Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Possible infection Spybot can't remove

  1. #1
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default Possible infection Spybot can't remove

    Hi, I have been dealing with a potential infection all summer and can't seem to get it removed. As per advice earlier this year, I ran HiJack this (though I don't think I removed anything, because it scared me, haha) and AdwCleaner. I also regularly run CCleaner, Spybot, Malwarebytes and Windows Security Essentials. I just ran WSE and it came up clean, but Spybot always lists the same threats that it says it 'fixed' in the previous scan, even if they're back-to-back. And sometimes Google seems to re-direct. (Note-- I didn't see any, but if you see any email addresses or other personal info, please alert me so that I can edit them out.) Thank you!

    Oh, I'll post the logs required in the "Before You Post" thread, but I can't figure out how to disable TeaTimer in Spybot-- I didn't see anywhere to check advanced settings? I have a log from a scan I ran less than an hour ago, though. Please let me know if I need to do something different. I DID back up my registry with Tweaking.com's thing, and will post my other logs here.



    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
    Ran by Imari (administrator) on IMARI-PC on 13-09-2014 18:19:24
    Running from C:\Users\Imari\Desktop
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Spotify Ltd) C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Apple Inc.) D:\iTunesHelper.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
    HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
    HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
    HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-02] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
    HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
    HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
    HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spotify Web Helper] => C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-18] (Spotify Ltd)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Google Update] => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-04] (Google Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\MountPoints2: {d0100140-3593-11e1-ae05-806e6f6e6963} - G:\LaunchBOPC1.exe
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
    ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
    ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> D:\Program Files (x86)\program\quickstart.exe ()
    ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
    BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
    Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
    Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default
    FF Keyword.URL: https://www.mypoints.com/emp/u/mysea...&fctb.dns=1&q=
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Adblock Plus - C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-11]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-02]
    FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
    FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2011-04-02]

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT
    CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN64620605553500358&UM=2"
    CHR DefaultSearchKeyword: Default -> 7DE471496509B5E9AB1E1945A15502F1540DC2E271BE5A7A8AE30F6123D4D166
    CHR DefaultSearchURL: Default -> https://mail.google.com/mail/?extsrc=mailto&url=%s
    CHR Profile: C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
    CHR Extension: (AdBlock) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-12-03]
    CHR Extension: (History Eraser) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjieilkfnnjoihjjonajndjldjoagffm [2012-11-23]
    CHR Extension: (Swagbucks Extension) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2014-02-05]
    CHR Extension: (Webcam Toy) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2013-11-28]
    CHR Extension: (Google Wallet) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKCU\...\Chrome\Extension: [apjkpjchfbckhjhokinlgdbmibpbbjak] - C:\Users\Imari\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx []

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
    R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
    S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-31] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
    R1 MpKsla0287fb5; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AE40DB4-AD9E-4DA0-B4DA-2F6C8873B43E}\MpKsla0287fb5.sys [45352 2014-09-13] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-01-02] () [File not signed]
    R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
    R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
    R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
    R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
    U3 ag27l0wr; C:\Windows\System32\Drivers\ag27l0wr.sys [0 ] (Intel Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-13 18:19 - 2014-09-13 18:20 - 00024901 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-13 18:18 - 2014-09-13 18:19 - 00000000 ____D () C:\FRST
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 17:03 - 2014-09-13 17:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 13:17 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-13 13:17 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-09-10 22:13 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-10 22:13 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-09-10 22:12 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-10 22:12 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-09-10 22:12 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-09-06 22:15 - 2014-09-06 22:18 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-01 14:29 - 2014-09-01 14:30 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417(1).exe
    2014-09-01 13:35 - 2014-09-01 13:39 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417.exe
    2014-09-01 13:30 - 2014-09-13 14:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-01 13:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-08-31 21:57 - 2014-08-31 21:57 - 00105141 _____ () C:\Users\Imari\Downloads\image (16).jpeg
    2014-08-31 21:57 - 2014-08-31 21:57 - 00100395 _____ () C:\Users\Imari\Downloads\image (15).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00109149 _____ () C:\Users\Imari\Downloads\image (13).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00106083 _____ () C:\Users\Imari\Downloads\image (14).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00118926 _____ () C:\Users\Imari\Downloads\image (10).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00105853 _____ () C:\Users\Imari\Downloads\image (12).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00080680 _____ () C:\Users\Imari\Downloads\image (11).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00120997 _____ () C:\Users\Imari\Downloads\image (5).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (9).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (6).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00110813 _____ () C:\Users\Imari\Downloads\image (7).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00106874 _____ () C:\Users\Imari\Downloads\image (8).jpeg
    2014-08-31 19:37 - 2014-08-31 19:37 - 00109077 _____ () C:\Users\Imari\Downloads\image (4).jpeg
    2014-08-31 19:36 - 2014-08-31 19:36 - 00119566 _____ () C:\Users\Imari\Downloads\image (3).jpeg
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-31 19:27 - 2014-08-31 19:27 - 00119566 _____ () C:\Users\Imari\Downloads\image (2).jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image.jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image (1).jpeg
    2014-08-27 21:35 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-14 11:40 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
    2014-08-14 11:40 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
    2014-08-14 11:40 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
    2014-08-14 11:40 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
    2014-08-14 11:40 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
    2014-08-14 11:40 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
    2014-08-14 11:39 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
    2014-08-14 11:39 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-13 18:20 - 2014-09-13 18:19 - 00024901 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-13 18:19 - 2014-09-13 18:18 - 00000000 ____D () C:\FRST
    2014-09-13 18:17 - 2014-07-04 13:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000UA.job
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 18:04 - 2014-02-20 21:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-13 18:04 - 2012-12-14 18:11 - 00260096 ___SH () C:\Users\Imari\Desktop\Thumbs.db
    2014-09-13 17:39 - 2011-04-02 00:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-13 17:06 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Games
    2014-09-13 17:04 - 2013-09-21 23:20 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-13 17:03 - 2014-09-13 17:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 17:03 - 2014-08-02 14:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-13 17:03 - 2014-08-02 14:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-13 17:03 - 2012-01-06 20:05 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-09-13 16:39 - 2011-04-02 00:36 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-13 14:37 - 2014-01-02 23:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-13 14:34 - 2014-09-01 13:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-13 14:32 - 2013-11-27 23:09 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-09-13 14:29 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-13 14:29 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-13 14:03 - 2012-12-30 16:37 - 01071834 ____N () C:\Windows\WindowsUpdate.log
    2014-09-13 13:39 - 2012-05-31 13:11 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Dropbox
    2014-09-13 13:39 - 2011-12-21 22:49 - 00000000 ___HD () C:\ASUS.DAT
    2014-09-13 13:36 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-13 13:21 - 2011-12-26 04:51 - 00000000 ____D () C:\Users\Imari\AppData\Local\Adobe
    2014-09-13 13:17 - 2014-07-04 13:12 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000Core.job
    2014-09-13 13:17 - 2014-05-09 07:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-12 19:23 - 2011-12-22 20:40 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Skype
    2014-09-10 20:29 - 2014-03-23 16:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-09-10 20:29 - 2011-12-22 20:39 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-09 23:39 - 2009-07-14 03:45 - 00000000 ____D () C:\Windows\ShellNew
    2014-09-09 10:03 - 2009-07-14 01:13 - 00811678 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-06 22:19 - 2012-05-16 19:36 - 03033088 ___SH () C:\Users\Imari\Downloads\Thumbs.db
    2014-09-06 22:18 - 2014-09-06 22:15 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-04 22:10 - 2014-09-10 22:12 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-04 22:05 - 2014-09-10 22:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-01 14:31 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Maintenance
    2014-09-01 14:30 - 2014-09-01 14:29 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417(1).exe
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-01 13:58 - 2012-01-15 23:39 - 00000000 ____D () C:\Windows\Minidump
    2014-09-01 13:39 - 2014-09-01 13:35 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417.exe
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Malwarebytes
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-31 21:57 - 2014-08-31 21:57 - 00105141 _____ () C:\Users\Imari\Downloads\image (16).jpeg
    2014-08-31 21:57 - 2014-08-31 21:57 - 00100395 _____ () C:\Users\Imari\Downloads\image (15).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00109149 _____ () C:\Users\Imari\Downloads\image (13).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00106083 _____ () C:\Users\Imari\Downloads\image (14).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00118926 _____ () C:\Users\Imari\Downloads\image (10).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00105853 _____ () C:\Users\Imari\Downloads\image (12).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00080680 _____ () C:\Users\Imari\Downloads\image (11).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00120997 _____ () C:\Users\Imari\Downloads\image (5).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (9).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (6).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00110813 _____ () C:\Users\Imari\Downloads\image (7).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00106874 _____ () C:\Users\Imari\Downloads\image (8).jpeg
    2014-08-31 19:37 - 2014-08-31 19:37 - 00109077 _____ () C:\Users\Imari\Downloads\image (4).jpeg
    2014-08-31 19:36 - 2014-08-31 19:36 - 00119566 _____ () C:\Users\Imari\Downloads\image (3).jpeg
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-31 19:27 - 2014-08-31 19:27 - 00119566 _____ () C:\Users\Imari\Downloads\image (2).jpeg
    2014-08-31 19:27 - 2014-06-09 20:12 - 00000000 ____D () C:\Users\Imari\Desktop\Ebay- yoyos
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image.jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image (1).jpeg
    2014-08-28 20:39 - 2009-07-14 00:45 - 04914096 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-23 10:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-08-22 22:07 - 2014-08-27 21:35 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-22 21:45 - 2014-08-27 21:35 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-22 20:59 - 2014-08-27 21:35 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-17 22:28 - 2012-06-14 23:37 - 00000000 ____D () C:\Users\Imari\Documents\Crown Financial
    2014-08-17 21:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
    2014-08-14 21:36 - 2011-12-21 22:49 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
    2014-08-14 21:02 - 2012-04-28 13:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-08-14 21:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-08-14 20:27 - 2013-08-11 18:16 - 00000000 ____D () C:\Windows\system32\MRT
    2014-08-14 11:50 - 2012-02-18 17:18 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

    Some content of TEMP:
    ====================
    C:\Users\Imari\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-09 21:49

    ==================== End Of Log ============================






    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
    Ran by Imari at 2014-09-13 18:21:26
    Running from C:\Users\Imari\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
    AV: Trend Micro Titanium Internet Security (Disabled - Out of date) {68F968AC-2AA0-091D-848C-803E83E35902}
    AS: Trend Micro Titanium Internet Security (Disabled - Out of date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.2.0.2070 - Adobe Systems Incorporated) Hidden
    Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - )
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.3.300.257 - Adobe Systems Incorporated)
    Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
    Adobe InDesign CS6 (HKLM-x32\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
    Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
    Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
    Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
    Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
    American Conquest (HKLM-x32\...\American Conquest) (Version: - )
    Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
    ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
    ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.1.0 - ASUSTeK Computer Inc.)
    ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.25 - ASUS)
    ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.0.6 - ASUS)
    ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.44 - ASUS)
    ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
    ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
    ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.21 - asus)
    ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
    ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
    AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.10.168 - ASUSTEK)
    Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
    ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
    BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Breath of Death VII (HKLM-x32\...\Steam App 107300) (Version: - Zeboyd Games)
    CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
    Cthulhu Saves the World (HKLM-x32\...\Steam App 107310) (Version: - Zeboyd Games)
    CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
    CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
    CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
    CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
    Dead Pixels (HKLM-x32\...\Steam App 222980) (Version: - CSR-Studios)
    Dropbox (HKCU\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
    Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version: - Humble Hearts LLC)
    Empire XP 2.0 (HKLM-x32\...\Empire XP) (Version: - )
    ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
    Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
    FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix)
    FINAL FANTASY VIII (HKLM-x32\...\Steam App 39150) (Version: - SQUARE ENIX)
    Flixster Collections (HKLM-x32\...\FlixsterCollections) (Version: 1.0.76 - Warner Bros. Entertainment Inc.)
    Flixster Collections (x32 Version: 1.0.76 - Warner Bros. Entertainment Inc.) Hidden
    Free YouTube Downloader 3.5.128 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
    Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
    Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
    ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.6.0 - LIGHTNING UK!)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2361 - Intel Corporation)
    iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
    Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
    Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
    Java(TM) 6 Update 33 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
    JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
    Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
    Medal of Honor Pacific Assault(tm) (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.0 - Electronic Arts)
    Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
    Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
    MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
    Musicnotes Player V1.32.2 and Viewer V1.19.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.32.2 - Musicnotes Inc.)
    Nancy Drew: Secret of the Old Clock (HKLM-x32\...\{70D1416D-C0FF-461C-8AF3-71B98C7F5CA4}) (Version: - )
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
    Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
    NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
    OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
    ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
    PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
    Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
    Pinball Arcade (HKLM-x32\...\Steam App 238260) (Version: - FarSight Studios)
    POWERPREP II (HKLM-x32\...\{2687340C-C114-47DC-9F0E-C1BA85FEB001}) (Version: 2.00.0000 - ETS)
    QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6410 - Realtek Semiconductor Corp.)
    Secret Diaries - Florence Ashford (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119551583}) (Version: - Oberon Media)
    SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
    Sid Meier's Civilization III: Complete (HKLM-x32\...\Steam App 3910) (Version: - Firaxis Games)
    Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
    Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
    Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
    Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
    Star Wars Jedi Knight Jedi Academy (HKLM-x32\...\{1EECBA68-8BE4-4076-94DF-E9ED206B1D21}) (Version: - )
    Star Wars JK II Jedi Outcast (HKLM-x32\...\{8681B1E6-CD96-46EF-9065-CE0D1085ED99}) (Version: 1.0 - LucasArts)
    Star Wars Knights of the Old Republic (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: 1.0 - LucasArts)
    Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
    syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
    The Elder Scrolls IV: Oblivion (HKLM-x32\...\Steam App 22330) (Version: - Bethesda Game Studios)
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
    Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
    Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
    Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
    Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.9.0 - Tweaking.com)
    Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.31.0 - ASUS)
    Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.19 - ASUS)
    影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
    照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Imari\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Imari\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Imari\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Imari\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Imari\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-1487551961-3572496284-799048130-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)

    ==================== Restore Points =========================


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {05643566-D668-46B0-84D5-6E454D94DEF1} - System32\Tasks\{5C10F0CF-7951-4D68-A23A-91365FF0AA61} => C:\Program Files (x86)\LucasArts\Star Wars Knights of the Old Republic\LaunchKOTOR.exe [2006-10-11] (LucasArts LLC)
    Task: {0E170835-29A9-44CF-B9A1-94573D708D3D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02] (Google Inc.)
    Task: {1B202343-13AE-4831-83DA-D863445C66F2} - System32\Tasks\{D2FB566D-B54F-4665-BB4A-196084FD7085} => D:\dmcr.exe [2002-12-18] (-GSC-)
    Task: {3AE14C96-0DF2-4551-AFB9-9CE844ACCD3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
    Task: {3BD33BC4-8DF3-4E04-9A86-26ACC61B8A05} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
    Task: {3C87CF44-6DBA-4D32-9669-AA9A646169CA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
    Task: {48E735B9-4F4E-4D70-B597-8B1CDF7D7A0E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
    Task: {4C85F90E-FEB5-445C-81D1-C6AEE751E184} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-02] (Google Inc.)
    Task: {4EE00FD4-7340-45E7-B055-1986A5016283} - System32\Tasks\My Tasks\Alarm Clock => C:\Users\Imari\Music\iTunes\iTunes Media\Music\Caitlin\Amaranth - www.Caitlin.co.za.mp3
    Task: {58B0FFB0-7E1F-430E-A7BC-E91F000CEBBB} - System32\Tasks\{0AE133F9-37B0-4132-A343-4FA1E9BB6D48} => D:\dmcr.exe [2002-12-18] (-GSC-)
    Task: {654D4252-8E4E-42BD-B107-1B4CAAE5C04F} - System32\Tasks\{0951F487-AF6F-4E1E-82D9-CE915E64041D} => C:\Program Files (x86)\LucasArts\Star Wars Knights of the Old Republic\LaunchKOTOR.exe [2006-10-11] (LucasArts LLC)
    Task: {919A2ED6-5FE6-4359-B3EB-D46EF19DC930} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
    Task: {99306B57-43D3-4A49-82BD-40C234966184} - System32\Tasks\AdobeAAMUpdater-1.0-Imari-PC-Imari => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
    Task: {A2065CBB-A60F-448E-8FF4-ED04BAA0FBD7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {A6DE9897-744E-42C4-8519-D30C497F481A} - System32\Tasks\{4431F210-AB79-4203-9C2B-6E865F9608CC} => C:\Program Files (x86)\LucasArts\Star Wars Knights of the Old Republic\LaunchKOTOR.exe [2006-10-11] (LucasArts LLC)
    Task: {B1472956-C5B8-4905-AC6F-CCF0F8411E78} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000UA => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.)
    Task: {BFCFAC4F-9E5C-44D1-9CCF-350DB4208038} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2011-08-31] (ASUSTeK Computer Inc.)
    Task: {C1700A89-D6DD-445C-9278-8CAC6D99F2B2} - System32\Tasks\{5EF26686-DD43-48BC-B6D5-A545D28310C2} => D:\dmcr.exe [2002-12-18] (-GSC-)
    Task: {C285FA5F-6F81-4E27-89C0-3ECEDA6E6494} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    Task: {C725B969-5F69-4433-8826-DCC4A3CEF2FD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
    Task: {CE83E647-2830-4B51-8386-086DED2B1EDF} - System32\Tasks\{D64BB8E3-8935-48F2-B8DD-D9DDA8AE65B9} => C:\Program Files (x86)\LucasArts\Star Wars Knights of the Old Republic\LaunchKOTOR.exe [2006-10-11] (LucasArts LLC)
    Task: {D72B3553-2C95-462F-AB8E-D9B1562CC5AA} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-03-07] (ASUS)
    Task: {DCE419E2-2962-4F27-9B74-98D18DD70517} - System32\Tasks\{1F8BC911-AC2A-4D70-B467-0A5C895BD426} => D:\dmcr.exe [2002-12-18] (-GSC-)
    Task: {DF545365-BB08-470E-B31A-0A5AED7274CE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000Core => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-04] (Google Inc.)
    Task: {E8B69708-F04B-4565-815E-C12AA8DE8A57} - System32\Tasks\{18944E43-7C24-488C-BCCE-D88C0EA3C0AF} => C:\Program Files (x86)\LucasArts\Star Wars Knights of the Old Republic\LaunchKOTOR.exe [2006-10-11] (LucasArts LLC)
    Task: {EF14BB98-1ADF-4719-B3B6-E313BFA740FA} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000Core.job => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000UA.job => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-04-02 00:49 - 2010-09-17 04:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
    2011-04-02 00:49 - 2010-09-17 04:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
    2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
    2011-07-20 00:42 - 2011-04-09 22:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2010-09-23 19:53 - 2010-09-23 19:53 - 01601536 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-01-02 23:27 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2014-01-02 23:27 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2014-01-02 23:27 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2011-08-31 16:33 - 2011-08-31 16:33 - 00208384 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
    2011-05-30 14:48 - 2011-05-30 14:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
    2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
    2009-11-02 17:20 - 2009-11-02 17:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    2009-11-02 17:23 - 2009-11-02 17:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    2014-08-28 21:14 - 2014-08-21 14:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
    2014-08-28 21:14 - 2014-08-21 14:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
    2014-08-28 21:14 - 2014-08-21 14:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
    2013-11-27 23:11 - 2014-08-20 18:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
    2014-05-21 19:02 - 2014-08-28 07:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
    2014-08-28 21:14 - 2014-08-21 14:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
    2014-08-28 21:14 - 2014-08-21 14:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
    2013-11-27 23:11 - 2014-08-28 07:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
    2013-11-27 23:11 - 2014-08-20 18:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
    2014-08-23 10:37 - 2014-08-20 18:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
    2014-01-02 23:27 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2014-01-02 23:27 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
    2014-09-05 19:06 - 2014-08-29 22:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
    2014-09-05 19:06 - 2014-08-29 22:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
    2014-09-05 19:06 - 2014-08-29 22:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
    2014-09-05 19:06 - 2014-08-29 22:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
    2014-09-05 19:06 - 2014-08-29 22:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:E4A4BAB8

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
    MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
    MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/13/2014 02:22:34 PM) (Source: System Restore) (EventID: 8211) (User: )
    Description: The scheduled restore point could not be created. Additional information: (0x8004231f).

    Error: (09/13/2014 02:22:34 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: Failed to create restore point (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x8004231f).

    Error: (09/13/2014 01:41:33 PM) (Source: .NET Runtime Optimization Service) (EventID: 1110) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service Manager returned a fatal error (0x80070070). Will stop service

    Error: (09/13/2014 01:41:33 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070070

    Error: (09/13/2014 01:30:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: rundll32.exe_aepdu.dll, version: 6.1.7600.16385, time stamp: 0x4a5bc9e0
    Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
    Exception code: 0x40000015
    Fault offset: 0x000000000002a84e
    Faulting process id: 0x137c
    Faulting application start time: 0xrundll32.exe_aepdu.dll0
    Faulting application path: rundll32.exe_aepdu.dll1
    Faulting module path: rundll32.exe_aepdu.dll2
    Report Id: rundll32.exe_aepdu.dll3

    Error: (09/13/2014 01:21:00 PM) (Source: ESENT) (EventID: 482) (User: )
    Description: wuaueng.dll (428) SUS20ClientDataStore: An attempt to write to the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log" at offset 0 (0x0000000000000000) for 393216 (0x00060000) bytes failed after wuaueng.dll0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 18626

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 18626

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/10/2014 11:03:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 17550


    System errors:
    =============
    Error: (09/13/2014 01:44:52 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (09/13/2014 01:22:24 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.183.2176.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (09/13/2014 01:22:24 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.183.2176.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2894844).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Update for Windows 7 for x64-based Systems (KB2985461).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Security Update for Microsoft .NET Framework 4.5, 4.5.1 and 4.5.2 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2972216).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Cumulative Security Update for Internet Explorer 11 for Windows 7 for x64-based Systems (KB2977629).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2972211).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Security Update for Microsoft .NET Framework 4.5 and 4.5.1 on Windows 7, Vista, Server 2008, Server 2008 R2 x64 (KB2894854).

    Error: (09/13/2014 01:21:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070070: Update for Microsoft Security Essentials - 4.6.305.0 (KB2965031).


    Microsoft Office Sessions:
    =========================
    Error: (09/13/2014 02:22:34 PM) (Source: System Restore) (EventID: 8211) (User: )
    Description: 0x8004231f

    Error: (09/13/2014 02:22:34 PM) (Source: System Restore) (EventID: 8193) (User: )
    Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationScheduled Checkpoint0x8004231f

    Error: (09/13/2014 01:41:33 PM) (Source: .NET Runtime Optimization Service) (EventID: 1110) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Service Manager returned a fatal error (0x80070070). Will stop service

    Error: (09/13/2014 01:41:33 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070070
    System.ServiceModel, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

    Error: (09/13/2014 01:30:19 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: rundll32.exe_aepdu.dll6.1.7600.163854a5bc9e0msvcrt.dll7.0.7601.177444eeb033f40000015000000000002a84e137c01cfcf76890949b3C:\Windows\system32\rundll32.exeC:\Windows\system32\msvcrt.dlla146ed78-3b6b-11e4-a411-5404a61c20b9

    Error: (09/13/2014 01:21:00 PM) (Source: ESENT) (EventID: 482) (User: )
    Description: wuaueng.dll428SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edbtmp.log0 (0x0000000000000000)393216 (0x00060000)-1808 (0xfffff8f0)112 (0x00000070)There is not enough space on the disk. 0

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 18626

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 18626

    Error: (09/10/2014 11:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/10/2014 11:03:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 17550


    CodeIntegrity Errors:
    ===================================
    Date: 2013-04-29 14:01:12.514
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:01:12.290
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:01:14.535
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:01:14.422
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:45.672
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:45.500
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:15.753
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:15.630
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:12.894
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-29 14:00:12.711
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
    Percentage of memory in use: 83%
    Total physical RAM: 4000.13 MB
    Available physical RAM: 668.57 MB
    Total Pagefile: 7998.43 MB
    Available Pagefile: 3373.93 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:119.24 GB) (Free:2.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]
    Drive d: (DATA) (Fixed) (Total:153.85 GB) (Free:14.58 GB) NTFS
    Drive f: (CANON_DC) (Removable) (Total:1.89 GB) (Free:1.6 GB) FAT

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: AA9693FE)
    Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
    Partition 2: (Active) - (Size=119.2 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=153.9 GB) - (Type=OF Extended)

    ========================================================
    Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)

    Partition: GPT Partition Type.

    ==================== End Of Log ============================





    aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
    Run date: 2014-09-13 18:31:49
    -----------------------------
    18:31:49.318 OS Version: Windows x64 6.1.7601 Service Pack 1
    18:31:49.318 Number of processors: 2 586 0x2A07
    18:31:49.319 ComputerName: IMARI-PC UserName: Imari
    18:31:50.153 Initialize success
    18:31:50.202 VM: initialized successfully
    18:31:50.227 VM: Intel CPU virtualization not supported
    18:35:20.370 AVAST engine defs: 14091301
    18:37:35.257 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
    18:37:35.260 Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
    18:37:35.503 Disk 0 MBR read successfully
    18:37:35.506 Disk 0 MBR scan
    18:37:35.557 Disk 0 Windows 7 default MBR code
    18:37:35.571 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
    18:37:35.595 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 122098 MB offset 52430848
    18:37:35.623 Disk 0 default boot code
    18:37:35.660 Disk 0 Partition - 00 0F Extended LBA 157545 MB offset 302487552
    18:37:35.699 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 157544 MB offset 302489600
    18:37:36.144 Disk 0 scanning C:\Windows\system32\drivers
    18:37:57.857 Service scanning
    18:38:18.338 Service MpKsla0287fb5 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0AE40DB4-AD9E-4DA0-B4DA-2F6C8873B43E}\MpKsla0287fb5.sys **LOCKED** 32
    18:38:44.831 Modules scanning
    18:38:44.837 Disk 0 trace - called modules:
    18:38:44.902 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys sptd.sys hal.dll
    18:38:44.907 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cd0790]
    18:38:44.911 3 CLASSPNP.SYS[fffff8800140143f] -> nt!IofCallDriver -> [0xfffffa8004b3dbe0]
    18:38:44.915 5 ACPI.sys[fffff8800118b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b41050]
    18:38:45.905 AVAST engine scan C:\Windows
    18:38:49.481 AVAST engine scan C:\Windows\system32
    18:44:31.810 AVAST engine scan C:\Windows\system32\drivers
    18:45:01.698 AVAST engine scan C:\Users\Imari
    18:59:22.486 AVAST engine scan C:\ProgramData
    19:03:19.106 Scan finished successfully
    19:13:46.613 Disk 0 MBR has been saved successfully to "C:\Users\Imari\Documents\Virus scan logs\MBR.dat"
    19:13:46.654 The log file has been saved successfully to "C:\Users\Imari\Documents\Virus scan logs\aswMBR.txt"

  2. #2
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi Nightwingsgurl,

    My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
    • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
    • The fixes are specific to your problem and should only be used for the issues on this machine.
    • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
    • It's often worth reading through these instructions and printing them for ease of reference.
    • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
    • Please reply to this thread. Do not start a new topic.
    • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

    IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

    DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

    Please stay with this topic until I let you know that your system appears to be "All Clear"

    Important: All tools MUST be run from the Desktop.

    =========================

    but Spybot always lists the same threats that it says it 'fixed' in the previous scan, even if they're back-to-back.
    What are the threats it lists? Take a screenshot if necessary and post it in your next reply.

    And sometimes Google seems to re-direct.
    Which browsers does this occur while using?

    but I can't figure out how to disable TeaTimer in Spybot-- I didn't see anywhere to check advanced settings? I have a log from a scan I ran less than an hour ago, though.
    Which version of SpyBot do you have?

    Do you have the AdwCleaner log?

    =========================

    Multiple Anti-Virus Programs Installed

    I notice that you have both Microsoft Security Essentials and Trend Micro Titanium Internet Security installed at the same time. Having more than one antivirus program running at the same time can seriously degrade the performance of your system.

    Please uninstall either Microsoft Security Essentials or Trend Micro Titanium Internet Security (which ever you prefer) using either the provided uninstall feature that is part of the antivirus program or through Add/Remove Programs (for Vista and Win 7 users to go to Programs and Features in the Control Panel). As a rule of thumb one should run one firewall, one antivirus program in memory, and one anti-spyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.

    =========================

    FRST Fix Script

    Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

    Code:
    Start
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
    CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN64620605553500358&UM=2"
    Empty Temp:
    End
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST and press the Fix button just once and wait.
    The tool will make a log (Fixlog.txt) please post it to your reply.

    =========================

    Re-run Farbar Recovery Scan Tool it should be on your desktop.
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

    =========================


    In your next post please provide the following:
    • Answers to my questions
    • Screenshot of SpyBot "fixes" or the log
    • FixLog.txt
    • Fresh FRST.txt
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  3. #3
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default

    Thanks for responding!



    What are the threats it lists? Take a screenshot if necessary and post it in your next reply.
    Here's the log from last night:


    Search results from Spybot - Search & Destroy

    9/13/2014 7:00:20 PM
    Scan took 00:31:51.
    15 items found.

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

    Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
    C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CGJSJ82X\eplayer-static.clipsyndicate.com\analytics.sol
    Properties.size=504
    Properties.md5=A6C8044BA24DDC82A1127687B5BDD4E1
    Properties.filedate=1410643162
    Properties.filedatetext=2014-09-13 17:19:21

    Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
    C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CGJSJ82X\z.cdn.turner.com\com.turner.cvp.so.sol
    Properties.size=81
    Properties.md5=1BF1510CE8CD64C13E77F964C69A5DCD
    Properties.filedate=1410643199
    Properties.filedatetext=2014-09-13 17:19:59

    Adobe FlashPlayer Cookies: [SBI $065CE2DC] Text file (File, nothing done)
    C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\CGJSJ82X\z.cdn.turner.com\octoshapeuserinfo.sol
    Properties.size=65
    Properties.md5=366851EE622A0D6FABE8B0C9E9D2A5DA
    Properties.filedate=1410643184
    Properties.filedatetext=2014-09-13 17:19:44

    MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
    HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

    MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

    Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

    Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
    HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

    Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)


    History: [SBI $49804B54] Browser: History (2) (Browser: History, nothing done)


    Cookie: [SBI $49804B54] Browser: Cookie (4) (Browser: Cookie, nothing done)



    --- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

    2013-09-20 blindman.exe (2.2.18.151)
    2013-09-20 explorer.exe (2.2.18.177)
    2013-09-20 SDBootCD.exe (2.2.18.109)
    2013-09-20 SDCleaner.exe (2.2.18.110)
    2013-09-20 SDDelFile.exe (2.2.18.94)
    2013-06-18 SDDisableProxy.exe
    2013-09-20 SDFiles.exe (2.2.18.135)
    2013-09-20 SDFileScanHelper.exe (2.2.16.1)
    2013-10-15 SDFSSvc.exe (2.2.25.211)
    2013-10-10 SDHookHelper.exe (2.3.30.2)
    2013-10-10 SDHookInst32.exe (2.3.30.2)
    2013-10-10 SDHookInst64.exe (2.3.30.2)
    2013-09-20 SDImmunize.exe (2.2.18.130)
    2013-05-16 SDLogReport.exe (2.1.18.107)
    2013-10-14 SDOnAccess.exe (2.2.25.4)
    2013-09-20 SDPESetup.exe (2.2.18.3)
    2013-09-20 SDPEStart.exe (2.2.18.86)
    2013-09-20 SDPhoneScan.exe (2.2.18.28)
    2013-09-20 SDPRE.exe (2.2.18.22)
    2013-09-20 SDPrepPos.exe (2.2.18.10)
    2013-09-20 SDQuarantine.exe (2.2.18.103)
    2013-09-20 SDRootAlyzer.exe (2.2.18.116)
    2013-09-20 SDSBIEdit.exe (2.2.18.39)
    2013-09-20 SDScan.exe (2.2.18.177)
    2013-09-20 SDScript.exe (2.2.18.53)
    2013-10-15 SDSettings.exe (2.2.25.138)
    2013-09-20 SDShell.exe (2.2.18.2)
    2013-09-20 SDShred.exe (2.2.18.107)
    2013-09-20 SDSysRepair.exe (2.2.18.101)
    2013-09-20 SDTools.exe (2.2.18.150)
    2013-07-25 SDTray.exe (2.1.21.129)
    2013-09-20 SDUpdate.exe (2.2.18.91)
    2013-09-20 SDUpdSvc.exe (2.2.18.76)
    2013-09-20 SDWelcome.exe (2.2.21.129)
    2013-09-13 SDWSCSvc.exe (2.2.22.2)
    2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
    2014-07-31 spybotsd2-translation-esx.exe
    2013-06-19 spybotsd2-translation-frx.exe
    2014-08-25 spybotsd2-translation-hux2.exe
    2014-09-10 spybotsd2-translation-nlx.exe
    2014-01-02 unins000.exe (51.1052.0.0)
    1999-12-02 xcacls.exe
    2012-08-23 borlndmm.dll (10.0.2288.42451)
    2012-09-05 DelZip190.dll (1.9.0.107)
    2012-09-10 libeay32.dll (1.0.0.4)
    2012-09-10 libssl32.dll (1.0.0.4)
    2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
    2013-05-16 SDAV.dll
    2013-05-16 SDECon32.dll (2.1.18.113)
    2013-05-16 SDECon64.dll (2.1.18.113)
    2013-04-05 SDEvents.dll (2.1.16.2)
    2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
    2013-10-10 SDHook32.dll (2.3.30.2)
    2013-10-10 SDHook64.dll (2.3.30.2)
    2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
    2013-05-16 SDLicense.dll (2.1.18.0)
    2013-05-16 SDLists.dll (2.1.18.4)
    2013-05-16 SDResources.dll (2.1.18.7)
    2013-05-16 SDScanLibrary.dll (2.1.18.131)
    2013-05-16 SDTasks.dll (2.1.18.15)
    2013-05-16 SDWinLogon.dll (2.1.18.0)
    2012-08-23 sqlite3.dll
    2012-09-10 ssleay32.dll (1.0.0.4)
    2013-05-16 Tools.dll (2.1.18.36)
    2014-03-05 Includes\Adware-000.sbi (*)
    2014-01-08 Includes\Adware-001.sbi (*)
    2014-09-03 Includes\Adware-C.sbi (*)
    2014-01-13 Includes\Adware.sbi (*)
    2014-01-13 Includes\AdwareC.sbi (*)
    2010-08-13 Includes\Cookies.sbi (*)
    2014-01-08 Includes\Dialer-000.sbi (*)
    2014-01-08 Includes\Dialer-001.sbi (*)
    2014-01-08 Includes\Dialer-C.sbi (*)
    2014-01-13 Includes\Dialer.sbi (*)
    2014-01-13 Includes\DialerC.sbi (*)
    2014-01-09 Includes\Fraud-000.sbi
    2014-01-09 Includes\Fraud-001.sbi
    2014-03-31 Includes\Fraud-002.sbi
    2014-01-09 Includes\Fraud-003.sbi
    2012-11-14 Includes\HeavyDuty.sbi (*)
    2014-01-08 Includes\Hijackers-000.sbi (*)
    2014-01-08 Includes\Hijackers-001.sbi (*)
    2014-01-08 Includes\Hijackers-C.sbi (*)
    2014-01-13 Includes\Hijackers.sbi (*)
    2014-01-13 Includes\HijackersC.sbi (*)
    2014-01-08 Includes\iPhone-000.sbi (*)
    2014-01-08 Includes\iPhone.sbi (*)
    2014-01-08 Includes\Keyloggers-000.sbi (*)
    2014-09-10 Includes\Keyloggers-C.sbi (*)
    2014-01-13 Includes\Keyloggers.sbi (*)
    2014-01-13 Includes\KeyloggersC.sbi (*)
    2014-01-09 Includes\Malware-001.sbi (*)
    2014-01-09 Includes\Malware-002.sbi (*)
    2014-02-05 Includes\Malware-003.sbi (*)
    2014-01-28 Includes\Malware-004.sbi (*)
    2014-04-15 Includes\Malware-005.sbi (*)
    2014-02-26 Includes\Malware-006.sbi (*)
    2014-01-09 Includes\Malware-007.sbi (*)
    2014-09-10 Includes\Malware-C.sbi (*)
    2014-01-13 Includes\Malware.sbi (*)
    2013-12-23 Includes\MalwareC.sbi (*)
    2014-01-15 Includes\PUPS-000.sbi (*)
    2014-01-15 Includes\PUPS-001.sbi (*)
    2014-01-15 Includes\PUPS-002.sbi (*)
    2014-08-27 Includes\PUPS-C.sbi (*)
    2012-11-14 Includes\PUPS.sbi (*)
    2014-01-07 Includes\PUPSC.sbi (*)
    2014-01-08 Includes\Security-000.sbi (*)
    2014-01-08 Includes\Security-C.sbi (*)
    2014-01-21 Includes\Security.sbi (*)
    2014-01-21 Includes\SecurityC.sbi (*)
    2014-01-08 Includes\Spyware-000.sbi (*)
    2014-01-08 Includes\Spyware-001.sbi (*)
    2014-01-08 Includes\Spyware-C.sbi (*)
    2014-01-21 Includes\Spyware.sbi (*)
    2014-01-21 Includes\SpywareC.sbi (*)
    2011-06-07 Includes\Tracks.sbi (*)
    2012-11-19 Includes\Tracks.uti (*)
    2014-01-15 Includes\Trojans-000.sbi (*)
    2014-01-15 Includes\Trojans-001.sbi (*)
    2014-01-15 Includes\Trojans-002.sbi (*)
    2014-01-15 Includes\Trojans-003.sbi (*)
    2014-01-15 Includes\Trojans-004.sbi (*)
    2014-03-19 Includes\Trojans-005.sbi (*)
    2014-07-09 Includes\Trojans-006.sbi (*)
    2014-01-15 Includes\Trojans-007.sbi (*)
    2014-07-09 Includes\Trojans-008.sbi (*)
    2014-07-09 Includes\Trojans-009.sbi (*)
    2014-09-10 Includes\Trojans-C.sbi (*)
    2014-01-15 Includes\Trojans-OG-000.sbi (*)
    2014-01-15 Includes\Trojans-TD-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-000.sbi (*)
    2014-01-15 Includes\Trojans-VM-001.sbi (*)
    2014-01-15 Includes\Trojans-VM-002.sbi (*)
    2014-01-15 Includes\Trojans-VM-003.sbi (*)
    2014-01-15 Includes\Trojans-VM-004.sbi (*)
    2014-01-15 Includes\Trojans-VM-005.sbi (*)
    2014-01-15 Includes\Trojans-VM-006.sbi (*)
    2014-01-15 Includes\Trojans-VM-007.sbi (*)
    2014-01-15 Includes\Trojans-VM-008.sbi (*)
    2014-01-15 Includes\Trojans-VM-009.sbi (*)
    2014-01-15 Includes\Trojans-VM-010.sbi (*)
    2014-01-15 Includes\Trojans-VM-011.sbi (*)
    2014-01-15 Includes\Trojans-VM-012.sbi (*)
    2014-01-15 Includes\Trojans-VM-013.sbi (*)
    2014-01-15 Includes\Trojans-VM-014.sbi (*)
    2014-01-15 Includes\Trojans-VM-015.sbi (*)
    2014-01-15 Includes\Trojans-VM-016.sbi (*)
    2014-01-15 Includes\Trojans-VM-017.sbi (*)
    2014-01-15 Includes\Trojans-VM-018.sbi (*)
    2014-01-15 Includes\Trojans-VM-019.sbi (*)
    2014-01-15 Includes\Trojans-VM-020.sbi (*)
    2014-01-15 Includes\Trojans-VM-021.sbi (*)
    2014-01-15 Includes\Trojans-VM-022.sbi (*)
    2014-01-15 Includes\Trojans-VM-023.sbi (*)
    2014-01-15 Includes\Trojans-VM-024.sbi (*)
    2014-01-15 Includes\Trojans-ZB-000.sbi (*)
    2014-01-15 Includes\Trojans-ZL-000.sbi (*)
    2014-01-09 Includes\Trojans.sbi (*)
    2014-01-16 Includes\TrojansC-01.sbi (*)
    2014-01-16 Includes\TrojansC-02.sbi (*)
    2014-01-16 Includes\TrojansC-03.sbi (*)
    2014-01-16 Includes\TrojansC-04.sbi (*)
    2014-01-16 Includes\TrojansC-05.sbi (*)
    2014-01-09 Includes\TrojansC.sbi (*)



    Which browsers does this occur while using?
    I normally use Chrome.



    Which version of SpyBot do you have?
    Version 2.2



    Do you have the AdwCleaner log?
    # AdwCleaner v3.310 - Report created 14/09/2014 at 11:00:43
    # Updated 12/09/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Imari - IMARI-PC
    # Running from : C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    # Option : Scan

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280


    -\\ Mozilla Firefox v31.0 (x86 en-US)

    [ File : C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\prefs.js ]


    -\\ Google Chrome v37.0.2062.103

    [ File : C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [22262 octets] - [31/03/2014 14:05:55]
    AdwCleaner[R1].txt - [21626 octets] - [07/04/2014 11:08:42]
    AdwCleaner[R2].txt - [21687 octets] - [10/04/2014 22:14:28]
    AdwCleaner[R3].txt - [1143 octets] - [10/04/2014 22:21:08]
    AdwCleaner[R4].txt - [1570 octets] - [14/09/2014 10:33:22]
    AdwCleaner[R5].txt - [1108 octets] - [14/09/2014 11:00:43]
    AdwCleaner[S0].txt - [22170 octets] - [10/04/2014 22:15:35]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [1229 octets] ##########



    I notice that you have both Microsoft Security Essentials and Trend Micro Titanium Internet Security installed at the same time. Having more than one antivirus program running at the same time can seriously degrade the performance of your system.

    Please uninstall either Microsoft Security Essentials or Trend Micro Titanium Internet Security (which ever you prefer) using either the provided uninstall feature that is part of the antivirus program or through Add/Remove Programs (for Vista and Win 7 users to go to Programs and Features in the Control Panel). As a rule of thumb one should run one firewall, one antivirus program in memory, and one anti-spyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.
    When I tried to un-install Trend Micro (which was just the free trial that came with the computer) it told me that it must've been uninstalled before after it got to 100% uninstalled. But then when I looked for it I couldn't find it, so hopefully its gone now? From what I've heard, WSE isn't exactly the most reliable. Should I delete it and install something else?



    Run FRST and press the Fix button just once and wait.
    The tool will make a log (Fixlog.txt) please post it to your reply.

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
    Ran by Imari at 2014-09-14 10:51:23 Run:1
    Running from C:\Users\Imari\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=ASUT&bmod=ASUT", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN64620605553500358&UM=2"
    Empty Temp:
    End
    *****************

    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found.
    "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
    "HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
    "HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
    "HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
    Chrome StartupUrls deleted successfully.
    EmptyTemp: => Removed 490 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog ====



    NOTE: I did reboot the system as it requested.




    It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
    Ran by Imari (administrator) on IMARI-PC on 14-09-2014 11:09:09
    Running from C:\Users\Imari\Desktop
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (Spotify Ltd) C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Apple Inc.) D:\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (OpenOffice.org) D:\Program Files (x86)\program\soffice.exe
    (OpenOffice.org) D:\Program Files (x86)\program\soffice.bin
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
    HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-02] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
    HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
    HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
    HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spotify Web Helper] => C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-18] (Spotify Ltd)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Google Update] => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-04] (Google Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\MountPoints2: {d0100140-3593-11e1-ae05-806e6f6e6963} - G:\LaunchBOPC1.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
    ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
    ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> D:\Program Files (x86)\program\quickstart.exe ()
    ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    SearchScopes: HKLM-x32 - DefaultScope value is missing.
    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default
    FF Keyword.URL: https://www.mypoints.com/emp/u/mysea...&fctb.dns=1&q=
    FF NetworkProxy: "type", 0
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Adblock Plus - C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-11]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-08-02]

    Chrome:
    =======
    CHR HomePage: Default -> 7FE4E5FBF564E50F19F2E61F198805B394FAA9E56DBCC47EA17CA15DFE7425BE
    CHR DefaultSearchKeyword: Default -> 7DE471496509B5E9AB1E1945A15502F1540DC2E271BE5A7A8AE30F6123D4D166
    CHR DefaultSearchURL: Default -> D20230A2D69F58D3F5F7B7BB7EE44D1ED223F1247DA80ACC89D88531D61AC40B
    CHR Profile: C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
    CHR Extension: (Google Wallet) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKCU\...\Chrome\Extension: [apjkpjchfbckhjhokinlgdbmibpbbjak] - C:\Users\Imari\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx []

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-31] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-01-02] () [File not signed]
    U3 ad1yq9jv; C:\Windows\System32\Drivers\ad1yq9jv.sys [0 ] (Intel Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-14 11:08 - 2014-09-14 11:08 - 02105856 _____ (Farbar) C:\Users\Imari\Downloads\FRST64.exe
    2014-09-14 10:54 - 2014-09-14 10:54 - 00049564 _____ () C:\Windows\PFRO.log
    2014-09-14 10:49 - 2014-09-14 10:55 - 00002872 _____ () C:\Windows\system32\TmInstall.log
    2014-09-14 10:49 - 2014-09-14 10:49 - 00004280 _____ () C:\Windows\SysWOW64\TmInstall.log
    2014-09-14 10:49 - 2010-09-17 04:52 - 00525792 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
    2014-09-14 10:49 - 2010-09-17 04:52 - 00232272 _____ (Trend Micro Inc.) C:\Windows\TmNSCIns.dll
    2014-09-14 10:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-09-14 10:32 - 2014-09-14 10:32 - 01373475 _____ () C:\Users\Imari\Downloads\adwcleaner_3.310(1).exe
    2014-09-14 10:27 - 2014-09-14 10:27 - 01373475 _____ () C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    2014-09-14 10:23 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-14 10:23 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-14 10:23 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-14 10:23 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-14 10:23 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-14 10:23 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-14 10:23 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-14 10:23 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-14 10:23 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-14 10:23 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-14 10:23 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-14 10:23 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-14 10:23 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-14 10:23 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-14 10:23 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-14 10:23 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-14 10:23 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-14 10:23 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-14 10:23 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-14 10:23 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-09-14 10:23 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-14 10:23 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-14 10:23 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-09-14 10:23 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-09-14 10:23 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-14 10:23 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-14 10:23 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-14 10:23 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-14 10:23 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-14 10:23 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-09-14 10:23 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-09-14 10:23 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-14 10:23 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-14 10:23 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-14 10:23 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-14 10:23 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-09-14 10:23 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-09-14 10:23 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-09-14 10:23 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-14 10:23 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-14 10:23 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-14 10:23 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-14 10:23 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-14 10:23 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-14 10:23 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-09-14 10:23 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-14 10:23 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-14 10:23 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-14 10:23 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-14 10:23 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-09-14 10:13 - 2014-09-14 10:54 - 00000112 _____ () C:\Windows\setupact.log
    2014-09-14 10:13 - 2014-09-14 10:13 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\Users\Imari\Documents\ProcAlyzer Dumps
    2014-09-13 18:31 - 2014-09-13 18:31 - 05185536 _____ (AVAST Software) C:\Users\Imari\Desktop\aswMBR.exe
    2014-09-13 18:21 - 2014-09-13 18:23 - 00046720 _____ () C:\Users\Imari\Desktop\Addition.txt
    2014-09-13 18:19 - 2014-09-14 11:09 - 00020861 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-13 18:18 - 2014-09-14 11:09 - 00000000 ____D () C:\FRST
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 17:03 - 2014-09-13 17:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 13:17 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-13 13:17 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-09-10 22:13 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-10 22:13 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-09-10 22:13 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-10 22:13 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-09-10 22:12 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-10 22:12 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-09-10 22:12 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-09-06 22:15 - 2014-09-06 22:18 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-01 14:29 - 2014-09-01 14:30 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417(1).exe
    2014-09-01 13:35 - 2014-09-01 13:39 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417.exe
    2014-09-01 13:30 - 2014-09-13 14:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-01 13:29 - 2014-09-01 13:29 - 00001104 _____ () C:\Users\Imari\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-01 13:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-08-31 21:57 - 2014-08-31 21:57 - 00105141 _____ () C:\Users\Imari\Downloads\image (16).jpeg
    2014-08-31 21:57 - 2014-08-31 21:57 - 00100395 _____ () C:\Users\Imari\Downloads\image (15).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00109149 _____ () C:\Users\Imari\Downloads\image (13).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00106083 _____ () C:\Users\Imari\Downloads\image (14).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00118926 _____ () C:\Users\Imari\Downloads\image (10).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00105853 _____ () C:\Users\Imari\Downloads\image (12).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00080680 _____ () C:\Users\Imari\Downloads\image (11).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00120997 _____ () C:\Users\Imari\Downloads\image (5).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (9).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (6).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00110813 _____ () C:\Users\Imari\Downloads\image (7).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00106874 _____ () C:\Users\Imari\Downloads\image (8).jpeg
    2014-08-31 19:37 - 2014-08-31 19:37 - 00109077 _____ () C:\Users\Imari\Downloads\image (4).jpeg
    2014-08-31 19:36 - 2014-08-31 19:36 - 00119566 _____ () C:\Users\Imari\Downloads\image (3).jpeg
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-31 19:27 - 2014-08-31 19:27 - 00119566 _____ () C:\Users\Imari\Downloads\image (2).jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image.jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image (1).jpeg
    2014-08-27 21:35 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-14 11:10 - 2014-09-13 18:19 - 00020861 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-14 11:09 - 2014-09-13 18:18 - 00000000 ____D () C:\FRST
    2014-09-14 11:08 - 2014-09-14 11:08 - 02105856 _____ (Farbar) C:\Users\Imari\Downloads\FRST64.exe
    2014-09-14 11:07 - 2012-05-16 19:36 - 03033088 ___SH () C:\Users\Imari\Downloads\Thumbs.db
    2014-09-14 11:04 - 2014-02-20 21:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-14 11:01 - 2014-03-31 14:05 - 00000000 ____D () C:\AdwCleaner
    2014-09-14 11:00 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-14 11:00 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-14 10:56 - 2012-12-14 18:11 - 00260096 ___SH () C:\Users\Imari\Desktop\Thumbs.db
    2014-09-14 10:55 - 2014-09-14 10:49 - 00002872 _____ () C:\Windows\system32\TmInstall.log
    2014-09-14 10:55 - 2012-05-31 13:11 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Dropbox
    2014-09-14 10:55 - 2011-12-21 22:49 - 00000000 ___HD () C:\ASUS.DAT
    2014-09-14 10:55 - 2011-04-02 00:36 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-14 10:54 - 2014-09-14 10:54 - 00049564 _____ () C:\Windows\PFRO.log
    2014-09-14 10:54 - 2014-09-14 10:13 - 00000112 _____ () C:\Windows\setupact.log
    2014-09-14 10:54 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-14 10:53 - 2012-12-30 16:37 - 01160345 _____ () C:\Windows\WindowsUpdate.log
    2014-09-14 10:49 - 2014-09-14 10:49 - 00004280 _____ () C:\Windows\SysWOW64\TmInstall.log
    2014-09-14 10:47 - 2011-04-02 00:49 - 00000000 ____D () C:\ProgramData\Trend Micro
    2014-09-14 10:39 - 2011-04-02 00:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-14 10:32 - 2014-09-14 10:32 - 01373475 _____ () C:\Users\Imari\Downloads\adwcleaner_3.310(1).exe
    2014-09-14 10:27 - 2014-09-14 10:27 - 01373475 _____ () C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    2014-09-14 10:26 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Maintenance
    2014-09-14 10:24 - 2011-12-26 04:51 - 00000000 ____D () C:\Users\Imari\AppData\Local\Adobe
    2014-09-14 10:21 - 2011-12-30 14:31 - 00804292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-09-14 10:21 - 2009-07-14 01:13 - 00804292 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-14 10:20 - 2012-04-28 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-14 10:20 - 2011-12-30 14:31 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-14 10:20 - 2011-12-30 14:31 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-09-14 10:20 - 2011-12-30 14:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-14 10:17 - 2014-07-04 13:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000UA.job
    2014-09-14 10:13 - 2014-09-14 10:13 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\Users\Imari\Documents\ProcAlyzer Dumps
    2014-09-13 19:20 - 2012-01-11 19:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-13 18:31 - 2014-09-13 18:31 - 05185536 _____ (AVAST Software) C:\Users\Imari\Desktop\aswMBR.exe
    2014-09-13 18:23 - 2014-09-13 18:21 - 00046720 _____ () C:\Users\Imari\Desktop\Addition.txt
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 17:06 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Games
    2014-09-13 17:04 - 2013-09-21 23:20 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-13 17:03 - 2014-09-13 17:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 17:03 - 2014-08-02 14:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-13 17:03 - 2014-08-02 14:00 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-13 17:03 - 2012-01-06 20:05 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-09-13 14:37 - 2014-01-02 23:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-13 14:34 - 2014-09-01 13:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-13 14:32 - 2013-11-27 23:09 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-09-13 13:17 - 2014-07-04 13:12 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000Core.job
    2014-09-13 13:17 - 2014-05-09 07:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-12 19:23 - 2011-12-22 20:40 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Skype
    2014-09-10 20:29 - 2014-03-23 16:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-09-10 20:29 - 2011-12-22 20:39 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-09 23:39 - 2009-07-14 03:45 - 00000000 ____D () C:\Windows\ShellNew
    2014-09-06 22:18 - 2014-09-06 22:15 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-04 22:10 - 2014-09-10 22:12 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-04 22:05 - 2014-09-10 22:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-01 14:30 - 2014-09-01 14:29 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417(1).exe
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-01 13:58 - 2012-01-15 23:39 - 00000000 ____D () C:\Windows\Minidump
    2014-09-01 13:39 - 2014-09-01 13:35 - 04901352 _____ (Piriform Ltd) C:\Users\Imari\Downloads\ccsetup417.exe
    2014-09-01 13:29 - 2014-09-01 13:29 - 00001104 _____ () C:\Users\Imari\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Malwarebytes
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-31 21:57 - 2014-08-31 21:57 - 00105141 _____ () C:\Users\Imari\Downloads\image (16).jpeg
    2014-08-31 21:57 - 2014-08-31 21:57 - 00100395 _____ () C:\Users\Imari\Downloads\image (15).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00109149 _____ () C:\Users\Imari\Downloads\image (13).jpeg
    2014-08-31 21:56 - 2014-08-31 21:56 - 00106083 _____ () C:\Users\Imari\Downloads\image (14).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00118926 _____ () C:\Users\Imari\Downloads\image (10).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00105853 _____ () C:\Users\Imari\Downloads\image (12).jpeg
    2014-08-31 21:37 - 2014-08-31 21:37 - 00080680 _____ () C:\Users\Imari\Downloads\image (11).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00120997 _____ () C:\Users\Imari\Downloads\image (5).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (9).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00114634 _____ () C:\Users\Imari\Downloads\image (6).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00110813 _____ () C:\Users\Imari\Downloads\image (7).jpeg
    2014-08-31 21:19 - 2014-08-31 21:19 - 00106874 _____ () C:\Users\Imari\Downloads\image (8).jpeg
    2014-08-31 19:37 - 2014-08-31 19:37 - 00109077 _____ () C:\Users\Imari\Downloads\image (4).jpeg
    2014-08-31 19:36 - 2014-08-31 19:36 - 00119566 _____ () C:\Users\Imari\Downloads\image (3).jpeg
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-31 19:27 - 2014-08-31 19:27 - 00119566 _____ () C:\Users\Imari\Downloads\image (2).jpeg
    2014-08-31 19:27 - 2014-06-09 20:12 - 00000000 ____D () C:\Users\Imari\Desktop\Ebay- yoyos
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image.jpeg
    2014-08-31 19:25 - 2014-08-31 19:25 - 00119566 _____ () C:\Users\Imari\Downloads\image (1).jpeg
    2014-08-28 20:39 - 2009-07-14 00:45 - 04914096 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-23 10:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-08-22 22:07 - 2014-08-27 21:35 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-22 21:45 - 2014-08-27 21:35 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-22 20:59 - 2014-08-27 21:35 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-19 14:05 - 2014-09-14 10:23 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-08-19 13:39 - 2014-09-14 10:23 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-08-18 19:01 - 2014-09-14 10:23 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-18 18:29 - 2014-09-14 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-18 18:29 - 2014-09-14 10:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-08-18 18:26 - 2014-09-14 10:23 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-08-18 18:20 - 2014-09-14 10:23 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-18 18:19 - 2014-09-14 10:23 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-08-18 18:15 - 2014-09-14 10:23 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-08-18 18:15 - 2014-09-14 10:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-08-18 18:14 - 2014-09-14 10:23 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-08-18 18:14 - 2014-09-14 10:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-08-18 18:05 - 2014-09-14 10:23 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-18 18:03 - 2014-09-14 10:23 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-08-18 18:03 - 2014-09-14 10:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-08-18 18:03 - 2014-09-14 10:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-08-18 17:57 - 2014-09-14 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-08-18 17:56 - 2014-09-14 10:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-08-18 17:51 - 2014-09-14 10:23 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-18 17:46 - 2014-09-14 10:23 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-08-18 17:45 - 2014-09-14 10:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-08-18 17:45 - 2014-09-14 10:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-08-18 17:44 - 2014-09-14 10:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-08-18 17:44 - 2014-09-14 10:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-08-18 17:42 - 2014-09-14 10:23 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-08-18 17:40 - 2014-09-14 10:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-08-18 17:38 - 2014-09-14 10:23 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-18 17:37 - 2014-09-14 10:23 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-08-18 17:36 - 2014-09-14 10:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-08-18 17:35 - 2014-09-14 10:23 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-08-18 17:27 - 2014-09-14 10:23 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-08-18 17:25 - 2014-09-14 10:23 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-18 17:25 - 2014-09-14 10:23 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-08-18 17:23 - 2014-09-14 10:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-08-18 17:23 - 2014-09-14 10:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-08-18 17:22 - 2014-09-14 10:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-08-18 17:19 - 2014-09-14 10:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-08-18 17:17 - 2014-09-14 10:23 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-08-18 17:17 - 2014-09-14 10:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-08-18 17:16 - 2014-09-14 10:23 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-18 17:15 - 2014-09-14 10:23 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-08-18 17:15 - 2014-09-14 10:23 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-18 17:09 - 2014-09-14 10:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-08-18 17:08 - 2014-09-14 10:23 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-08-18 17:07 - 2014-09-14 10:23 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-08-18 16:55 - 2014-09-14 10:23 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-18 16:46 - 2014-09-14 10:23 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-08-18 16:38 - 2014-09-14 10:23 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-08-18 16:38 - 2014-09-14 10:23 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-18 16:36 - 2014-09-14 10:23 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-08-17 22:28 - 2012-06-14 23:37 - 00000000 ____D () C:\Users\Imari\Documents\Crown Financial
    2014-08-17 21:52 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-09 21:49

    ==================== End Of Log ============================

  4. #4
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi Nightwingsgurl,

    Those entries in your SpyBot log are only Usage Tracks.
    Nothing serious.

    Usage tracks are your fingerprints in your system. Whenever you visit a page with your browser, or just open any file, that information is stored deep inside Windows. In most cases that is very useful – if you want to open that file again, you can select it from a list instead of typing the whole filename or browsing the whole directory structure again.
    But in some cases you may want to hide your activity, because spyware and internet attackers may use that information. Spybot-S&D can remove some of the most important and common tracks on your system.


    From what I've heard, WSE isn't exactly the most reliable. Should I delete it and install something else?
    MSE is fine. Please don't make any changes while we are still cleaning the computer. After we have completed the malware removal process, I will provide you with some options for Anti-Virus software.

    =========================

    Revo Uninstaller Pro

    Please download Revo Uninstaller Pro and save it to your desktop.
    (This version is a fully functional, 30 day free trial)
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • From the list of programs click on
      Trend Micro
    • Chose "Uninstall". When prompted click Yes.
    • Make sure the advanced option is checked... then click Next.
    • The program will run, when prompted... click Yes... then Next.
    • Once the program has searched for leftovers click Next.
    • Check ONLY the bolded items on the list then... click Next... then Yes.
    • When done click Finish.
    =========================

    FRST Fix Script

    Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt

    Code:
    Start
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
    FF Keyword.URL: https://www.mypoints.com/emp/u/mysea...&fctb.dns=1&q=
    End
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST and press the Fix button just once and wait.
    The tool will make a log (Fixlog.txt) please post it to your reply.

    =========================

    Security Check

    Download Security Check by screen317 from here or here.
    • Save it to your Desktop.
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    =========================

    Junkware Removal Tool

    Download Junkware Removal Tool to your desktop.
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • Shut down your protection software now to avoid potential conflicts.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.

    =========================

    In your next post please provide the following:
    • Fixlog.txt
    • checkup.txt
    • JRT.txt
    • Any change in performance?
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  5. #5
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default

    Those entries in your SpyBot log are only Usage Tracks.
    Nothing serious.

    Usage tracks are your fingerprints in your system. Whenever you visit a page with your browser, or just open any file, that information is stored deep inside Windows. In most cases that is very useful – if you want to open that file again, you can select it from a list instead of typing the whole filename or browsing the whole directory structure again.
    But in some cases you may want to hide your activity, because spyware and internet attackers may use that information. Spybot-S&D can remove some of the most important and common tracks on your system.
    Haha, good to know! Is there any way to delete them or get them to NOT show up, so I can actually tell when it's catching something serious? Otherwise I'm afraid I'll always wonder what's what.




    MSE is fine. Please don't make any changes while we are still cleaning the computer. After we have completed the malware removal process, I will provide you with some options for Anti-Virus software.
    Great, thanks.




    =========================

    Revo Uninstaller Pro

    I did this, but when I searched Trend Micro it didn't show up, so I guess my computer lied and it really did delete it all? :P




    Run FRST and press the Fix button just once and wait.
    The tool will make a log (Fixlog.txt) please post it to your reply.
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
    Ran by Imari at 2014-09-14 23:24:10 Run:2
    Running from C:\Users\Imari\Desktop
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    Start
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
    FF Keyword.URL: https://www.mypoints.com/emp/u/mysea...&fctb.dns=1&q=
    End
    *****************

    HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect" => Value not found.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Trend Micro Titanium => value deleted successfully.
    Firefox Keyword.URL deleted successfully.

    ==== End of Fixlog ====



    A Notepad document should open automatically called checkup.txt; please post the contents of that document.
    Results of screen317's Security Check version 0.99.87
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 11
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Spybot - Search & Destroy
    JavaFX 2.1.1
    Java 7 Update 67
    Java(TM) 6 Update 33
    Adobe Flash Player 12.0.0.70 Flash Player out of Date!
    Adobe Reader 10.1.11 Adobe Reader out of Date!
    Mozilla Firefox (31.0)
    Google Chrome 37.0.2062.103
    Google Chrome 37.0.2062.120
    Google Chrome plugins...
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    Spybot Teatimer.exe is disabled!
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 4%
    ````````````````````End of Log``````````````````````




    Post the contents of JRT.txt into your next message.
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.1.4 (04.06.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Imari on Sun 09/14/2014 at 23:37:09.76
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values

    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



    ~~~ Registry Keys



    ~~~ Files



    ~~~ Folders

    Successfully deleted: [Folder] "C:\Program Files (x86)\free youtube downloader"
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{08070F2E-5213-4B92-9650-6429B8F5FB09}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{0998F4A5-B511-4895-93C1-275F73FB9065}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{0A3EF328-6C38-45E2-A320-3CA9F59CCF2B}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{110FD93D-8661-48B9-9C63-44334EC0689F}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{17D56B08-E503-401D-84DE-D3DDFF4FDB9A}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{24DE2AE6-54F8-4709-B908-E60538FA2417}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{24DE31F3-A749-4EFB-BE29-4C486E069888}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{263B6BC3-C762-4F5E-9253-46F45911CC04}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{2DA9FEB1-7698-43A1-8FE5-28FAD6190EA7}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{2FF282F8-CC20-4BAD-ACED-1E0B19EA231E}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{339B0066-E7A5-4B4A-BE48-3CE37A5600B4}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{38F02327-0B31-4207-941B-F0F0983338C9}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{3F4C7048-0C1B-4634-8B84-B4373E697CED}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{410B4372-0702-4379-8081-F18AF837CF27}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{41A8D342-D87A-455D-85B4-54A4EFCEE279}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{424B89DB-3BE3-4708-9B58-27DE3C52695E}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{4619B783-296C-4498-9AEF-6449B6B4F55C}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{4C8B3A4C-65DF-48A5-9BCD-13B9F7587BDD}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{4F0DA463-D00F-4269-9D4D-44A6A522A59D}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{529EAC9F-01C5-4270-A35C-CF1CEBC1603E}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{58FD927A-8A47-4749-B0DF-F1B3A86A84F5}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{61237AB0-ACC0-4F53-8051-8E646E386D77}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{663C729D-FF62-41CB-836B-9AC1101982A7}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{719BBA0D-5849-4DA9-907C-706728AA1D7F}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{771F8ACB-7FF5-409B-946B-FC1F4D9A7403}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{7A681F45-B19A-44FC-A571-78844AB56855}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{7E1122DA-08D5-4D72-85EF-7247DB1FAD89}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{7FB77F10-3A09-4D4C-8E56-E946DE577042}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{810E922E-E231-4C64-96DD-F1ECA91330FA}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{813186E6-0B35-4EAB-8507-8AF09BC5E21F}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{86AC51D3-49FC-4FF5-A2E9-198CDE197ED1}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{86ADEEA3-087A-47C6-AF91-FBC449872C30}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{89B91DB5-33B6-409D-8625-AD2F59F16D5B}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{8BFDCEC9-DAF2-4A74-BA2B-E47D1CA23C79}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{9B304B46-DA98-4868-B04B-F6106527C85C}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{9EC4B06D-7E45-4210-8A78-31CE68A78C57}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{A11304EB-D688-43E4-B65A-A04EC5BE374F}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{A3D9ACE4-F9B4-4B8D-9B1A-31B75F85C759}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{A6A231B6-ADF0-4271-964C-7DDDF4C7A5A5}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{A8567388-0FFB-4724-909C-C425A6BB220D}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{AD639115-3B4A-4F11-89D4-F860EA81DC79}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{AEC20FB8-C263-41E1-8134-7AE139B74761}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{B919CEA9-6A77-458A-A6CC-6D4499C9155A}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{BB063919-F2B9-4D34-851F-5F35145FD02D}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{BE38B80B-DD0A-450B-8509-E7BE3A4A5B91}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{C9AAA75D-F03F-4943-94CD-41F7F9828F70}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{D151CE92-C653-4946-8C61-B18ADF1B6A9E}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{D1F61C03-E5D9-464E-8513-A08AC57A3743}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{D8ABC4DD-480E-4AE5-AC1F-C628DB3185BB}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{DB2DC372-4244-4301-95C6-DC299D77E9C6}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{E06C920B-21D9-490B-A16F-26A70F8C756A}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{E081BDB1-28DB-4BDC-A75A-3877F662F402}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{E2EE3B08-AE1A-4B68-B3F6-7F2FE4325228}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{E816DB5B-5C14-447B-8921-AFAE432FCFA3}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{E82A1E39-5812-451F-9035-AB7CFBFD93E4}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{EB1D7B3B-AB43-425C-AF86-C80E2FF2F610}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{EE7FA5B2-9068-4BE5-9290-A615CAC792C8}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{EEFA7717-56BA-46E3-AD33-9866E9871F9F}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{F0138B04-DB10-4F30-9284-0617BFC4DE60}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{F3DDDB77-D4FD-4A9E-8D7D-E4E426E53C11}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{F76BA8FB-A956-4F5D-9CC1-D62951D43529}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{F7A850D3-CB6F-4A26-B3DD-AB079DC8261C}
    Successfully deleted: [Empty Folder] C:\Users\Imari\appdata\local\{FFFAA79B-2FCF-4235-9375-1848DAB5BE77}



    ~~~ FireFox

    Emptied folder: C:\Users\Imari\AppData\Roaming\mozilla\firefox\profiles\j3c4jgnx.default\minidumps [19 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Sun 09/14/2014 at 23:44:20.98
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    Any change in performance?
    My computer seems to be running faster now-- tabs aren't taking as long to load, etc. :D

  6. #6
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi Nightwingsgurl,

    Is there any way to delete them or get them to NOT show up, so I can actually tell when it's catching something serious? Otherwise I'm afraid I'll always wonder what's what.
    I don't know. Unfortunately, I just volunteer here on the forum to help remove malware. I don't have a extensive working knowledge of SpyBot and all the setting that can be made. You could always try posting that question in the Spybot forum, listed under Software.

    =========================

    Malwarebytes' Anti-Malware

    Download Malwarebytes' Anti-Malware (save it to your desktop).
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • Select Scan tab.
    • Select type of scan to perform:

      • Threat Scan < --- Select this type of scan
      • Custom Scan
      • Hyper Scan
    • Next click the Scan button.
    • When the scan is complete, if no malicious items are found you can close the program.
    • If malicious items are found be sure that everything is checked, and click Quarantine .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

    =========================

    ESET Online Scanner

    *Note:
    • It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
    • Please don't go surfing while your resident protection is disabled!
    • Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

    ** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

    = = = = = = = = = = = = = = = = = = = =

    Go here to run ESET Online Scanner

    (Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
    • Click Start
    • Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
    • Click Scan.
    • Wait for the scan to finish.
    • When the scan completes, click List of found threats
    • click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
    • Include the contents of this report in your next reply

      Note - when ESET doesn't find any threats, no report will be created.
    • Push the back button.
    • Push Finish
    • Re-enable your Antivirus software.

    =========================

    In your next post please provide the following:

    • MBAM log
    • ESET's log.txt

    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  7. #7
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default

    Malwarebytes came up clean. ESET kept having issues (it had some "unknown error") but finally scanned. Here's the log:

    C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mozilla Firefox\nsprotector.js.vir Win32/Conduit.SearchProtect.A potentially unwanted application deleted - quarantined
    C:\Program Files (x86)\Common Files\AutoCompletePro.exe a variant of Win32/Complitly.A potentially unwanted application deleted - quarantined
    C:\Users\Imari\Downloads\cbsidlm-tr1_8-Photo_Story_3_for_Windows-SEO2-10339154.exe Win32/DownloadAdmin.E potentially unwanted application deleted - quarantined
    C:\Users\Imari\Downloads\ccsetup323.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application deleted - quarantined
    C:\Users\Imari\Downloads\ccsetup328.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
    C:\Users\Imari\Downloads\ccsetup406.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
    C:\Users\Imari\Downloads\ccsetup417(1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
    C:\Users\Imari\Downloads\ccsetup417.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined

  8. #8
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default

    Oh, should I tell ESET to uninstall? And to delete the quarantined files?

  9. #9
    Malware Team-Emeritus
    Join Date
    Sep 2012
    Location
    Florida, USA
    Posts
    1,161

    Default

    Hi Nightwingsgurl,

    Oh, should I tell ESET to uninstall? And to delete the quarantined files?
    Hold off for the moment, we can do that when we have finished. The files pose no threat once they have been quarantined.

    =========================

    Uninstall via Programs and Features

    Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
    • Adobe Flash Player 12.0.0.70
    • Adobe Reader 10.1.11
    • Java(TM) 6 Update 33

    =========================

    Adobe Flash Player:

    Go to http://get.adobe.com/flashplayer/?no_ab=1
    • Remove the check mark from the box "Install Google Drive"
    • Click the Download button, and follow the onscreen directions to complete the installation.
    Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

    =========================

    Adobe Reader:

    Go to http://get.adobe.com/reader/otherversions/
    • Use the drop down menu's to select your operating system
    • Select your language > Select The current version of Adobe Reader for your language
    • Remove the check mark from the box "Free! McAfee Security Scan Plus"
    • Click the Download button, and follow the onscreen directions to complete the installation.
    Please note, depending on your settings, you may have to temporarily disable your antivirus software for the Adobe Reader update.

    =========================

    Re- run AdwCleaner

    It should be on your desktop
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • Click on the Scan button.
    • AdwCleaner will begin to scan your computer like it did before.
    • After the scan has finished...
    • This time, click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that log file in your next reply.
    • A copy of that log file will also be saved in the C:\AdwCleaner folder.

    =========================

    Re-run Farbar Recovery Scan Tool it should be on your desktop.
      • Windows XP : Double click on the icon to run it.
      • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

    =========================

    In your next post please provide the following:
    • AdwCleaner[S6].txt
    • fresh FRST.txt
    • How is the computer running?
    OCD
    ----------
    Graduate of WTT Classroom
    Member of UNITE

    Threads will be closed if no response after 5 days

  10. #10
    Junior Member
    Join Date
    Apr 2014
    Posts
    25

    Default

    Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
    • Adobe Flash Player 12.0.0.70
    • Adobe Reader 10.1.11
    • Java(TM) 6 Update 33

    =========================

    I removed them, but.... what was wrong with them (sorry, trying to understand some of the parts of the process)?




    Click the Download button, and follow the onscreen directions to complete the installation.
    It said it's not necessary because Chrome already includes Adobe Flash Player built in.


    [*]After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.[*]Copy and paste the contents of that log file in your next reply.
    # AdwCleaner v3.310 - Report created 17/09/2014 at 23:12:33
    # Updated 12/09/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Imari - IMARI-PC
    # Running from : C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****


    ***** [ Scheduled Tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****


    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280


    -\\ Mozilla Firefox v32.0.1 (x86 en-US)

    [ File : C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\prefs.js ]


    -\\ Google Chrome v37.0.2062.120

    [ File : C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN64620605553500358&ctid=CT2260173&UM=2
    Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
    Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

    *************************

    AdwCleaner[R0].txt - [22262 octets] - [31/03/2014 14:05:55]
    AdwCleaner[R1].txt - [21626 octets] - [07/04/2014 11:08:42]
    AdwCleaner[R2].txt - [21687 octets] - [10/04/2014 22:14:28]
    AdwCleaner[R3].txt - [1143 octets] - [10/04/2014 22:21:08]
    AdwCleaner[R4].txt - [1570 octets] - [14/09/2014 10:33:22]
    AdwCleaner[R5].txt - [1309 octets] - [14/09/2014 11:00:43]
    AdwCleaner[R6].txt - [1371 octets] - [17/09/2014 23:08:23]
    AdwCleaner[S0].txt - [22170 octets] - [10/04/2014 22:15:35]
    AdwCleaner[S1].txt - [1582 octets] - [17/09/2014 23:12:33]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1642 octets] ##########




    Re-run Farbar Recovery Scan Tool it should be on your desktop.[*]It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
    Ran by Imari (administrator) on IMARI-PC on 17-09-2014 23:22:41
    Running from C:\Users\Imari\Desktop
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (ASUS) C:\Program Files\P4G\BatteryLife.exe
    (ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Spotify Ltd) C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Apple Inc.) D:\iTunesHelper.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (OpenOffice.org) D:\Program Files (x86)\program\soffice.exe
    (OpenOffice.org) D:\Program Files (x86)\program\soffice.bin
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-06-03] (Realtek Semiconductor)
    HKLM\...\Run: [Setwallpaper] => c:\programdata\SetWallpaper.cmd
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Nuance PDF Reader-reminder] => C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-02] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
    HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
    HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
    HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
    HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
    HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => D:\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spotify Web Helper] => C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-18] (Spotify Ltd)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\Run: [Google Update] => C:\Users\Imari\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-04] (Google Inc.)
    HKU\S-1-5-21-1487551961-3572496284-799048130-1000\...\MountPoints2: {d0100140-3593-11e1-ae05-806e6f6e6963} - G:\LaunchBOPC1.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
    ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
    ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe ()
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Imari\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    Startup: C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> D:\Program Files (x86)\program\quickstart.exe ()
    ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Imari\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default
    FF NetworkProxy: "type", 0
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
    FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Imari\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Imari\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Imari\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF Extension: Adblock Plus - C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-01-11]

    Chrome:
    =======
    CHR HomePage: Default ->
    CHR DefaultSearchKeyword: Default -> 7DE471496509B5E9AB1E1945A15502F1540DC2E271BE5A7A8AE30F6123D4D166
    CHR DefaultSearchProvider: Default -> E76B94E40D14BD8E51C5F9391B97C8CAB37F0DAA10B7481104905EAF8B58F536
    CHR DefaultSearchURL: Default -> D20230A2D69F58D3F5F7B7BB7EE44D1ED223F1247DA80ACC89D88531D61AC40B
    CHR Profile: C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-29]
    CHR Extension: (Google Wallet) - C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
    CHR HKCU\...\Chrome\Extension: [apjkpjchfbckhjhokinlgdbmibpbbjak] - C:\Users\Imari\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx []

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
    S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-03-31] ()
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-01-02] () [File not signed]
    U3 a5rxko2o; C:\Windows\System32\Drivers\a5rxko2o.sys [0 ] (Advanced Micro Devices)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-17 23:07 - 2014-09-17 23:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-09-17 23:07 - 2014-09-17 23:07 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2014-09-17 22:50 - 2014-09-13 17:03 - 00880040 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
    2014-09-17 22:50 - 2014-09-13 17:03 - 00802728 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2014-09-17 22:50 - 2014-09-13 17:03 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-17 22:50 - 2014-09-13 17:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-17 22:50 - 2014-09-13 17:03 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-16 22:17 - 2014-09-16 22:17 - 00001100 _____ () C:\Users\Imari\Desktop\ESETSCAN.txt
    2014-09-15 23:27 - 2014-09-15 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-15 22:50 - 2014-09-15 22:50 - 00000000 ____D () C:\Program Files (x86)\ESET
    2014-09-15 22:47 - 2014-09-15 22:49 - 02347384 _____ (ESET) C:\Users\Imari\Desktop\esetsmartinstaller_enu.exe
    2014-09-14 23:44 - 2014-09-14 23:44 - 00008253 _____ () C:\Users\Imari\Desktop\JRT.txt
    2014-09-14 23:36 - 2014-09-14 23:36 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-14 23:34 - 2014-09-14 23:34 - 01016261 _____ (Thisisu) C:\Users\Imari\Desktop\JRT.exe
    2014-09-14 23:25 - 2014-09-14 23:25 - 00854417 _____ () C:\Users\Imari\Desktop\SecurityCheck.exe
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000784 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\Users\Imari\Desktop\Revo Uninstaller Pro
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\Users\Imari\AppData\Local\VS Revo Group
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\ProgramData\VS Revo Group
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2014-09-14 23:17 - 2009-12-30 10:21 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
    2014-09-14 23:13 - 2014-09-14 23:14 - 10619688 _____ (VS Revo Group ) C:\Users\Imari\Downloads\RevoUninProSetup.exe
    2014-09-14 11:57 - 2014-09-14 23:09 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Trine2
    2014-09-14 11:57 - 2014-09-14 11:57 - 00000383 _____ () C:\Windows\DirectX.log
    2014-09-14 11:08 - 2014-09-14 11:08 - 02105856 _____ (Farbar) C:\Users\Imari\Downloads\FRST64.exe
    2014-09-14 10:54 - 2014-09-17 23:13 - 00050546 _____ () C:\Windows\PFRO.log
    2014-09-14 10:49 - 2014-09-14 10:55 - 00002872 _____ () C:\Windows\system32\TmInstall.log
    2014-09-14 10:49 - 2014-09-14 10:49 - 00004280 _____ () C:\Windows\SysWOW64\TmInstall.log
    2014-09-14 10:34 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-09-14 10:32 - 2014-09-14 10:32 - 01373475 _____ () C:\Users\Imari\Downloads\adwcleaner_3.310(1).exe
    2014-09-14 10:27 - 2014-09-14 10:27 - 01373475 _____ () C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    2014-09-14 10:23 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-09-14 10:23 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-09-14 10:23 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-09-14 10:23 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-09-14 10:23 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-09-14 10:23 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-09-14 10:23 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-09-14 10:23 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-09-14 10:23 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-09-14 10:23 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-09-14 10:23 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-09-14 10:23 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-09-14 10:23 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-09-14 10:23 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-09-14 10:23 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-09-14 10:23 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-09-14 10:23 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-09-14 10:23 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-09-14 10:23 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-09-14 10:23 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-09-14 10:23 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-09-14 10:23 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-09-14 10:23 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-09-14 10:23 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-09-14 10:23 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-09-14 10:23 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-09-14 10:23 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-09-14 10:23 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-09-14 10:23 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-09-14 10:23 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-09-14 10:23 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-09-14 10:23 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-09-14 10:23 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-09-14 10:23 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-09-14 10:23 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-09-14 10:23 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-09-14 10:23 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-09-14 10:23 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-09-14 10:23 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-09-14 10:23 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-09-14 10:23 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-09-14 10:23 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-09-14 10:23 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-09-14 10:23 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-09-14 10:23 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-09-14 10:23 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-09-14 10:23 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-09-14 10:23 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-09-14 10:23 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-09-14 10:23 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-09-14 10:23 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-09-14 10:23 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-09-14 10:13 - 2014-09-17 23:13 - 00000336 _____ () C:\Windows\setupact.log
    2014-09-14 10:13 - 2014-09-14 10:13 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\Users\Imari\Documents\ProcAlyzer Dumps
    2014-09-13 18:31 - 2014-09-13 18:31 - 05185536 _____ (AVAST Software) C:\Users\Imari\Desktop\aswMBR.exe
    2014-09-13 18:21 - 2014-09-13 18:23 - 00046720 _____ () C:\Users\Imari\Desktop\Addition.txt
    2014-09-13 18:19 - 2014-09-17 23:22 - 00020097 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-13 18:18 - 2014-09-17 23:22 - 00000000 ____D () C:\FRST
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 13:17 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
    2014-09-13 13:17 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
    2014-09-10 22:13 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
    2014-09-10 22:13 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
    2014-09-10 22:13 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
    2014-09-10 22:13 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
    2014-09-10 22:12 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-10 22:12 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2014-09-10 22:12 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-09-10 22:12 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2014-09-10 22:12 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2014-09-06 22:15 - 2014-09-06 22:18 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-01 13:30 - 2014-09-15 22:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-01 13:29 - 2014-09-01 13:29 - 00001104 _____ () C:\Users\Imari\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-09-01 13:29 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-27 21:35 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-27 21:35 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-09-17 23:23 - 2014-09-13 18:19 - 00020097 _____ () C:\Users\Imari\Desktop\FRST.txt
    2014-09-17 23:22 - 2014-09-13 18:18 - 00000000 ____D () C:\FRST
    2014-09-17 23:21 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-09-17 23:21 - 2009-07-14 00:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-09-17 23:17 - 2014-07-04 13:12 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000UA.job
    2014-09-17 23:15 - 2012-05-31 13:11 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Dropbox
    2014-09-17 23:15 - 2011-12-26 04:51 - 00000000 ____D () C:\Users\Imari\AppData\Local\Adobe
    2014-09-17 23:15 - 2011-12-21 22:49 - 00000000 ___HD () C:\ASUS.DAT
    2014-09-17 23:14 - 2011-12-21 22:49 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
    2014-09-17 23:14 - 2011-04-02 00:36 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-09-17 23:13 - 2014-09-14 10:54 - 00050546 _____ () C:\Windows\PFRO.log
    2014-09-17 23:13 - 2014-09-14 10:13 - 00000336 _____ () C:\Windows\setupact.log
    2014-09-17 23:13 - 2012-12-30 16:37 - 01346556 _____ () C:\Windows\WindowsUpdate.log
    2014-09-17 23:13 - 2012-04-28 13:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-09-17 23:13 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-09-17 23:12 - 2014-03-31 14:05 - 00000000 ____D () C:\AdwCleaner
    2014-09-17 23:07 - 2014-09-17 23:07 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-09-17 23:07 - 2014-09-17 23:07 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2014-09-17 23:06 - 2011-12-26 04:50 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2014-09-17 23:06 - 2011-12-26 04:49 - 00000000 ____D () C:\ProgramData\Adobe
    2014-09-17 23:04 - 2014-02-20 21:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-09-17 22:50 - 2012-01-06 20:05 - 00000000 ____D () C:\Program Files (x86)\Java
    2014-09-17 22:39 - 2011-04-02 00:36 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-09-17 18:37 - 2014-07-04 13:12 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1487551961-3572496284-799048130-1000Core.job
    2014-09-16 22:47 - 2013-11-27 23:09 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-09-16 22:17 - 2014-09-16 22:17 - 00001100 _____ () C:\Users\Imari\Desktop\ESETSCAN.txt
    2014-09-16 22:15 - 2013-12-02 22:04 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Bioshock
    2014-09-16 21:30 - 2013-12-02 22:04 - 00000000 ____D () C:\Users\Imari\Documents\Bioshock
    2014-09-15 23:27 - 2014-09-15 23:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-09-15 22:50 - 2014-09-15 22:50 - 00000000 ____D () C:\Program Files (x86)\ESET
    2014-09-15 22:49 - 2014-09-15 22:47 - 02347384 _____ (ESET) C:\Users\Imari\Desktop\esetsmartinstaller_enu.exe
    2014-09-15 22:14 - 2014-09-01 13:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-09-14 23:44 - 2014-09-14 23:44 - 00008253 _____ () C:\Users\Imari\Desktop\JRT.txt
    2014-09-14 23:36 - 2014-09-14 23:36 - 00000000 ____D () C:\Windows\ERUNT
    2014-09-14 23:34 - 2014-09-14 23:34 - 01016261 _____ (Thisisu) C:\Users\Imari\Desktop\JRT.exe
    2014-09-14 23:25 - 2014-09-14 23:25 - 00854417 _____ () C:\Users\Imari\Desktop\SecurityCheck.exe
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000784 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\Users\Imari\Desktop\Revo Uninstaller Pro
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\Users\Imari\AppData\Local\VS Revo Group
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\ProgramData\VS Revo Group
    2014-09-14 23:17 - 2014-09-14 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
    2014-09-14 23:14 - 2014-09-14 23:13 - 10619688 _____ (VS Revo Group ) C:\Users\Imari\Downloads\RevoUninProSetup.exe
    2014-09-14 23:09 - 2014-09-14 11:57 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Trine2
    2014-09-14 11:57 - 2014-09-14 11:57 - 00000383 _____ () C:\Windows\DirectX.log
    2014-09-14 11:08 - 2014-09-14 11:08 - 02105856 _____ (Farbar) C:\Users\Imari\Downloads\FRST64.exe
    2014-09-14 11:07 - 2012-05-16 19:36 - 03033088 ___SH () C:\Users\Imari\Downloads\Thumbs.db
    2014-09-14 10:56 - 2012-12-14 18:11 - 00260096 ___SH () C:\Users\Imari\Desktop\Thumbs.db
    2014-09-14 10:55 - 2014-09-14 10:49 - 00002872 _____ () C:\Windows\system32\TmInstall.log
    2014-09-14 10:49 - 2014-09-14 10:49 - 00004280 _____ () C:\Windows\SysWOW64\TmInstall.log
    2014-09-14 10:47 - 2011-04-02 00:49 - 00000000 ____D () C:\ProgramData\Trend Micro
    2014-09-14 10:32 - 2014-09-14 10:32 - 01373475 _____ () C:\Users\Imari\Downloads\adwcleaner_3.310(1).exe
    2014-09-14 10:27 - 2014-09-14 10:27 - 01373475 _____ () C:\Users\Imari\Desktop\adwcleaner_3.310.exe
    2014-09-14 10:26 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Maintenance
    2014-09-14 10:21 - 2011-12-30 14:31 - 00804292 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
    2014-09-14 10:21 - 2009-07-14 01:13 - 00804292 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-09-14 10:20 - 2012-04-28 03:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
    2014-09-14 10:20 - 2011-12-30 14:31 - 00002119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2014-09-14 10:20 - 2011-12-30 14:31 - 00001945 _____ () C:\Windows\epplauncher.mif
    2014-09-14 10:20 - 2011-12-30 14:31 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2014-09-14 10:13 - 2014-09-14 10:13 - 00000000 _____ () C:\Windows\setuperr.log
    2014-09-13 19:21 - 2014-09-13 19:21 - 00000000 ____D () C:\Users\Imari\Documents\ProcAlyzer Dumps
    2014-09-13 19:20 - 2012-01-11 19:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
    2014-09-13 18:31 - 2014-09-13 18:31 - 05185536 _____ (AVAST Software) C:\Users\Imari\Desktop\aswMBR.exe
    2014-09-13 18:23 - 2014-09-13 18:21 - 00046720 _____ () C:\Users\Imari\Desktop\Addition.txt
    2014-09-13 18:16 - 2014-09-13 18:16 - 02105856 _____ (Farbar) C:\Users\Imari\Desktop\FRST64.exe
    2014-09-13 18:15 - 2014-09-13 18:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-IMARI-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
    2014-09-13 18:13 - 2014-09-13 18:13 - 00002237 _____ () C:\Users\Imari\Desktop\Tweaking.com - Registry Backup.lnk
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2014-09-13 18:13 - 2014-09-13 18:13 - 00000000 ____D () C:\RegBackup
    2014-09-13 18:12 - 2014-09-13 18:12 - 04057608 _____ () C:\Users\Imari\Downloads\tweaking.com_registry_backup_setup.exe
    2014-09-13 18:12 - 2014-09-13 18:12 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
    2014-09-13 17:06 - 2012-01-02 20:08 - 00000000 ____D () C:\Users\Imari\Desktop\Games
    2014-09-13 17:04 - 2013-09-21 23:20 - 00000000 ____D () C:\ProgramData\Oracle
    2014-09-13 17:03 - 2014-09-17 22:50 - 00880040 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
    2014-09-13 17:03 - 2014-09-17 22:50 - 00802728 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2014-09-13 17:03 - 2014-09-17 22:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-09-13 17:03 - 2014-09-17 22:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-09-13 17:03 - 2014-09-17 22:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-09-13 17:03 - 2014-09-13 17:03 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-09-13 14:37 - 2014-01-02 23:27 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
    2014-09-13 13:17 - 2014-05-09 07:12 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-09-12 19:23 - 2011-12-22 20:40 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Skype
    2014-09-10 20:29 - 2014-03-23 16:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-09-10 20:29 - 2011-12-22 20:39 - 00000000 ____D () C:\ProgramData\Skype
    2014-09-09 23:39 - 2009-07-14 03:45 - 00000000 ____D () C:\Windows\ShellNew
    2014-09-06 22:18 - 2014-09-06 22:15 - 00000000 ____D () C:\Users\Imari\Desktop\Football 9-5-14
    2014-09-04 22:10 - 2014-09-10 22:12 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-09-04 22:05 - 2014-09-10 22:12 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2014-09-01 14:30 - 2011-12-29 14:36 - 00000000 ____D () C:\Program Files\CCleaner
    2014-09-01 13:58 - 2012-01-15 23:39 - 00000000 ____D () C:\Windows\Minidump
    2014-09-01 13:29 - 2014-09-01 13:29 - 00001104 _____ () C:\Users\Imari\Desktop\Malwarebytes Anti-Malware.lnk
    2014-09-01 13:29 - 2014-09-01 13:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\Users\Imari\AppData\Roaming\Malwarebytes
    2014-09-01 13:29 - 2011-12-30 14:24 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics.zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (2).zip
    2014-08-31 19:30 - 2014-08-31 19:30 - 01364600 _____ () C:\Users\Imari\Downloads\ebaypics (1).zip
    2014-08-31 19:27 - 2014-06-09 20:12 - 00000000 ____D () C:\Users\Imari\Desktop\Ebay- yoyos
    2014-08-28 20:39 - 2009-07-14 00:45 - 04914096 _____ () C:\Windows\system32\FNTCACHE.DAT
    2014-08-23 10:40 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
    2014-08-22 22:07 - 2014-08-27 21:35 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
    2014-08-22 21:45 - 2014-08-27 21:35 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
    2014-08-22 20:59 - 2014-08-27 21:35 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-08-19 14:05 - 2014-09-14 10:23 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-08-19 13:39 - 2014-09-14 10:23 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-08-18 19:01 - 2014-09-14 10:23 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-08-18 18:29 - 2014-09-14 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-08-18 18:29 - 2014-09-14 10:23 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-08-18 18:26 - 2014-09-14 10:23 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-08-18 18:20 - 2014-09-14 10:23 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-08-18 18:19 - 2014-09-14 10:23 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-08-18 18:15 - 2014-09-14 10:23 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-08-18 18:15 - 2014-09-14 10:23 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-08-18 18:14 - 2014-09-14 10:23 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-08-18 18:14 - 2014-09-14 10:23 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-08-18 18:08 - 2014-09-14 10:23 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-08-18 18:05 - 2014-09-14 10:23 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-08-18 18:03 - 2014-09-14 10:23 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-08-18 18:03 - 2014-09-14 10:23 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-08-18 18:03 - 2014-09-14 10:23 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-08-18 17:57 - 2014-09-14 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-08-18 17:56 - 2014-09-14 10:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-08-18 17:51 - 2014-09-14 10:23 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-08-18 17:46 - 2014-09-14 10:23 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-08-18 17:45 - 2014-09-14 10:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-08-18 17:45 - 2014-09-14 10:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-08-18 17:44 - 2014-09-14 10:23 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-08-18 17:44 - 2014-09-14 10:23 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-08-18 17:42 - 2014-09-14 10:23 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-08-18 17:40 - 2014-09-14 10:23 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-08-18 17:39 - 2014-09-14 10:23 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-08-18 17:38 - 2014-09-14 10:23 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-08-18 17:37 - 2014-09-14 10:23 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-08-18 17:36 - 2014-09-14 10:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-08-18 17:35 - 2014-09-14 10:23 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-08-18 17:27 - 2014-09-14 10:23 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-08-18 17:25 - 2014-09-14 10:23 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-08-18 17:25 - 2014-09-14 10:23 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-08-18 17:23 - 2014-09-14 10:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-08-18 17:23 - 2014-09-14 10:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-08-18 17:22 - 2014-09-14 10:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-08-18 17:19 - 2014-09-14 10:23 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-08-18 17:17 - 2014-09-14 10:23 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-08-18 17:17 - 2014-09-14 10:23 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-08-18 17:16 - 2014-09-14 10:23 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-08-18 17:15 - 2014-09-14 10:23 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-08-18 17:15 - 2014-09-14 10:23 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-08-18 17:09 - 2014-09-14 10:23 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-08-18 17:08 - 2014-09-14 10:23 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-08-18 17:07 - 2014-09-14 10:23 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-08-18 16:55 - 2014-09-14 10:23 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-08-18 16:46 - 2014-09-14 10:23 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-08-18 16:38 - 2014-09-14 10:23 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-08-18 16:38 - 2014-09-14 10:23 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-08-18 16:36 - 2014-09-14 10:23 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

    Some content of TEMP:
    ====================
    C:\Users\Imari\AppData\Local\Temp\Quarantine.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-09-09 21:49

    ==================== End Of Log ============================




    My computer is running faster than it has in a long time! It's very full (in fact, C was so full it initially couldn't download Adobe) but once my PC is clean, I'm moving a lot of files to an external drive, so that should help even more. Everything from browser activity to Steam games is running much more smoothly and quickly.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •