Page 1 of 3 123 LastLast
Results 1 to 10 of 30

Thread: QTrax being detected in my disc drive

  1. #1
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default QTrax being detected in my disc drive

    Hello! I will try to follow the rules since this is my first time here. For a while now, when I start up my computer and Spybot runs, it detects Qtrax as malware in my disc drive. I don't know what to do to get rid of it, as the program is unable to clean something that isn't there. Can you help me? I've included the appropriate logs that I could below. Thank you!

    PS: I didn't include the aswMBR log because I could get it to finish running. Let me know if you need more info!

    FRST log -

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
    Ran by Sarah (administrator) on STELLA on 29-03-2015 11:00:48
    Running from C:\Users\Sarah\Desktop
    Loaded Profiles: Sarah (Available profiles: Sarah)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Apple Inc.) D:\Music\iTunesHelper.exe
    (Valve Corporation) D:\Steam\Steam.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
    (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    (Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
    (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
    (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe
    (Dropbox, Inc.) C:\Users\Sarah\AppData\Roaming\Dropbox\bin\Dropbox.exe
    () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    (NVIDIA Corporation) C:\Users\Sarah\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
    (Samsung Electronics Co., Ltd.) D:\Kies\KiesTrayAgent.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Valve Corporation) D:\Steam\bin\steamwebhelper.exe
    (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe
    (Tweaking.com) D:\Downloads\files\registry_backup_tool\TweakingRegistryBackup.exe
    (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [iTunesHelper] => D:\Music\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
    HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-07-11] (Nullsoft, Inc.)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [300400 2010-03-11] (Citrix Systems, Inc.)
    HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
    HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-12-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-12-03] (Adobe Systems Inc.)
    HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-11-17] (DivX, LLC)
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
    HKLM-x32\...\Run: [BackupNowEZtray] => C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZtray.exe [580672 2012-07-23] (NTI Corporation)
    HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
    HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
    HKLM-x32\...\Run: [KiesTrayAgent] => D:\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => D:\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [163328 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [Google Update] => C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-26] (Google Inc.)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [Steam] => D:\Steam\steam.exe [2888896 2015-03-24] (Valve Corporation)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6161176 2014-02-20] (Piriform Ltd)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [KiesAirMessage] => D:\Kies\KiesAirMessage.exe -startup
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\MountPoints2: F - F:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\MountPoints2: {08f61612-e13b-11e3-8393-f46d04666427} - F:\VZW_Software_upgrade_assistant.exe
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\MountPoints2: {08f6162c-e13b-11e3-8393-f46d04666427} - F:\VZW_Software_upgrade_assistant.exe
    Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
    SearchScopes: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> DefaultScope {33F453F6-7764-4C44-A264-54881DFA7181} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> {26D446C9-7F35-4F58-97B8-C950326FE894} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=994519&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> {33F453F6-7764-4C44-A264-54881DFA7181} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll [2012-11-13] (Safer-Networking Ltd.)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-20] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
    BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-20] (Oracle Corporation)
    BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
    Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2014-12-03] (Adobe Systems Incorporated)
    Toolbar: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    DPF: HKLM-x32 {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} https://extranet.cchmc.org/+CSCOL+/csvrloader32.cab
    Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-03-11] (Citrix Systems, Inc.)
    Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-03-11] (Citrix Systems, Inc.)
    Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll [2014-05-18] ()
    FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll [2014-05-18] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
    FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-20] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-20] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
    FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-3452437872-2670650920-2198047957-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3452437872-2670650920-2198047957-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3452437872-2670650920-2198047957-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sarah\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-07] (Unity Technologies ApS)
    FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-10-24]
    FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
    FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-07-23]

    Chrome:
    =======
    CHR StartupUrls: Default -> "hxxp://en.wikipedia.org/wiki/Special:Random"
    CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-09]
    CHR Extension: (Add to Amazon Wish List) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-04-06]
    CHR Extension: (Google Search) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-09]
    CHR Extension: (AdBlock) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-11]
    CHR Extension: (feedly) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-24]
    CHR Extension: (Reddit Enhancement Suite) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-20]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
    CHR Extension: (Totoro Rainy Day) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmiagjknjjfockcklibjlfdojojaffff [2012-04-19]
    CHR Extension: (Ghostery) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2012-04-30]
    CHR Extension: (Google Wallet) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
    CHR Extension: (Gmail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]
    StartMenuInternet: Google Chrome - C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
    R2 NTI BackupNowEZSvr; C:\Program Files (x86)\NTI\NTI Backup Now EZ\BackupNowEZSvr.exe [45592 2011-09-23] (NTI Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
    S3 Origin Client Service; D:\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    S3 DAUpdaterSvc; D:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
    S3 WPFFontCache_v0400; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2013-09-24] (MotioninJoy) [File not signed]
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
    R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-01-14] () [File not signed]
    S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
    S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
    S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
    U3 akprivjh; C:\Windows\System32\Drivers\akprivjh.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero size file/folder)
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-29 11:00 - 2015-03-29 11:01 - 00025306 _____ () C:\Users\Sarah\Desktop\FRST.txt
    2015-03-29 11:00 - 2015-03-29 11:00 - 00000000 ____D () C:\FRST
    2015-03-29 10:59 - 2015-03-29 10:59 - 02095616 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
    2015-03-29 10:58 - 2015-03-29 10:58 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-STELLA-Windows-7-Ultimate-(64-bit).dat
    2015-03-29 10:58 - 2015-03-29 10:58 - 00000000 ____D () C:\RegBackup
    2015-03-29 10:57 - 2015-03-29 11:00 - 00016353 _____ () C:\Windows\WindowsUpdate.log
    2015-03-29 10:52 - 2015-03-29 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
    2015-03-24 22:07 - 2015-03-11 00:06 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-03-24 22:07 - 2015-03-11 00:06 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-03-24 22:07 - 2015-03-11 00:06 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-03-24 22:07 - 2015-03-11 00:06 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-03-24 22:07 - 2015-03-11 00:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-03-24 22:07 - 2015-03-11 00:05 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-03-24 22:07 - 2015-03-11 00:05 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-03-24 22:07 - 2015-03-11 00:02 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-03-15 18:24 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-03-15 18:24 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-03-15 18:24 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-03-15 18:24 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-03-15 18:24 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-03-15 18:24 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-03-15 18:24 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-03-15 18:24 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-03-15 18:24 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2015-03-15 18:24 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2015-03-15 18:24 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2015-03-15 18:24 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2015-03-15 18:24 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2015-03-15 18:24 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2015-03-15 18:24 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2015-03-15 18:24 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-03-15 18:24 - 2015-02-23 23:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-03-15 18:24 - 2015-02-23 22:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-03-15 18:24 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-03-15 18:24 - 2015-02-20 20:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2015-03-15 18:24 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-03-15 18:24 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-03-15 18:24 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-03-15 18:24 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-03-15 18:24 - 2015-02-19 23:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-03-15 18:24 - 2015-02-19 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-03-15 18:24 - 2015-02-19 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-03-15 18:24 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-03-15 18:24 - 2015-02-19 22:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-03-15 18:24 - 2015-02-19 22:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-03-15 18:24 - 2015-02-19 22:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-03-15 18:24 - 2015-02-19 22:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-03-15 18:24 - 2015-02-19 22:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-03-15 18:24 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2015-03-15 18:24 - 2015-02-19 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-03-15 18:24 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-03-15 18:24 - 2015-02-19 22:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2015-03-15 18:24 - 2015-02-19 22:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2015-03-15 18:24 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2015-03-15 18:24 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-03-15 18:24 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-03-15 18:24 - 2015-02-19 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2015-03-15 18:24 - 2015-02-19 22:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2015-03-15 18:24 - 2015-02-19 21:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2015-03-15 18:24 - 2015-02-19 21:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-03-15 18:24 - 2015-02-19 21:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2015-03-15 18:24 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-03-15 18:24 - 2015-02-19 21:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-03-15 18:24 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-03-15 18:24 - 2015-02-19 21:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2015-03-15 18:24 - 2015-02-19 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2015-03-15 18:24 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-03-15 18:24 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-03-15 18:24 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-03-15 18:24 - 2015-02-19 21:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2015-03-15 18:24 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-03-15 18:24 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-03-15 18:24 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-03-15 18:24 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-03-15 18:24 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-03-15 18:24 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2015-03-15 18:24 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2015-03-15 18:24 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-03-15 18:24 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
    2015-03-15 18:24 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
    2015-03-15 18:24 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
    2015-03-15 18:24 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
    2015-03-15 18:24 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
    2015-03-15 18:24 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
    2015-03-15 18:24 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
    2015-03-15 18:24 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
    2015-03-15 18:24 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
    2015-03-15 18:24 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
    2015-03-15 18:24 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-03-15 18:24 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
    2015-03-15 18:24 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
    2015-03-15 18:24 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2015-03-15 18:24 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2015-03-15 18:24 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
    2015-03-15 18:24 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
    2015-03-15 18:24 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
    2015-03-15 18:24 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
    2015-03-15 18:24 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
    2015-03-15 18:24 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
    2015-03-15 18:24 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
    2015-03-15 18:24 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2015-03-15 18:24 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
    2015-03-15 18:24 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-03-15 18:24 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
    2015-03-15 18:23 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-03-15 18:23 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-03-15 18:23 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
    2015-03-15 18:23 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
    2015-03-15 18:23 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
    2015-03-15 18:23 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
    2015-03-15 18:23 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
    2015-03-15 18:23 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
    2015-03-15 18:23 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
    2015-03-15 18:23 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
    2015-03-15 18:23 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
    2015-03-15 18:23 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
    2015-03-15 18:23 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-03-15 18:23 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-03-15 18:23 - 2015-02-19 22:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-03-15 18:23 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-03-15 18:23 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-03-15 18:23 - 2015-02-19 22:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-03-15 18:23 - 2015-02-19 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-03-15 18:23 - 2015-02-19 21:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-03-15 18:23 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-03-15 18:23 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-03-15 18:18 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
    2015-03-15 18:18 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
    2015-03-15 18:18 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
    2015-03-15 18:17 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
    2015-03-15 18:17 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
    2015-03-15 18:04 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2015-03-15 18:04 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2015-03-15 18:04 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
    2015-03-15 18:04 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
    2015-03-15 17:51 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
    2015-03-15 17:51 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
    2015-03-05 22:02 - 2015-03-05 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-03-05 22:02 - 2012-10-03 17:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
    2015-03-05 22:01 - 2015-03-05 22:02 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
    2015-03-05 22:01 - 2015-03-05 22:01 - 00000000 ____D () C:\Program Files\iPod
    2015-03-05 22:01 - 2015-03-05 22:01 - 00000000 ____D () C:\Program Files (x86)\iTunes
    2015-03-03 18:44 - 2015-01-08 23:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
    2015-03-03 18:44 - 2015-01-08 23:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
    2015-03-03 18:44 - 2015-01-08 23:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
    2015-03-03 18:44 - 2015-01-08 22:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-03-29 10:57 - 2012-07-10 21:25 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Dropbox
    2015-03-29 10:56 - 2015-02-21 18:39 - 00000000 ___RD () C:\Users\Sarah\iCloudDrive
    2015-03-29 10:56 - 2011-10-22 17:25 - 00000000 ____D () C:\ProgramData\NVIDIA
    2015-03-29 10:56 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-03-29 10:49 - 2013-10-06 16:54 - 00416826 _____ () C:\Windows\system32\perfh011.dat
    2015-03-29 10:49 - 2013-10-06 16:54 - 00122208 _____ () C:\Windows\system32\perfc011.dat
    2015-03-29 10:49 - 2013-10-06 16:45 - 00509462 _____ () C:\Windows\system32\perfh006.dat
    2015-03-29 10:49 - 2013-10-06 16:45 - 00098766 _____ () C:\Windows\system32\perfc006.dat
    2015-03-29 10:49 - 2013-10-06 16:24 - 00401070 _____ () C:\Windows\system32\prfh0404.dat
    2015-03-29 10:49 - 2013-10-06 16:24 - 00115198 _____ () C:\Windows\system32\prfc0404.dat
    2015-03-29 10:49 - 2013-10-06 16:16 - 00713928 _____ () C:\Windows\system32\prfh0416.dat
    2015-03-29 10:49 - 2013-10-06 16:16 - 00147764 _____ () C:\Windows\system32\prfc0416.dat
    2015-03-29 10:49 - 2013-10-06 16:08 - 00729066 _____ () C:\Windows\system32\prfh0816.dat
    2015-03-29 10:49 - 2013-10-06 16:08 - 00153014 _____ () C:\Windows\system32\prfc0816.dat
    2015-03-29 10:49 - 2013-10-06 15:59 - 00740406 _____ () C:\Windows\system32\perfh015.dat
    2015-03-29 10:49 - 2013-10-06 15:59 - 00155980 _____ () C:\Windows\system32\perfc015.dat
    2015-03-29 10:49 - 2013-10-06 15:27 - 00656730 _____ () C:\Windows\system32\perfh01F.dat
    2015-03-29 10:49 - 2013-10-06 15:27 - 00140108 _____ () C:\Windows\system32\perfc01F.dat
    2015-03-29 10:49 - 2013-10-06 15:04 - 00383998 _____ () C:\Windows\system32\prfh0804.dat
    2015-03-29 10:49 - 2013-10-06 15:04 - 00119700 _____ () C:\Windows\system32\prfc0804.dat
    2015-03-29 10:49 - 2013-10-06 14:14 - 00724648 _____ () C:\Windows\system32\perfh019.dat
    2015-03-29 10:49 - 2013-10-06 14:14 - 00150950 _____ () C:\Windows\system32\perfc019.dat
    2015-03-29 10:49 - 2013-10-06 13:58 - 00494562 _____ () C:\Windows\system32\perfh014.dat
    2015-03-29 10:49 - 2013-10-06 13:58 - 00095512 _____ () C:\Windows\system32\perfc014.dat
    2015-03-29 10:49 - 2013-10-06 13:46 - 00607036 _____ () C:\Windows\system32\perfh008.dat
    2015-03-29 10:49 - 2013-10-06 13:46 - 00111236 _____ () C:\Windows\system32\perfc008.dat
    2015-03-29 10:49 - 2013-10-06 13:25 - 00663768 _____ () C:\Windows\system32\perfh01D.dat
    2015-03-29 10:49 - 2013-10-06 13:25 - 00142582 _____ () C:\Windows\system32\perfc01D.dat
    2015-03-29 10:49 - 2013-10-06 13:04 - 00428472 _____ () C:\Windows\system32\perfh012.dat
    2015-03-29 10:49 - 2013-10-06 13:04 - 00120492 _____ () C:\Windows\system32\perfc012.dat
    2015-03-29 10:49 - 2013-10-06 12:50 - 00668888 _____ () C:\Windows\system32\perfh005.dat
    2015-03-29 10:49 - 2013-10-06 12:50 - 00141534 _____ () C:\Windows\system32\perfc005.dat
    2015-03-29 10:49 - 2013-10-06 12:17 - 00743546 _____ () C:\Windows\system32\perfh013.dat
    2015-03-29 10:49 - 2013-10-06 12:17 - 00153210 _____ () C:\Windows\system32\perfc013.dat
    2015-03-29 10:49 - 2013-10-06 11:57 - 00481550 _____ () C:\Windows\system32\perfh00B.dat
    2015-03-29 10:49 - 2013-10-06 11:57 - 00101628 _____ () C:\Windows\system32\perfc00B.dat
    2015-03-29 10:49 - 2013-10-06 11:47 - 00683802 _____ () C:\Windows\system32\perfh00E.dat
    2015-03-29 10:49 - 2013-10-06 11:47 - 00171382 _____ () C:\Windows\system32\perfc00E.dat
    2015-03-29 10:49 - 2013-10-06 11:28 - 00745504 _____ () C:\Windows\system32\perfh00A.dat
    2015-03-29 10:49 - 2013-10-06 11:28 - 00158582 _____ () C:\Windows\system32\perfc00A.dat
    2015-03-29 10:49 - 2013-10-06 11:04 - 00392392 _____ () C:\Windows\system32\perfh00D.dat
    2015-03-29 10:49 - 2013-10-06 11:04 - 00084866 _____ () C:\Windows\system32\perfc00D.dat
    2015-03-29 10:49 - 2013-10-06 10:47 - 00740094 _____ () C:\Windows\system32\perfh010.dat
    2015-03-29 10:49 - 2013-10-06 10:47 - 00146954 _____ () C:\Windows\system32\perfc010.dat
    2015-03-29 10:49 - 2013-10-06 10:36 - 00745764 _____ () C:\Windows\system32\perfh00C.dat
    2015-03-29 10:49 - 2013-10-06 10:36 - 00479062 _____ () C:\Windows\system32\perfh001.dat
    2015-03-29 10:49 - 2013-10-06 10:36 - 00149688 _____ () C:\Windows\system32\perfc00C.dat
    2015-03-29 10:49 - 2013-10-06 10:36 - 00094880 _____ () C:\Windows\system32\perfc001.dat
    2015-03-29 10:49 - 2013-10-06 10:15 - 00697256 _____ () C:\Windows\system32\perfh007.dat
    2015-03-29 10:49 - 2013-10-06 10:15 - 00149224 _____ () C:\Windows\system32\perfc007.dat
    2015-03-29 10:49 - 2009-07-14 01:13 - 17450248 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-03-29 10:48 - 2011-10-25 11:51 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-03-29 10:48 - 2011-10-25 11:51 - 00017088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-03-25 18:04 - 2011-10-22 17:44 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000UA.job
    2015-03-25 17:24 - 2014-12-10 18:16 - 00000000 ____D () C:\Windows\system32\appraiser
    2015-03-25 17:24 - 2014-05-06 23:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2015-03-23 22:01 - 2013-09-09 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
    2015-03-23 22:01 - 2011-10-22 18:30 - 00000000 ____D () C:\Program Files\DivX
    2015-03-23 22:01 - 2011-10-22 18:30 - 00000000 ____D () C:\Program Files (x86)\DivX
    2015-03-23 22:01 - 2011-10-22 18:28 - 00000000 ____D () C:\ProgramData\DivX
    2015-03-23 21:58 - 2011-10-22 17:44 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000Core.job
    2015-03-23 17:22 - 2009-07-14 01:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-03-16 03:31 - 2009-07-14 00:45 - 00445064 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\zh-HK
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\uk-UA
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\tr-TR
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\th-TH
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sl-SI
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sk-SK
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ro-RO
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lv-LV
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\lt-LT
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\hr-HR
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\he-IL
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\et-EE
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\bg-BG
    2015-03-16 03:30 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\ar-SA
    2015-03-16 03:14 - 2011-10-25 19:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2015-03-16 03:14 - 2006-11-02 08:34 - 00000219 _____ () C:\Windows\win.ini
    2015-03-16 03:05 - 2013-08-19 23:42 - 00000000 ____D () C:\Windows\system32\MRT
    2015-03-16 03:02 - 2011-10-25 23:35 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-03-15 17:31 - 2012-07-10 21:26 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-03-05 22:06 - 2012-08-06 18:30 - 00000000 ____D () C:\Users\Sarah\AppData\Roaming\Apple Computer
    2015-03-05 22:01 - 2015-02-21 18:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
    2015-03-05 22:01 - 2012-08-06 18:29 - 00000000 ____D () C:\ProgramData\Apple Computer
    2015-03-04 18:29 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
    2015-03-03 09:17 - 2011-10-23 21:57 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

    ==================== Files in the root of some directories =======

    2013-09-14 23:28 - 2013-09-13 22:04 - 0012005 _____ () C:\Users\Sarah\AppData\Roaming\alsoft.ini
    2012-06-29 23:34 - 2012-06-29 23:34 - 0011298 _____ () C:\Users\Sarah\AppData\Local\recently-used.xbel

    Some content of TEMP:
    ====================
    C:\Users\Sarah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphymuuo.dll


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-03-15 18:42

    ==================== End Of Log ============================

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
    Ran by Sarah at 2015-03-29 11:01:26
    Running from C:\Users\Sarah\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.13 - Adobe Systems)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
    Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.63 - Adobe Systems Incorporated)
    Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
    Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
    Age of Empires III: Complete Collection (HKLM-x32\...\GFWL_{4541091F-1F3D-4BA3-A5A3-F71000000100}) (Version: 1.0.0000.1 - Microsoft Game Studios)
    Age of Empires III: Complete Collection (x32 Version: 1.0.0000.1 - Microsoft Game Studios) Hidden
    American McGee's Alice(tm) (HKLM-x32\...\{77B5AD60-8F14-11D4-9BC9-0050041A1090}) (Version: - )
    Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ARMA 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)
    ARMA 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
    Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
    Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - )
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None, Inc.)
    Brütal Legend (HKLM-x32\...\Steam App 225260) (Version: - Double Fine Productions)
    CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
    Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
    Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - )
    Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.0.0.6410 - Citrix Systems, Inc.)
    Depression Quest (HKLM-x32\...\Steam App 270170) (Version: - The Quinnspiracy)
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - Klei Entertainment)
    Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
    Dropbox (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
    EndNote X4 (HKLM-x32\...\{86B3F2D6-AC2B-0014-8AE1-F2F77F781B0C}) (Version: 14.0.2.5149 - Thomson Reuters)
    erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
    Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
    Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Bethesda Softworks)
    Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
    FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation)
    FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
    Google Chrome (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
    Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
    Google+ Auto Backup (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
    Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version: - DrinkBox Studios)
    Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
    Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
    Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
    Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version: - )
    HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
    Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - )
    iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
    iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    K-Lite Codec Pack 9.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
    Left 4 Dead 2 Add-On Installer (HKLM-x32\...\{4BED8F48-59BF-414F-8ABF-A10BD714F966}) (Version: 2.0.4067.22360 - Team [SAO])
    Left 4 Dead 2 Add-on Support (HKLM-x32\...\Steam App 564) (Version: - Valve)
    Left 4 Dead 2 Dedicated Server (HKLM-x32\...\Steam App 560) (Version: - Valve)
    Left 4 Dead Dedicated Server (HKLM-x32\...\Steam App 510) (Version: - Valve)
    LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
    Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
    LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
    Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
    Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare)
    Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version: - BioWare)
    Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
    Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (dansk) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1030) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Polski) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1045) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Português) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2070) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (suomi) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1035) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (svenska) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1053) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Ελληνικά) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1032) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Русский) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1049) (Version: 4.5.50938 - Корпорация Майкрософт)
    Microsoft .NET Framework 4.5.1 (עברית) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1037) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (日本語) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1041) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1(한국어) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1042) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1, norsk språkpakke (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1044) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET-keretrendszer 4.5.1 (magyar) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1038) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE)
    MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mumble 1.2.4 (HKLM-x32\...\{E0955568-4353-4C85-8988-285A8C0F5E87}) (Version: 1.2.4 - Thorvald Natvig)
    MyFreeCodec (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\MyFreeCodec) (Version: - )
    Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
    NTI Backup Now EZ (HKLM-x32\...\InstallShield_{B9ECA41B-55CC-4654-B6B5-6731D009EC69}) (Version: 2.5.2.56 - NTI Corporation)
    NTI Backup Now EZ (x32 Version: 2.5.2.56 - NTI Corporation) Hidden
    NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
    NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version: - Young Horses)
    OpenAL (HKLM-x32\...\OpenAL) (Version: - )
    Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
    Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
    Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
    Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version: - PopCap Games, Inc.)
    Psychonauts (HKLM-x32\...\Steam App 3830) (Version: - Double Fine Productions, Inc.)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.247.222.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
    ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - )
    Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version: - Volition)
    Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
    Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
    Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
    Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (x32 Version: 3.2.14034.17 - Samsung Electronics Co., Ltd.) Hidden
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
    Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
    Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7016 - Six Projects)
    Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
    Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games)
    Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital)
    Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
    Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version: - MinMax Games Ltd.)
    Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - )
    Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - Irrational Games)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
    Terraria (HKLM-x32\...\Steam App 105600) (Version: - )
    The Binding Of Isaac (HKLM-x32\...\Steam App 113200) (Version: - )
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
    Torchlight (HKLM-x32\...\Steam App 41500) (Version: - Runic Games)
    Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
    Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.1.0 - Tweaking.com)
    Unity Web Player (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
    Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.8.1.0 - Azureus Software, Inc.)
    Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.621 - Nullsoft, Inc)
    Winamp Detector Plug-in (HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
    Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sarah\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

    ==================== Restore Points =========================

    ATTENTION: System Restore is disabled.

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2006-11-02 08:34 - 2006-09-18 17:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1 localhost
    ::1 localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {17F74D12-49BE-4BE6-8243-33F60C847F02} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {1EFB4A79-41A4-4F40-8E81-5A646413E2D9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
    Task: {214BE55F-04A0-4435-B0BF-5D08C2EDCFE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
    Task: {281BB812-7F17-446F-8D47-73DADB2F93E7} - System32\Tasks\{45045A8D-A9C3-42BF-99C2-C3ABB923EF30} => pcalua.exe -a "C:\program files (x86)\steam\steamapps\common\left 4 dead 2\bin\addoninstaller.exe" -d "c:\program files (x86)\steam\steamapps\common\left 4 dead 2" -c /register
    Task: {5802F255-5DD1-4A05-842A-46C8A9336D43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
    Task: {657AB63A-E41B-4089-A307-0A3392AB3C7C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000Core => C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
    Task: {742E0774-2EA0-4F71-AF2F-9CDB9F8FCEBB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000UA => C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
    Task: {8574DD2E-1355-436A-A059-75C392142F1D} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe
    Task: {882DEA22-59BC-458E-8581-FC6F93B1EC3F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
    Task: {8D0F4B17-1B34-4F86-AF9A-6F80B91CAAEA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {BC37D7EE-8A7B-43AB-833C-7041A4D0A0AD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
    Task: {C15F8E8F-C064-4FEB-AF1A-4C3ACC1A2649} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
    Task: {C28278BF-1ABF-4595-BB2A-15201DDF25E3} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000Core.job => C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3452437872-2670650920-2198047957-1000UA.job => C:\Users\Sarah\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) ==============

    2012-11-18 01:57 - 2014-11-12 17:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
    2015-02-13 05:20 - 2015-02-13 05:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-02-13 05:20 - 2015-02-13 05:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2011-11-08 00:36 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
    2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
    2011-09-23 21:54 - 2011-09-23 21:54 - 00465344 _____ () C:\Program Files (x86)\NTI\NTI Backup Now EZ\sqlite3.dll
    2013-04-12 08:59 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
    2013-04-12 08:59 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
    2013-04-12 08:59 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
    2013-04-12 08:59 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
    2013-04-12 08:59 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
    2014-03-02 22:31 - 2015-03-10 02:37 - 00775680 _____ () D:\Steam\SDL2.dll
    2015-01-19 17:51 - 2014-12-01 20:29 - 05002752 _____ () D:\Steam\v8.dll
    2015-01-19 17:51 - 2014-12-01 20:29 - 01612800 _____ () D:\Steam\icui18n.dll
    2015-01-19 17:51 - 2014-12-01 20:29 - 01210368 _____ () D:\Steam\icuuc.dll
    2014-05-21 19:26 - 2015-03-24 00:22 - 02371776 _____ () D:\Steam\video.dll
    2014-08-28 21:48 - 2014-12-01 17:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
    2014-08-28 21:48 - 2014-12-01 17:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
    2014-08-28 21:48 - 2014-12-01 17:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
    2014-08-28 21:48 - 2014-12-01 17:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
    2014-08-28 21:48 - 2014-12-01 17:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
    2014-03-02 22:32 - 2015-03-24 00:22 - 00702656 _____ () D:\Steam\bin\chromehtml.DLL
    2015-02-13 05:20 - 2015-02-13 05:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-08-12 13:18 - 2011-08-12 13:18 - 02145304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
    2011-08-12 13:18 - 2011-08-12 13:18 - 07956504 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
    2011-08-12 13:18 - 2011-08-12 13:18 - 00342552 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
    2011-08-12 13:18 - 2011-08-12 13:18 - 00029208 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
    2011-08-12 13:18 - 2011-08-12 13:18 - 00128536 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
    2013-04-12 08:59 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
    2015-03-04 18:08 - 2015-03-04 18:08 - 00750080 _____ () C:\Users\Sarah\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-03-29 10:56 - 2015-03-29 10:56 - 00043008 _____ () c:\users\sarah\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphymuuo.dll
    2015-03-04 18:08 - 2015-03-04 18:08 - 00047616 _____ () C:\Users\Sarah\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-03-04 18:08 - 2015-03-04 18:08 - 00865280 _____ () C:\Users\Sarah\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-03-04 18:07 - 2015-03-04 18:07 - 00200704 _____ () C:\Users\Sarah\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
    2014-03-02 22:32 - 2015-02-24 21:58 - 34641288 _____ () D:\Steam\bin\libcef.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-03-21 13:05 - 2015-03-14 06:12 - 01174856 _____ () C:\Users\Sarah\AppData\Local\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
    2015-03-21 13:05 - 2015-03-14 06:12 - 00080200 _____ () C:\Users\Sarah\AppData\Local\Google\Chrome\Application\41.0.2272.101\libegl.dll
    2015-03-21 13:05 - 2015-03-14 06:12 - 09278792 _____ () C:\Users\Sarah\AppData\Local\Google\Chrome\Application\41.0.2272.101\pdf.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"

    ==================== EXE Association (whitelisted) ===============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 209.18.47.61 - 209.18.47.62

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== Accounts: =============================

    Administrator (S-1-5-21-3452437872-2670650920-2198047957-500 - Administrator - Disabled)
    Guest (S-1-5-21-3452437872-2670650920-2198047957-501 - Limited - Enabled)
    HomeGroupUser$ (S-1-5-21-3452437872-2670650920-2198047957-1007 - Limited - Enabled)
    Sarah (S-1-5-21-3452437872-2670650920-2198047957-1000 - Administrator - Enabled) => C:\Users\Sarah

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8362

    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8362

    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/21/2015 06:26:20 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: STELLA)
    Description: Application or service 'Google Chrome' could not be shut down.

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4072

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4072

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3073

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3073

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (03/29/2015 10:53:10 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.195.184.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/29/2015 10:53:10 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.195.184.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.7.0205.00

    Source Path: 4.7.0205.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (03/25/2015 05:34:35 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (03/25/2015 05:34:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (03/25/2015 05:25:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053

    Error: (03/25/2015 05:25:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

    Error: (03/22/2015 10:22:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

    Error: (03/21/2015 00:07:24 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 70. The internal error state is 105.

    Error: (03/18/2015 06:37:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (03/18/2015 06:37:22 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5


    Microsoft Office Sessions:
    =========================
    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8362

    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8362

    Error: (03/17/2015 07:00:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/21/2015 06:26:20 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: STELLA)
    Description: 1C:\Users\Sarah\AppData\Local\Google\Chrome\Application\chrome.exeGoogle Chrome021174280

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 4072

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 4072

    Error: (02/21/2015 04:47:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3073

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 3073

    Error: (02/21/2015 04:47:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    CodeIntegrity Errors:
    ===================================
    Date: 2011-10-25 01:12:47.279
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

    Date: 2011-10-25 01:12:47.107
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

    Date: 2011-10-25 01:12:46.936
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

    Date: 2011-10-25 01:12:46.764
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

    Date: 2011-10-25 01:12:46.577
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3-2105 CPU @ 3.10GHz
    Percentage of memory in use: 58%
    Total physical RAM: 8172.13 MB
    Available physical RAM: 3383.68 MB
    Total Pagefile: 16342.45 MB
    Available Pagefile: 11674.75 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:111.79 GB) (Free:0.62 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (WD Hard Drive) (Fixed) (Total:931.51 GB) (Free:433.35 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FC35723F)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 198FD25A)
    Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

  2. #2
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,804

    Default

    Hi and welcome

    http://www.sevenforums.com/tutorials...e-disable.html
    Enable System Restore
    Please follow the above tutorial to enable system restore. This could be a safety catch and is needed in the event we need to do a restore.

    ~~~~~~~~~~~~~~~~

    uninstall
    Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version: - )

    ~~~~~~~~~~~~~~`

    How to show hidden files in Windows 7
    http://www.bleepingcomputer.com/tuto...-in-windows-7/


    Please go to one of the below sites to scan the following files:
    Virus Total (Recommended)
    jotti.org
    VirScan
    click on Browse, and upload the following file for analysis:

    C:\Windows\System32\Drivers\akprivjh.sys


    Then click Submit. Allow the file to be scanned, and then please copy and paste the results link (for Virus Total) here for me to see.
    If it says already scanned -- click "reanalyze now"
    Please post the results in your next reply.


    ~~~~~~~~~~~~~~~~~~~`


    NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

    Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
    To do this highlight the contents of the box and right click on it and select copy.
    Paste this into the open notepad. save it to the Desktop as fixlist.txt
    NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
    It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)





    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    Toolbar: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    CHR StartupUrls: Default -> "hxxp://en.wikipedia.org/wiki/Special:Random"
    C:\Users\Sarah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphymuuo.dll
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    EmptyTemp:
    End
    Open FRST/FRST64 and press the Fix button just once and wait.
    If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
    When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


    ~~~~~~~~~~~~~~~~~~~`

    AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-Click AdwCleaner.exe and select Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
    • Follow the prompts and allow your computer to reboot.
    • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

    -- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.

    ~~~~

    please post
    file requested scanned
    Fixlog.txt
    AdwCleaner.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default

    Hello! Thank you for your reply. I have performed the following actions.

    Enable system restore

    ~~~~~~~~~~~~~~

    Uninstall Download Updater (AOL LLC)

    ~~~~~~~~~~~~~

    Shown hidden files in Windows 7

    ~~~~~~~~~~~~~

    I cannot find the file C:\Windows\System32\Drivers\akprivjh.sys in that folder.

    I did not proceed with subsequent steps just in case.


    Thank you! Please let me know if there is another file name I should scan.

  4. #4
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,804

    Default

    At this time let's continue with the instructions for

    Fixlog.txt
    AdwCleaner.txt
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #5
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default

    Here is the Fixlog.txt -

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
    Ran by Sarah at 2015-03-31 18:48:36 Run:1
    Running from C:\Users\Sarah\Desktop
    Loaded Profiles: Sarah (Available profiles: Sarah)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    CreateRestorePoint:
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
    Toolbar: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
    CHR StartupUrls: Default -> "hxxp://en.wikipedia.org/wiki/Special:Random"
    C:\Users\Sarah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphymuuo.dll
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\Sarah\AppData\Local\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe" No File
    CustomCLSID: HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sarah\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    EmptyTemp:
    End
    *****************

    Restore point was successfully created.
    Processes closed successfully.
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    "HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
    HKU\S-1-5-21-3452437872-2670650920-2198047957-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
    HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
    Chrome StartupUrls deleted successfully.
    "C:\Users\Sarah\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphymuuo.dll" => File/Directory not found.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}" => Key deleted successfully.
    "HKU\S-1-5-21-3452437872-2670650920-2198047957-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
    EmptyTemp: => Removed 441.8 MB temporary data.


    The system needed a reboot.

    ==== End of Fixlog 18:49:11 ====


    ~~~~~~~~~~~~~~~~~~~~~~

    Here is the AdwCleaner[S0].txt -

    # AdwCleaner v4.200 - Logfile created 31/03/2015 at 18:55:43
    # Updated 29/03/2015 by Xplode
    # Database : 2015-03-29.1 [Server]
    # Operating system : Windows 7 Ultimate Service Pack 1 (x64)
    # Username : Sarah - STELLA
    # Running from : C:\Users\Sarah\Desktop\adwcleaner_4.200.exe
    # Option : Cleaning

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\Users\Sarah\AppData\Roaming\Search Protection

    ***** [ Scheduled tasks ] *****


    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Myfree Codec
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
    Key Deleted : HKLM\SOFTWARE\Myfree Codec
    Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
    [x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride]

    ***** [ Web browsers ] *****

    -\\ Internet Explorer v11.0.9600.17689


    -\\ Google Chrome v


    *************************

    AdwCleaner[R0].txt - [2163 bytes] - [31/03/2015 18:52:45]
    AdwCleaner[S0].txt - [1968 bytes] - [31/03/2015 18:55:43]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2027 bytes] ##########

  6. #6
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,804

    Default

    I'd like for you to run a Malwarebytes scan

    Please open MBAM, click on the update button.

    If it updates or is already up to date

    Next at the top click on Scan

    Please click on THREAT, then click on Start Scan
    • When the scan has completed, the results will be displayed. Click on Quarantine All, then click on Apply Actions.
    • To complete any actions taken you will be prompted to restart your computer...click on Yes. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
    • After rebooting the computer, copy and paste the mbam.log in your next reply.

    To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 1)
    • Open Malwarebytes Anti-Malware.
    • Click the History Tab at the top and select Application Logs.
    • Select (check) the box next to Scan Log. Choose the most current scan.
    • Click the View button.
    • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
    • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
    • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

    To retrieve the Malwarebytes Anti-Malware 2.0 scan log information (Method 2)
    • Open Malwarebytes Anti-Malware.
    • Click the Scan Tab at the top.
    • Click the View detailed log link on the right.
    • Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
    • Alternatively, you can click Export and save the log as a .txt file on your Desktop or another location.
    • Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

    Logs are named by the date of scan in the following format: mbam-log-yyyy-mm-dd and automatically saved to the following locations:
    -- XP: C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd
    -- Vista, Windows 7/8: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-yyyy-mm-dd

    ~~~~~~~~~`

    What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.
    Most reliable and thorough.
    The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
    This scanner can take quite a bit of time to run, depending of course how full your computer is.


    ESET Online Scan
    Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.


    Please run a free online scan with the ESET Online Scanner

    US Link: http://www.eset.com/us/online-scanner/
    EU Link: http://www.eset.eu/online-scanner/

    Windows Vista/Windows 7/Windows 8 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator
    Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
    • Turn off the real time scanner of any existing antivirus program while performing the online scan.
    • Click the blue Run ESET Online Scanner button
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the program to install the "OnlineScanner.cab" activex control by clicking the Install button
    • Once the activex control is installed, on the next screen click on Enable detection of potentially unwanted applications
    • Click on Advanced Settings
    • Make sure that the option Remove found threats is unticked.
    • Ensure these options are ticked
      • Scan archives
      • Scan for potentially unsafe applications
      • Enable Anti-Stealth technology

    • Under "Current Scan Targets" > click "change" and ensure all your drives are selected
    • Click Start
    • Wait for the scan to finish
    • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
    • Save that text file on your desktop. Attach the log as a reply to your next reply..
    • Close the ESET online scan, and let me know how things are now.



    Please post both of these logs when finished.

    Also, please tell me how the computer is at the moment.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #7
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default

    Malwarebytes scan log -

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scan Date: 3/31/2015
    Scan Time: 7:35:50 PM
    Logfile:
    Administrator: Yes

    Version: 2.00.4.1028
    Malware Database: v2015.03.31.07
    Rootkit Database: v2015.03.31.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Sarah

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 390564
    Time Elapsed: 8 min, 25 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 0
    (No malicious items detected)

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 2
    PUP.Optional.Spigot.A, C:\Program Files\Vuze\spg.zip, Quarantined, [db384efeafdb72c429bf00d832cf6e92],
    PUP.Optional.Winsock.Hijack, C:\Windows\System32\plsapp64.dll, Quarantined, [37dcf75592f890a6d0be004d6f96b34d],

    Physical Sectors: 0
    (No malicious items detected)


    (end)

  8. #8
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default

    At the moment, my computer appears to be running normally. I am about to begin the ESET scan. I will post when it is finished. Thank you for your help!

  9. #9
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,804

    Default

    Good deal.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #10
    Junior Member
    Join Date
    Mar 2015
    Posts
    17

    Default ESET.txt

    ESET Scan Text file - 16 results found

    C:\Users\Sarah\Downloads\ccsetup321.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
    C:\Users\Sarah\Downloads\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Users\Sarah\Downloads\dfsetup217.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Users\Sarah\Downloads\epm.exe Win32/OpenCandy potentially unsafe application
    C:\Users\Sarah\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Users\Sarah\Downloads\spsetup123 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\ccsetup321.exe Win32/Bundled.Toolbar.Google.E potentially unsafe application
    D:\Downloads\ccsetup411.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\dfsetup217.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\epm.exe Win32/OpenCandy potentially unsafe application
    D:\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\spsetup123 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\spsetup126.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Pictures\Random internet pictures I love\Backgrounds\spsetup123.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •