:24 - 2014-09-01 21:24 - 00368000 _____ () C:\Users\Computer\Downloads\InstallNancyDrewSilentSpy.exe
    2014-09-01 01:14 - 2014-09-01 01:14 - 00002274 _____ () C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
    2014-09-01 01:04 - 2014-09-01 01:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
    2014-08-31 21:49 - 2014-08-31 21:49 - 00000143 _____ () C:\Users\Computer\Desktop\Nancy Drew help.url
    2014-08-30 23:19 - 2014-08-30 23:19 - 00000330 _____ () C:\Users\Computer\Desktop\Juicing.url
    2014-08-27 13:23 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-27 13:23 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-27 13:23 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-24 16:40 - 2014-08-29 19:38 - 00000000 ____D () C:\Users\Computer\Documents\Danger by Design
    2014-08-24 15:59 - 2014-08-24 15:59 - 00389512 _____ () C:\Users\Computer\Downloads\InstallNancyDrewDangerByDesign.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-22 22:05 - 2014-09-22 22:04 - 00023639 _____ () C:\Users\Computer\Downloads\FRST.txt
    2014-09-22 22:05 - 2014-09-22 22:03 - 00000000 ____D () C:\FRST
    2014-09-22 22:02 - 2014-09-22 22:02 - 02105856 _____ (Farbar) C:\Users\Computer\Downloads\FRST64.exe
    2014-09-22 21:58 - 2014-09-22 21:58 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-COMPUTER-PC-Microsoft-Windows-7-Professional-(64-bit).dat
    2014-09-22 21:58 - 2012-05-17 22:51 - 00000679 _____ () C:\Users\Computer\Desktop\Settings.ini
    2014-09-22 21:56 - 2014-09-22 21:56 - 00000000 ____D () C:\RegBackup
    2014-09-22 21:55 - 2014-09-22 21:55 - 01346048 _____ (Indigo Rose Corporation) C:\Users\Computer\Desktop\uninstall.exe
    2014-09-22 21:55 - 2014-09-22 21:55 - 00325960 _____ () C:\Users\Computer\Desktop\lua5.1.dll
    2014-09-22 21:55 - 2014-09-22 21:55 - 00001532 _____ () C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\Uninstall
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\files
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\Users\Computer\Desktop\color_presets
    2014-09-22 21:55 - 2014-09-22 21:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-22 21:55 - 2014-09-22 21:54 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-22 21:51 - 2013-12-05 22:30 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-22 21:49 - 2014-09-22 21:49 - 04057608 _____ () C:\Users\Computer\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-22 21:46 - 2013-05-17 15:57 - 00000324 _____ () C:\Windows\Tasks\PrintProjects Communicator.job
    2014-09-22 21:34 - 2013-04-16 16:14 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-22 21:33 - 2009-07-14 00:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-22 21:33 - 2009-07-14 00:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-22 21:31 - 2013-04-09 18:39 - 01463547 _____ () C:\Windows\WindowsUpdate.log
    2014-09-22 21:27 - 2014-09-20 00:50 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
    2014-09-22 21:26 - 2014-09-19 22:32 - 00000000 ____D () C:\Users\Computer\AppData\Local\Windows Live
    2014-09-22 21:25 - 2014-09-19 22:48 - 00000000 ____D () C:\Users\Computer\Tracing
    2014-09-22 21:25 - 2013-04-18 14:43 - 00000000 ____D () C:\Users\Computer\AppData\Local\Adobe
    2014-09-22 21:24 - 2014-09-22 21:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
    2014-09-22 21:24 - 2013-12-05 22:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-22 21:24 - 2013-04-16 12:05 - 00000000 ____D () C:\ProgramData\Kodak
    2014-09-22 21:24 - 2013-04-09 19:07 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
    2014-09-22 21:24 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-22 21:24 - 2009-07-14 00:51 - 00075265 _____ () C:\Windows\setupact.log
    2014-09-22 21:23 - 2013-04-09 17:30 - 00000000 ____D () C:\ProgramData\NVIDIA
    2014-09-22 21:23 - 2013-04-09 17:09 - 00664682 _____ () C:\Windows\PFRO.log
    2014-09-22 13:02 - 2014-09-20 00:47 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
    2014-09-22 12:54 - 2013-09-11 17:38 - 00000000 ____D () C:\Windows\system32\appmgmt
    2014-09-22 12:29 - 2014-08-17 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shockwave.com
    2014-09-22 12:29 - 2014-08-17 15:37 - 00000000 ____D () C:\Program Files (x86)\Shockwave.com
    2014-09-22 12:24 - 2013-04-16 18:24 - 00000000 ____D () C:\ProgramData\Norton
    2014-09-21 23:38 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-09-20 14:42 - 2014-08-19 22:48 - 00000000 ____D () C:\ProgramData\Origin
    2014-09-20 14:21 - 2013-09-02 23:55 - 00000000 ____D () C:\ProgramData\BigBrainz
    2014-09-20 02:17 - 2014-07-01 00:19 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-09-20 02:09 - 2014-09-20 02:07 - 00008137 _____ () C:\Windows\wininit.ini
    2014-09-20 02:09 - 2014-09-20 01:08 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-20 02:09 - 2014-09-19 22:30 - 00000000 ____D () C:\Users\Computer\AppData\Local\SearchProtect
    2014-09-20 02:07 - 2014-09-19 22:30 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
    2014-09-20 01:11 - 2014-09-20 01:08 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-20 01:08 - 2014-09-20 01:08 - 00001391 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
    2014-09-20 01:08 - 2014-09-20 01:08 - 00001379 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
    2014-09-20 01:08 - 2014-09-20 01:08 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
    2014-09-20 01:08 - 2014-09-20 01:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
    2014-09-20 01:06 - 2014-09-20 01:06 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\Lavasoft
    2014-09-20 00:50 - 2014-09-20 00:50 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\LavasoftStatistics
    2014-09-20 00:50 - 2014-09-20 00:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
    2014-09-20 00:49 - 2014-09-20 00:49 - 00000000 ____D () C:\Program Files\Lavasoft
    2014-09-20 00:48 - 2014-09-20 00:48 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\SecureSearch
    2014-09-20 00:46 - 2014-09-20 00:46 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
    2014-09-20 00:46 - 2014-09-20 00:45 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Computer\Downloads\spybot-2.4.exe
    2014-09-20 00:45 - 2014-09-20 00:45 - 02806920 _____ () C:\Users\Computer\Downloads\Adaware_Installer.exe
    2014-09-20 00:45 - 2014-09-20 00:45 - 00000000 ____D () C:\ProgramData\Lavasoft
    2014-09-19 22:48 - 2013-04-09 18:39 - 00000000 ____D () C:\Users\Computer
    2014-09-19 22:46 - 2014-09-19 22:46 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
    2014-09-19 22:46 - 2014-09-19 22:46 - 00000000 ____D () C:\Windows\ru
    2014-09-19 22:46 - 2014-09-19 22:46 - 00000000 ____D () C:\Windows\en
    2014-09-19 22:46 - 2014-09-19 22:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
    2014-09-19 22:45 - 2014-09-19 22:45 - 00002486 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00001458 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
    2014-09-19 22:45 - 2014-09-19 22:45 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
    2014-09-19 22:45 - 2014-09-19 22:44 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-09-19 22:44 - 2014-09-19 22:44 - 00000000 ____D () C:\Program Files\Windows Live
    2014-09-19 22:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2014-09-19 22:40 - 2014-09-19 22:40 - 00002100 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:40 - 2014-09-19 22:40 - 00002100 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:40 - 2014-09-19 22:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
    2014-09-19 22:40 - 2014-08-17 14:58 - 00011380 _____ () C:\Windows\Directx.log
    2014-09-19 22:39 - 2014-09-19 22:39 - 00002186 _____ () C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
    2014-09-19 22:39 - 2014-09-19 22:39 - 00000000 ___RD () C:\Users\Computer\OneDrive
    2014-09-19 22:39 - 2014-09-19 22:39 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
    2014-09-19 22:31 - 2014-09-19 22:31 - 00000000 ____D () C:\Users\Computer\AppData\Local\IsolatedStorage
    2014-09-19 22:30 - 2014-09-19 22:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
    2014-09-19 22:29 - 2014-09-19 22:29 - 00634992 _____ (© 2014 ClientConnect Ltd.) C:\Users\Computer\Downloads\Windows_Movie_Maker_TSV3CYINX.exe
    2014-09-19 22:29 - 2014-09-19 22:29 - 00000000 ____D () C:\Users\Computer\Downloads\Windows_Movie_Maker_TSV3CYINX
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-09-19 17:26 - 2014-09-19 17:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-09-19 17:25 - 2014-09-19 17:25 - 13087456 _____ (Microsoft Corporation) C:\Users\Computer\Downloads\Silverlight_x64(3).exe
    2014-09-19 12:55 - 2013-04-16 00:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-19 00:34 - 2014-09-19 00:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-18 23:43 - 2014-09-18 23:43 - 00668304 _____ () C:\Users\Computer\Desktop\rock gardens.htm
    2014-09-17 23:21 - 2013-10-29 17:05 - 09028608 ___SH () C:\Users\Computer\Desktop\Thumbs.db
    2014-09-15 11:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-09-13 05:56 - 2014-09-13 04:43 - 00000000 ____D () C:\Users\Computer\Desktop\Trips
    2014-09-12 13:43 - 2014-03-30 15:23 - 00000000 ____D () C:\Users\Computer\Desktop\Desktop Files
    2014-09-12 01:21 - 2013-04-09 18:08 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-09-12 01:20 - 2013-04-09 19:02 - 00776408 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-09-12 01:20 - 2009-07-14 01:13 - 00776408 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-12 01:19 - 2013-07-12 03:00 - 00000000 ____D () C:\Windows\system32\MRT
    2014-09-12 01:17 - 2013-04-11 06:21 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-09-12 01:16 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-11 22:22 - 2014-09-11 22:22 - 00622529 _____ () C:\Users\Computer\Desktop\flea.htm
    2014-09-11 21:58 - 2014-08-19 22:48 - 00000000 ____D () C:\Program Files (x86)\Origin
    2014-09-10 17:09 - 2014-08-12 21:17 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
    2014-09-10 17:09 - 2013-06-27 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
    2014-09-10 17:09 - 2013-04-16 00:25 - 00000000 ____D () C:\Program Files (x86)\Avira
    2014-09-10 12:34 - 2013-04-16 16:14 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-09-10 12:34 - 2013-04-16 16:14 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-09-10 12:34 - 2013-04-16 16:14 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-09-10 12:27 - 2014-05-23 00:03 - 00000000 ____D () C:\Users\Computer\Desktop\Bible Newest
    2014-09-10 00:25 - 2014-09-10 00:25 - 00549006 _____ () C:\Users\Computer\Desktop\mercy grace forgiveness.php
    2014-09-10 00:08 - 2013-05-17 15:55 - 00011136 _____ () C:\Users\Computer\AppData\Local\installer.log
    2014-09-09 15:21 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
    2014-09-09 13:08 - 2014-06-13 03:30 - 00000000 ____D () C:\Users\Computer\Documents\Outlook Files
    2014-09-07 21:52 - 2013-06-22 20:24 - 00000000 ____D () C:\Users\Computer\AppData\Local\CrashDumps
    2014-09-05 00:13 - 2014-09-02 20:50 - 00000000 ____D () C:\Users\Computer\Desktop\Miniatures
    2014-09-04 23:30 - 2014-09-04 23:30 - 00000142 _____ () C:\Users\Computer\Desktop\Jerry Gmail.url
    2014-09-04 22:18 - 2014-09-04 22:17 - 00000000 ____D () C:\Users\Computer\Desktop\Beans and Rice
    2014-09-04 22:10 - 2014-09-11 21:50 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-04 22:05 - 2014-09-11 21:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-04 21:33 - 2014-09-04 21:33 - 00000000 ____D () C:\Users\Computer\Documents\The Final Scene
    2014-09-04 19:03 - 2014-09-04 19:03 - 00001285 _____ () C:\Users\Public\Desktop\Nancy Drew - The Final Scene.lnk
    2014-09-04 16:42 - 2014-09-04 16:36 - 543118728 _____ () C:\Users\Computer\Downloads\InstallNancyDrewFinalScene.exe
    2014-09-03 15:45 - 2014-09-03 15:45 - 00001325 _____ () C:\Users\Public\Desktop\Nancy Drew - Resorting To Danger.lnk
    2014-09-03 15:44 - 2014-09-03 15:41 - 281705360 _____ () C:\Users\Computer\Downloads\InstallNancyDrewResortingToDanger.exe
    2014-09-03 15:34 - 2013-09-11 17:40 - 00000000 ____D () C:\Users\Computer\AppData\Local\DoNotTrackPlus
    2014-09-03 00:48 - 2014-09-01 23:00 - 00000000 ____D () C:\Users\Computer\Documents\The Silent Spy
    2014-09-01 22:59 - 2014-09-01 22:56 - 00000000 ____D () C:\Windows\SysWOW64\directx
    2014-09-01 22:58 - 2014-09-01 22:56 - 00000000 ___HD () C:\Windows\msdownld.tmp
    2014-09-01 22:04 - 2014-09-01 22:04 - 00001275 _____ () C:\Users\Public\Desktop\Nancy Drew - The Silent Spy.lnk
    2014-09-01 21:29 - 2014-08-16 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nancy Drew
    2014-09-01 21:24 - 2014-09-01 21:24 - 00368000 _____ () C:\Users\Computer\Downloads\InstallNancyDrewSilentSpy.exe
    2014-09-01 01:14 - 2014-09-01 01:14 - 00002274 _____ () C:\Users\Public\Desktop\The Sims™ 3 High-End Loft Stuff.lnk
    2014-09-01 01:14 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2014-09-01 01:04 - 2014-09-01 01:04 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
    2014-09-01 01:04 - 2013-04-09 18:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-08-31 21:49 - 2014-08-31 21:49 - 00000143 _____ () C:\Users\Computer\Desktop\Nancy Drew help.url
    2014-08-30 23:19 - 2014-08-30 23:19 - 00000330 _____ () C:\Users\Computer\Desktop\Juicing.url
    2014-08-29 19:38 - 2014-08-24 16:40 - 00000000 ____D () C:\Users\Computer\Documents\Danger by Design
    2014-08-27 21:53 - 2009-07-14 00:45 - 00409576 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-24 15:59 - 2014-08-24 15:59 - 00389512 _____ () C:\Users\Computer\Downloads\InstallNancyDrewDangerByDesign.exe

    Some content of TEMP:
    ====================
    C:\Users\Computer\AppData\Local\Temp\avgnt.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-17 01:18

    ==================== End Of Log ============================

    Here is the Addition:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
    Ran by Computer at 2014-09-22 22:06:26
    Running from C:\Users\Computer\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
    AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
    AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
    AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Ad-Aware Antivirus (HKLM\...\{E39A80AE-0CC0-43EE-AB6B-BE11DC4F969F}_AdAwareUpdater) (Version: 11.3.6321.0 - Lavasoft)
    AdAwareInstaller (Version: 11.3.6321.0 - Lavasoft) Hidden
    AdAwareUpdater (Version: 11.3.6321.0 - Lavasoft) Hidden
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.6.0.393 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
    aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
    aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
    aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
    AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
    ArcSoft MediaImpression for Kodak (HKLM-x32\...\{9B260944-746E-4966-8918-0F9636930456}) (Version: 2.0.24.1127 - ArcSoft)
    Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.31.0 - Ask.com) <==== ATTENTION
    Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.4.57710 - Ask.com) <==== ATTENTION
    Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
    ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
    Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
    Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
    Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
    Big Brainz Launcher (HKLM-x32\...\Big Brainz Launcher O) (Version: O - Big Brainz)
    Burger Shop (HKLM-x32\...\Burger Shop) (Version: 32.0.0.0 - Shockwave.com)
    C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
    center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
    Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
    Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
    Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
    Delicious - Emily's Childhood Memories (HKLM-x32\...\Delicious - Emily's Childhood Memories) (Version: 32.0.0.0 - Shockwave.com)
    ENCORE Wireless LAN Driver - PCIE Adapter (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0000 - )
    essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
    GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
    Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel)
    Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
    Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
    Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
    KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0419-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    Nancy Drew® Dossier™: Resorting to Danger (HKLM-x32\...\Nancy Drew® Dossier™: Resorting to Danger) (Version: - )
    Nancy Drew®: The Final Scene (HKLM-x32\...\Nancy Drew®: The Final Scene) (Version: 32.0.0.0 - Shockwave.com)
    Nancy Drew®: The Silent Spy (HKLM-x32\...\Nancy Drew®: The Silent Spy) (Version: 32.0.0.0 - Shockwave.com)
    NVIDIA 3D Vision Controller Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.90 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA Control Panel 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
    NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
    NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
    NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
    NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
    NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
    NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
    NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
    ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
    Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
    PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.12992 - RocketLife Inc.)
    QuickTime (HKLM-x32\...\{F07B861C-72B9-40A4-8B1A-AAED4C06A7E8}) (Version: 7.1.3.100 - Apple Computer, Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
    The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
    Timez Attack (HKLM-x32\...\Timez Attack 3.15) (Version: 3.15 - Big Brainz)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
    Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
    Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
    Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
    Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)
    Основные компоненты Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden
    Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3631100180-372296517-2715455636-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3631100180-372296517-2715455636-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3631100180-372296517-2715455636-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3631100180-372296517-2715455636-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-3631100180-372296517-2715455636-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Computer\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)

    ==================== Restore Points =========================

    19-09-2014 05:53:43 Scheduled Checkpoint
    20-09-2014 02:30:14 PerforMax Cleaner
    20-09-2014 02:32:24 Windows Live Essentials
    20-09-2014 02:38:00 Windows Live Essentials
    20-09-2014 02:39:09 Windows Live Essentials
    20-09-2014 02:40:17 Installed DirectX
    20-09-2014 02:40:53 Installed DirectX
    20-09-2014 02:41:32 Installed DirectX
    20-09-2014 02:44:11 WLSetup
    20-09-2014 04:45:25 AA11
    20-09-2014 06:17:16 PerforMax Cleaner
    22-09-2014 17:00:54 Removed Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {1CD5C0A2-C05D-4B65-B98F-413C2CF80387} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {2130A8B7-E8A4-42BD-9134-3DFF1FCC9599} - System32\Tasks\AdobeAAMUpdater-1.0-Computer-PC-Computer => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
    Task: {523B3EF9-1999-4300-A27C-9D9B16221D23} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {6606ED5D-C2E3-48F4-B844-6F96307D1499} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
    Task: {6DC59010-8372-4A95-B03E-48F28B0C9DA0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
    Task: {8AAAE512-FAB7-4D52-9DB6-8970655457C2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
    Task: {9748135C-DAD9-4CAF-AFE3-42F3FA64382D} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
    Task: {B09B51AE-44E7-4DCC-926D-D6348BC5D93D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {C39469E4-B3A7-4295-9529-89644F6C39E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-05] (Google Inc.)
    Task: {CAA030D5-0CF8-472E-80EA-A51EF8D259AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-10] (Adobe Systems Incorporated)
    Task: {E9FF26B8-05E5-44DC-B288-D805017A707E} - System32\Tasks\PrintProjects Communicator => C:\ProgramData\PrintProjects\Communicator.exe [2014-07-01] ()
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\PrintProjects Communicator.job => C:\ProgramData\PrintProjects\Communicator.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-04-09 17:29 - 2013-01-18 11:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2012-02-09 19:26 - 2012-02-09 19:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
    2012-02-09 19:26 - 2012-02-09 19:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
    2012-02-09 19:26 - 2012-02-09 19:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
    2014-08-27 12:32 - 2014-08-27 12:32 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
    2014-08-27 12:53 - 2014-08-27 12:53 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_thread-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_system-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_chrono-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_date_time-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_filesystem-vc100-mt-1_55.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 11947856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareServiceKernel.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\RCF.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_regex-vc100-mt-1_55.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareActivation.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 02167640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareApplicationUpdater.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareGamingMode.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareReset.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTime.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00943960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdater.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareDefinitionsUpdaterScheduler.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01105224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIgnoreList.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00247624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareQuarantine.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00988504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiMalwareEngine.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiRootkitEngine.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerHistory.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01277248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScanner.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_timer-vc100-mt-1_55.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00975192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareScannerScheduler.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01109336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareRealTimeProtection.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareIncompatibles.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00891720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiSpam.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00843088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAntiPhishing.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 03090768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareParentalControl.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 02624848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareWebProtection.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareEmailProtection.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNetworkProtection.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePromo.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareFeedback.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareThreatWorkAlliance.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01238848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwarePinCode.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareNotice.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 00928072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareAvcEngine.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\SecurityCenter.dll
    2014-05-23 02:10 - 2014-05-23 02:10 - 00671904 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
    2014-08-27 12:52 - 2014-08-27 12:52 - 02745168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareShellExtension.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 08886592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
    2014-08-27 12:53 - 2014-08-27 12:53 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\boost_locale-vc100-mt-1_55.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 02101568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\HtmlFramework.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\DllStorage.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00832848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTrayDefaultSkin.dll
    2014-08-27 12:53 - 2014-08-27 12:53 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\Localization.dll
    2014-05-23 02:10 - 2014-05-23 02:10 - 05341856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2014-08-12 21:17 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Computer\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
    2014-05-26 05:52 - 2014-05-26 05:52 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
    2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
    2014-09-20 01:08 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-09-20 01:08 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-09-20 01:08 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
    2014-09-19 00:34 - 2014-09-19 00:34 - 03734640 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2014-05-12 22:22 - 2014-05-12 22:22 - 02217128 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\plugins\ExchangePlugin\ExManCoreLib\ExManZxpSign.dll
    2014-09-13 22:11 - 2014-09-13 22:11 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\da2db029408c91468db6f8dcc5000ad0\PSIClient.ni.dll
    2013-04-09 19:01 - 2012-07-18 09:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
    2014-09-20 01:08 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-09-20 01:08 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)


    ==================== Faulty Device Manager Devices =============

    Name: Realtek PCIe GBE Family Controller
    Description: Realtek PCIe GBE Family Controller
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Realtek
    Service: RTL8167
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/22/2014 09:28:01 PM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

    Error: (09/22/2014 09:24:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/22/2014 01:01:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

    System Error:
    The system cannot find the file specified.
    .

    Error: (09/22/2014 00:54:38 PM) (Source: MsiInstaller) (EventID: 11730) (User: Computer-PC)
    Description: Product: Ask Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.

    Error: (09/20/2014 02:16:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

    Error: (09/20/2014 02:14:19 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/20/2014 02:17:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


    Details:
    AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.
    .

    Error: (09/20/2014 00:41:48 AM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Product: Adobe Reader XI (11.0.08) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011009}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127

    Error: (09/20/2014 00:39:48 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/19/2014 10:39:30 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Computer-PC)
    Description: Application or service 'Windows Search' could not be shut down.


    System errors:
    =============
    Error: (09/22/2014 09:41:18 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
    Description: 0x8000002a52\??\C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

    Error: (09/22/2014 09:26:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    %%1053

    Error: (09/22/2014 09:26:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (09/22/2014 09:25:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Wajam Internet Enhancer Service service failed to start due to the following error:
    %%2

    Error: (09/22/2014 09:24:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
    %%1053

    Error: (09/22/2014 09:24:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

    Error: (09/21/2014 10:59:17 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
    Description: 0x8000002a52\??\C:\Windows\System32\SMI\Store\Machine\SCHEMA.DAT

    Error: (09/20/2014 03:24:43 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
    Description: 0x8000002a171\??\Volume{262e660d-a165-11e2-a6b9-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{100995C5-C32A-490E-A802-42792CD8D733}

    Error: (09/20/2014 03:23:06 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
    Description: 0x8000002a171\??\Volume{262e660d-a165-11e2-a6b9-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{0A2DFB97-B1D7-433B-B168-A12D6251CD09}

    Error: (09/20/2014 03:21:33 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
    Description: 0x8000002a171\??\Volume{262e660d-a165-11e2-a6b9-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A6454598-7F77-4655-8391-BEBE3A7E9894}


    Microsoft Office Sessions:
    =========================
    Error: (09/22/2014 09:28:01 PM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Adobe Reader XI (11.0.08){AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

    Error: (09/22/2014 09:24:15 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/22/2014 01:01:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

    System Error:
    The system cannot find the file specified.

    Error: (09/22/2014 00:54:38 PM) (Source: MsiInstaller) (EventID: 11730) (User: Computer-PC)
    Description: Product: Ask Toolbar -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (09/20/2014 02:16:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Adobe Reader XI (11.0.08){AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

    Error: (09/20/2014 02:14:19 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/20/2014 02:17:25 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description:
    Details:
    AddWin32ServiceFiles: Unable to back up image of service Search Protect Service since QueryServiceConfig API failed

    System Error:
    The system cannot find the file specified.

    Error: (09/20/2014 00:41:48 AM) (Source: MsiInstaller) (EventID: 1024) (User: Computer-PC)
    Description: Adobe Reader XI (11.0.08){AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

    Error: (09/20/2014 00:39:48 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
    Description: CAgentState::DoPeriodicSuspendResume ****Error in initialize NetDetect, status = 0x2

    Error: (09/19/2014 10:39:30 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Computer-PC)
    Description: 1SearchIndexer.exeWindows Search03026216134360


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
    Percentage of memory in use: 38%
    Total physical RAM: 8155.04 MB
    Available physical RAM: 5050.58 MB
    Total Pagefile: 16308.27 MB
    Available Pagefile: 12767.02 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:465.66 GB) (Free:374.83 GB) NTFS
    Drive d: (Sims3SP01) (CDROM) (Total:4.52 GB) (Free:0 GB) UDF

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7E9B0437)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

    Here is the aswMBR:
    aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
    Run date: 2014-09-22 22:34:46
    -----------------------------
    22:34:46.664 OS Version: Windows x64 6.1.7601 Service Pack 1
    22:34:46.664 Number of processors: 4 586 0x3A09
    22:34:46.664 ComputerName: COMPUTER-PC UserName: Computer
    22:34:47.829 Initialize success
    22:34:47.829 VM: initialized successfully
    22:34:47.829 VM: Intel CPU supported
    22:34:50.840 VM: disk I/O iaStorA.sys
    22:37:01.237 AVAST engine defs: 14092201
    22:37:42.515 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
    22:37:42.515 Disk 0 Vendor: ATA_____ A50E Size: 476940MB BusType: 11
    22:37:42.624 Disk 0 MBR read successfully
    22:37:42.624 Disk 0 MBR scan
    22:37:42.655 Disk 0 Windows 7 default MBR code
    22:37:42.655 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
    22:37:42.655 Disk 0 default boot code
    22:37:42.702 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
    22:37:42.843 Disk 0 scanning C:\Windows\system32\drivers
    22:37:56.649 Service scanning
    22:38:28.707 Modules scanning
    22:38:28.707 Disk 0 trace - called modules:
    22:38:28.738 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys storport.sys hal.dll iaStorA.sys
    22:38:28.753 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009465060]
    22:38:28.753 3 CLASSPNP.SYS[fffff88001d1843f] -> nt!IofCallDriver -> [0xfffffa800769fc50]
    22:38:28.769 5 iaStorF.sys[fffff88001601168] -> nt!IofCallDriver -> \Device\00000061[0xfffffa80071522e0]
    22:38:31.343 AVAST engine scan C:\Windows
    22:38:34.011 AVAST engine scan C:\Windows\system32
    22:42:58.540 AVAST engine scan C:\Windows\system32\drivers
    22:43:17.011 AVAST engine scan C:\Users\Computer
    22:50:38.755 Disk 0 MBR has been saved successfully to "C:\Users\Computer\Desktop\MBR.dat"
    22:50:38.755 The log file has been saved successfully to "C:\Users\Computer\Desktop\aswMBR.txt"

  2. #2
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default



    You have a ton of bogus toolbars and search engines installed

    Download MiniToolBox and save it to your desktop and run it.

    Checkmark the following checkboxes:
    • Flush DNS
    • Reset IE Proxy Settings


    Click Go and post the result (Result.txt) that pops up. A copy of result.txt will be saved in the same directory the tool is run.



    ===============================================================================

    -AdwCleaner-by Xplode

    Click on this link to download : ADWCleaner
    Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.

    Do not click on any links in the top Advertisment.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Scan.
    • After the scan is complete click on "Clean"
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next reply.
    • You can find the logfile at C:\AdwCleaner[S1].txt as well.



    ===============================================================================


    Please download Junkware Removal Tool to your desktop.
    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.




    ===============================================================================

    Download Malwarebytes' Anti-Malware to your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"




    • On the Dashboard click on Update Now
    • Go to the Setting Tab
    • Under Setting go to Detection and Protection
    • Under PUP and PUM make sure both are set to show Treat Detections as Malware
    • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
    • Then on the Dashboard click on Scan
    • Make sure to select THREAT SCAN
    • Then click on Scan
    • When the scan is finished and the log pops up...select Copy to Clipboard
    • Please paste the log back into this thread for review
    • Exit Malwarebytes
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #3
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default Thanks, here are the results

    Okay, here is the first part. I am still working on the rest.

    MiniToolBox by Farbar Version: 21-07-2014
    Ran by Computer (administrator) on 23-09-2014 at 11:41:18
    Running from "C:\Users\Computer\Downloads"
    Microsoft Windows 7 Professional Service Pack 1 (X64)
    Boot Mode: Normal
    ***************************************************************************

    ========================= Flush DNS: ===================================

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    "Reset IE Proxy Settings": IE Proxy Settings were reset.

    **** End of log ****


    # AdwCleaner v3.310 - Report created 23/09/2014 at 11:52:25
    # Updated 12/09/2014 by Xplode
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    # Username : Computer - COMPUTER-PC
    # Running from : C:\Users\Computer\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : SPPD
    [#] Service Deleted : Wajam Internet Enhancer Service

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
    Folder Deleted : C:\Program Files (x86)\SearchProtect
    Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
    Folder Deleted : C:\Users\Computer\AppData\Local\AskToolbar
    Folder Deleted : C:\Users\Computer\AppData\Local\SearchProtect
    Folder Deleted : C:\Users\Computer\AppData\LocalLow\AskToolbar
    Folder Deleted : C:\Users\Computer\AppData\Roaming\SecureSearch
    Folder Deleted : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
    File Deleted : C:\Users\Computer\Desktop\Uninstall.exe
    File Deleted : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\searchplugins\trovi-search.xml

    ***** [ Scheduled Tasks ] *****

    Task Deleted : Scheduled Update for Ask Toolbar

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaabfjnbeinlpljodiajipidiompfl
    Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
    Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
    Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
    Key Deleted : HKLM\SOFTWARE\AskToolbar
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280


    -\\ Mozilla Firefox v32.0.2 (x86 en-US)

    [ File : C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\u00u3bmn.default\prefs.js ]

    Line Deleted : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP7DE103AB-E475-4F6C[...]
    Line Deleted : user_pref("browser.search.defaultenginename", "Ixquick hxxpS");
    Line Deleted : user_pref("browser.search.selectedEngine", "Ixquick hxxpS");
    Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
    Line Deleted : user_pref("socialfixer.100000326443354/prefs", "{\"update_show_after\":1379605103693,\"friend_tracker\":{\"friends\":{\"100000002883845\":{\"name\":\"Jordan McCluskey\",\"added\":1373661519353},\"7399[...]

    -\\ Google Chrome v37.0.2062.120

    [ File : C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-4&o=APN10266&locale=en_US&apn_uid=ffb2f987-f112-49fa-892b-ff3b5edb30ea&apn_ptnrs=%5EAGX&apn_sauid=40532622-B5B4-46F5-A5ED-E657BB64CE9F&apn_dtid=%5EYYYYYY%5EYY%5EUS&q={searchTerms}
    Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=58&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&q={searchTerms}&SSPV=
    Deleted [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=55&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&SSPV=
    Deleted [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3325892&octid=EB_ORIGINAL_CTID&ISID=412cd217-e2d8-4e5e-818a-c8901eba55d0&SearchSource=55&CUI=&UM=6&UP=SP7DE103AB-E475-4F6C-9611-7B25E65886E3&SSPV=
    Deleted [Extension] : aaaaabfjnbeinlpljodiajipidiompfl
    Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
    Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
    Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
    Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
    Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
    Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
    Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

    *************************

    AdwCleaner[R0].txt - [11735 octets] - [23/09/2014 11:50:19]
    AdwCleaner[R1].txt - [11796 octets] - [23/09/2014 11:51:47]
    AdwCleaner[S0].txt - [11745 octets] - [23/09/2014 11:52:25]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11806

  4. #4
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default How Do I Turn off Avira

    I am trying to figure out how to turn off Avira so that I can run the Junkware removal app. Can you direct me please?

  5. #5
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    http://www.bleepingcomputer.com/foru...ware-programs/

    Forgot to add that you may want to bookmark this link as it may come in handy in the future
    Last edited by ken545; 2014-09-23 at 20:53.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  6. #6
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default It's not there

    The directions say to right click on the icon in the task bar and un-tick enable. The problem is that it is not there. I've done that before, but it isn't there now. The only there choices are "start" "pin" and "close window".

  7. #7
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default I got it

    Finally figured out how to do it within the program. Thanks.

  8. #8
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Keep it disabled while your run Malwarebytes also
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  9. #9
    Member
    Join Date
    Sep 2014
    Posts
    45

    Default Onward...

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.2.0 (09.22.2014:1)
    OS: Windows 7 Professional x64
    Ran by Computer on Tue 09/23/2014 at 13:51:28.24
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5C58855A-DD1C-4494-895A-BEC9BA9BC7F7}



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Users\Computer\appdata\local\apn"



    ~~~ FireFox

    Successfully deleted the following from C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\u00u3bmn.default\prefs.js

    user_pref("avira.safe_search.search_was_active", "false");
    user_pref("extensions.bootstrappedAddons", "{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"version\":\"2.6.4\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Computer\
    user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"147ccf291c23a0-0b44ebcfcdff2f-42504136-0-147ccf291c3439\"");
    user_pref("extensions.safesearch.SAUTH_expires_at", "1411534076");
    user_pref("extensions.safesearch.SAUTH_rndsnr", "\"1057df2b656c6ebf3f46c931d86bf562e014b6d5\"");
    user_pref("extensions.safesearch.SAUTH_userid", "4251093722");
    user_pref("extensions.safesearch.SAUTH_utoken", "\"82ef7e28e1056377f153847ad49b47ab8282ddc9\"");
    user_pref("extensions.safesearch.install", "1407892754886");
    user_pref("keyword.URL", "hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=");
    user_pref("socialfixer.739947081/typeahead_new", "for (;;{\"__ar\":1,\"payload\":{\"entries\":[{\"uid\":739947081,\"photo\":\"hxxps:\\/\\/fbcdn-profile-a.akamaihd.net\\/hpro
    Emptied folder: C:\Users\Computer\AppData\Roaming\mozilla\firefox\profiles\u00u3bmn.default\minidumps [482 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 09/23/2014 at 13:53:10.87
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    _____________


    Now, as for the Malwarebytes, I was able to run the scan. At the end where I check 'copy to clipboard', I don't see it doing that or opening up a box to copy the information here.

    Thanks, Suzy

  10. #10
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Suzy, that log is on your clipboard, just right click in your next post and select Paste
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •