Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-11-2014 01 Ran by Living Room (administrator) on LIVINGROOM-PC on 09-11-2014 00:03:04 Running from C:\Users\Living Room\Downloads Loaded Profile: Living Room (Available profiles: Living Room & Ad & Mcx1-LIVINGROOM-PC & Administrator) Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe (Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe (Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe (Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe () C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe (Nitro PDF Software) C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe (Samsung) C:\Program Files\SAMSUNG\Kies\Kies.exe (Skillbrains) C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe (Microsoft Corporation) C:\Windows\System32\Locator.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (Farbar) C:\Users\Living Room\Downloads\FRST(1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2471448 2013-12-21] () HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2368736 2014-06-03] (Microsoft Corp.) HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [296520 2014-03-19] (RealNetworks, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3593744 2014-09-05] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] () HKLM Group Policy restriction on software: *.ppt.scr <====== ATTENTION HKLM Group Policy restriction on software: *.doc.com <====== ATTENTION HKLM Group Policy restriction on software: *.zip.com <====== ATTENTION HKLM Group Policy restriction on software: *.docx.scr <====== ATTENTION HKLM Group Policy restriction on software: *.7z.com <====== ATTENTION HKLM Group Policy restriction on software: *.doc.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pub.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp3.com <====== ATTENTION HKLM Group Policy restriction on software: *.wma.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls.exe <====== ATTENTION HKLM Group Policy restriction on software: *.7z.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pptx.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.txt.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.7z.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.avi.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wmv.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp3.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rar.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rtf.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.pptx.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpg.scr <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.rtf.pif <====== ATTENTION HKLM Group Policy restriction on software: *.zip.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg.com <====== ATTENTION HKLM Group Policy restriction on software: *.pptx.com <====== ATTENTION HKLM Group Policy restriction on software: *.avi.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpg.com <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx.pif <====== ATTENTION HKLM Group Policy restriction on software: *.avi.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pptx.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp4.pif <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wav.com <====== ATTENTION HKLM Group Policy restriction on software: *.pdf.scr <====== ATTENTION HKLM Group Policy restriction on software: *.png.exe <====== ATTENTION HKLM Group Policy restriction on software: *.docx.pif <====== ATTENTION HKLM Group Policy restriction on software: *.gif.pif <====== ATTENTION HKLM Group Policy restriction on software: *.docx.exe <====== ATTENTION HKLM Group Policy restriction on software: *.gif.com <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx.exe <====== ATTENTION HKLM Group Policy restriction on software: *.bmp.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.divx.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pdf.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.ppt.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav.exe <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rtf.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *‮* <====== ATTENTION HKLM Group Policy restriction on software: *.pub.com <====== ATTENTION HKLM Group Policy restriction on software: *.avi.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx.pif <====== ATTENTION HKLM Group Policy restriction on software: *.mp4.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.txt.pif <====== ATTENTION HKLM Group Policy restriction on software: *.doc.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.ppt.pif <====== ATTENTION HKLM Group Policy restriction on software: *.7z.exe <====== ATTENTION HKLM Group Policy restriction on software: *.mp3.scr <====== ATTENTION HKLM Group Policy restriction on software: *.gif.exe <====== ATTENTION HKLM Group Policy restriction on software: *.rtf.com <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg.pif <====== ATTENTION HKLM Group Policy restriction on software: *.png.pif <====== ATTENTION HKLM Group Policy restriction on software: *.txt.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.zip.exe <====== ATTENTION HKLM Group Policy restriction on software: *.xls.pif <====== ATTENTION HKLM Group Policy restriction on software: *.ppt.exe <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.txt.scr <====== ATTENTION HKLM Group Policy restriction on software: *.bmp.pif <====== ATTENTION HKLM Group Policy restriction on software: *.zip.scr <====== ATTENTION HKLM Group Policy restriction on software: *.docx.com <====== ATTENTION HKLM Group Policy restriction on software: *.pdf.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wmv.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wmv.pif <====== ATTENTION HKLM Group Policy restriction on software: *.wma.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar.exe <====== ATTENTION HKLM Group Policy restriction on software: *.pub.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.rar.scr <====== ATTENTION HKLM Group Policy restriction on software: *.xls.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wma.scr <====== ATTENTION HKLM Group Policy restriction on software: *.png.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp4.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.bmp.exe <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.doc.pif <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp4.scr <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.jpg.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg.scr <====== ATTENTION HKLM Group Policy restriction on software: *.wma.exe <====== ATTENTION HKLM Group Policy restriction on software: *.wmv.com <====== ATTENTION HKLM Group Policy restriction on software: *.wav.pif <====== ATTENTION HKLM Group Policy restriction on software: *.rar.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\*.scr <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.jpg.pif <====== ATTENTION HKLM Group Policy restriction on software: *.pdf.com <====== ATTENTION HKLM Group Policy restriction on software: *.png.com <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\*.com <====== ATTENTION HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *.gif.scr <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.jpeg.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\*.com <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*\*.exe <====== ATTENTION HKLM Group Policy restriction on software: *.divx.com <====== ATTENTION HKLM Group Policy restriction on software: C:\Users\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.bmp.com <====== ATTENTION HKLM Group Policy restriction on software: *.pub.pif <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <====== ATTENTION HKLM Group Policy restriction on software: *.xlsx.scr <====== ATTENTION HKLM Group Policy restriction on software: *.mp3.exe <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*.scr <====== ATTENTION HKLM Group Policy restriction on software: *:\$Recycle.Bin\*\*\*.pif <====== ATTENTION HKLM Group Policy restriction on software: *.xls.com <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\spotify\spotify.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\spotify\spotify.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\spotify\spotifylauncher.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\spotify\spotify.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\Local\spotify\spotifylauncher.exe <====== ATTENTION HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\spotify\spotifylauncher.exe <====== ATTENTION HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Run: [LightShot] => C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] () HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung) HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-29] (Piriform Ltd) HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0A32E1B72A7FCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-21828565-3005677120-1819634571-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={3676D089-D678-4B66-9CA8-EB83DE303D18}&mid=d162516e7ece47d6853fd16b2e84a5ca-9a17500a96d428a5cdb8b2643968b9a928fc107f&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2013-12-21 08:24:58&v=17.2.0.38&pid=safeguard&sg=&sap=dsp&q={searchTerms} BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\17.2.0.38\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File Handler: linkscanner - No CLSID Value - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (AVG Secure Search) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515 FF NewTab: about:blank FF Homepage: https://www.google.com/?gws_rd=ssl FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_9&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll (AVG Technologies) FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> C:\Program Files\Virtual Earth 3D\ () FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF) FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @real.com/nppl3260;version=17.0.6.13 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=17.0.6 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=17.0.6.13 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @nsroblox.roblox.com/launcher -> C:\Users\Living Room\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy.dll ( ROBLOX Corporation) FF Plugin HKCU: @nsroblox.roblox.com/launcher64 -> C:\Users\Living Room\AppData\Local\Roblox\Versions\version-d65566343374484f\\NPRobloxProxy64.dll ( ROBLOX Corporation) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Living Room\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud) FF SearchPlugin: C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\searchplugins\securesearch.xml FF SearchPlugin: C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\searchplugins\web-search.xml FF Extension: Play Pickle TextLinks - C:\Users\Living Room\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@plpickle.com [2011-09-19] FF Extension: No Name - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\t0hqx41u.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-10-18] FF Extension: 1-Click YouTube Video Downloader - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2014-08-18] FF Extension: Greasemonkey - C:\Users\Living Room\AppData\Roaming\Mozilla\Firefox\Profiles\w2rz5yk8.default-1408303769515\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-08-19] FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-10-30] FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG2012\Firefox4 FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-03-08] FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38 FF Extension: No Name - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38 [2013-12-21] FF HKLM\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-19] FF Extension: No Name - {8E8D8D12-A43B-4289-994D-DF2C7C0EF736} [Not Found] Chrome: ======= CHR Profile: C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-09] CHR Extension: (Google Docs) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-09] CHR Extension: (Google Drive) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-09] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06] CHR Extension: (YouTube) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-09] CHR Extension: (Google Search) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-09] CHR Extension: (Google Sheets) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-09] CHR Extension: (RealPlayer Downloader) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-30] CHR Extension: (Google Wallet) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-06] CHR Extension: (Gmail) - C:\Users\Living Room\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-09] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-02-12] CHR HKLM\...\Chrome\Extension: [joflpaafchojilpbjjbebljnikhkdhgf] - C:\ProgramData\wxDfast\joflpaafchojilpbjjbebljnikhkdhgf.crx [2014-02-12] CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.2.0.38\avg.crx [2014-02-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4816568 2014-10-19] (Emsisoft GmbH) R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3364368 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [293448 2014-09-05] (AVG Technologies CZ, s.r.o.) R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173792 2014-06-03] (Microsoft Corp.) S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915784 2014-09-16] (NVIDIA Corporation) R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] () S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151232 2013-12-02] (IObit) R2 McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [319488 2011-06-30] (Alcatel-Lucent) [File not signed] R2 Motorola Device Manager; C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [120728 2012-10-23] () R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed] R2 NitroReaderDriverReadSpool3; C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [196624 2012-10-30] (Nitro PDF Software) R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18044744 2014-09-16] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files\Overwolf\OverwolfUpdater.exe [997664 2014-10-22] (Overwolf LTD) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed] R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] () S2 RealPlayer Cloud Service; c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-03-19] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-12] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-10-17] (Emsisoft GmbH) R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2014-10-17] (Emsisoft GmbH) R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2014-10-17] (Emsisoft GmbH) R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [18552 2014-10-17] (Emsisoft GmbH) S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1564160 2010-10-11] (Atheros Communications, Inc.) [File not signed] R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [204056 2014-07-24] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [193304 2014-08-20] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [199448 2014-07-02] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-05-13] (BlueStack Systems) S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [49904 2010-06-01] (Avanquest Software) [File not signed] S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2014-10-17] (Emsisoft GmbH) S3 D-Vitec; C:\Windows\System32\DRIVERS\dvitdcnt.sys [281344 2012-07-26] (D-vitec) R3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [20992 2006-11-02] (Microsoft Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-29] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [32928 2014-09-04] (NVIDIA Corporation) R3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [16384 2003-01-10] (Primax Electronics Ltd.) R3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [9216 2003-02-11] (Primax Electronics Ltd.) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.) R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation) R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation) R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation) S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [106752 2011-01-13] (ZTE Incorporated) S3 catchme; \??\C:\Users\LIVING~1\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-09 00:03 - 2014-11-09 00:03 - 05194752 _____ (AVAST Software) C:\Users\Living Room\Desktop\aswmbr.exe 2014-11-09 00:03 - 2014-11-09 00:03 - 00039250 _____ () C:\Users\Living Room\Downloads\FRST.txt 2014-11-09 00:01 - 2014-11-09 00:01 - 01107968 _____ (Farbar) C:\Users\Living Room\Downloads\FRST(1).exe 2014-11-08 16:08 - 2014-11-08 16:08 - 00000112 _____ () C:\Windows\setupact.log 2014-11-08 16:08 - 2014-11-08 16:08 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-01 12:22 - 2014-11-01 12:50 - 00000000 ____D () C:\Users\Living Room\Desktop\Antivirus stuff 2014-11-01 11:41 - 2014-11-01 11:41 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-01 10:55 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-11-01 10:34 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-11-01 10:34 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-11-01 10:34 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-11-01 10:34 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-01 10:18 - 2014-11-01 10:18 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-01 10:18 - 2014-11-01 10:18 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-11-01 10:18 - 2014-11-01 10:18 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-11-01 10:18 - 2014-11-01 10:18 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-11-01 10:18 - 2014-11-01 10:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-11-01 10:18 - 2014-11-01 10:18 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-11-01 10:18 - 2014-11-01 10:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-01 10:13 - 2014-10-09 20:44 - 00396288 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-01 10:13 - 2014-10-09 20:44 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-01 10:13 - 2014-10-09 20:39 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-01 10:12 - 2014-07-16 20:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-11-01 10:12 - 2014-07-16 20:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-01 10:12 - 2014-07-16 20:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-11-01 10:12 - 2014-07-16 20:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-11-01 10:12 - 2014-07-16 20:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-01 10:12 - 2014-07-16 20:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-01 10:12 - 2014-07-16 20:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-11-01 10:12 - 2014-07-16 20:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-11-01 10:12 - 2014-07-06 20:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-01 10:12 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-01 10:12 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-01 10:12 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-01 10:12 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-01 10:12 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-01 10:12 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-11-01 10:12 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-11-01 10:12 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-11-01 10:12 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-11-01 10:12 - 2014-02-03 21:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-11-01 10:11 - 2014-09-17 20:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-01 10:11 - 2014-08-28 20:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-11-01 10:11 - 2014-06-03 04:30 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-11-01 10:11 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-11-01 10:11 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-11-01 10:10 - 2014-09-04 20:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-11-01 10:10 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-11-01 10:10 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-11-01 10:10 - 2014-02-03 21:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-11-01 10:10 - 2014-02-03 21:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-11-01 10:10 - 2014-02-03 21:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-11-01 10:10 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-11-01 10:10 - 2014-01-28 21:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-11-01 10:09 - 2014-09-24 20:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-11-01 10:09 - 2014-08-22 20:46 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-11-01 10:09 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-11-01 10:09 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-11-01 10:09 - 2014-05-30 01:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-11-01 10:09 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-11-01 10:09 - 2014-04-04 21:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-11-01 10:09 - 2014-04-04 21:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-11-01 10:09 - 2014-03-04 04:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-11-01 10:08 - 2014-09-28 19:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-01 10:08 - 2014-09-12 20:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-01 10:08 - 2014-09-09 16:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-11-01 10:08 - 2014-09-04 00:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-11-01 10:08 - 2014-07-13 20:42 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-11-01 10:08 - 2014-06-18 17:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-11-01 10:08 - 2014-06-18 17:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-11-01 10:08 - 2014-06-18 17:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-11-01 10:08 - 2014-06-15 20:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-11-01 10:08 - 2014-06-15 20:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2014-11-01 10:08 - 2014-06-15 20:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2014-11-01 10:08 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-11-01 10:08 - 2014-04-11 21:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-01 10:08 - 2014-04-11 21:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-11-01 10:08 - 2014-04-11 21:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-11-01 10:08 - 2014-04-11 21:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-11-01 10:08 - 2014-04-11 21:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-11-01 10:08 - 2014-04-11 21:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-11-01 10:08 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-11-01 10:08 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-01 10:08 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-11-01 10:08 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-01 10:08 - 2014-01-27 21:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-11-01 10:08 - 2014-01-23 21:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-11-01 10:07 - 2014-05-08 04:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-11-01 09:50 - 2014-07-02 12:39 - 00609240 _____ (NVIDIA Corporation) C:\Windows\system32\nvStreaming.exe 2014-11-01 09:47 - 2014-07-02 15:54 - 24198088 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 15296456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 11283344 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 11222048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 10681176 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-11-01 09:47 - 2014-07-02 15:54 - 03988952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 00907096 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR.dll 2014-11-01 09:47 - 2014-07-02 15:54 - 00869152 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC.dll 2014-11-01 09:43 - 2014-09-04 14:14 - 00032928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys 2014-10-31 11:30 - 2014-10-31 10:51 - 509253745 _____ () C:\Users\Living Room\Downloads\Freddy vs Jason - YouTube.mp4 2014-10-31 11:30 - 2014-10-30 20:51 - 721148167 _____ () C:\Users\Living Room\Downloads\BEETLEJUICE (1988) - Watch Online For Free on TubePlus.mp4 2014-10-31 11:04 - 2014-10-31 10:51 - 132418310 _____ () C:\Users\Living Room\Desktop\clip0072.avi 2014-10-31 10:50 - 2014-10-31 10:51 - 132418310 _____ () C:\Users\Living Room\Documents\clip0072.avi 2014-10-30 14:29 - 2014-11-07 09:35 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-10-27 17:12 - 2014-10-27 17:12 - 00000115 _____ () C:\Users\Living Room\Desktop\Munzee game map.url 2014-10-24 09:30 - 2014-10-24 09:30 - 00638832 _____ (ROBLOX Corporation) C:\Users\Living Room\Downloads\RobloxPlayerLauncher.exe 2014-10-23 21:56 - 2014-10-23 21:56 - 00000000 ____D () C:\Users\Living Room\Desktop\Camera 10232014 2014-10-23 21:56 - 2014-10-23 07:47 - 00029900 ____N () C:\Users\Living Room\Desktop\IMG_13714951272100.jpeg 2014-10-23 21:47 - 2014-10-23 21:47 - 07763874 _____ () C:\Users\Living Room\Desktop\VID_20141023_224651.3gp 2014-10-23 21:45 - 2014-10-23 21:45 - 28059953 _____ () C:\Users\Living Room\Desktop\VID_20141023_224248.3gp 2014-10-20 10:23 - 2014-10-20 10:23 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\flrhhpx.sys 2014-10-18 20:16 - 2014-10-18 20:16 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\Lavasoft 2014-10-18 20:13 - 2014-10-18 20:38 - 00000000 ____D () C:\Users\Living Room\AppData\Local\adawarebp 2014-10-18 19:12 - 2014-10-18 19:12 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Lavasoft 2014-10-18 19:11 - 2014-10-18 19:11 - 01753736 _____ () C:\Users\Administrator\Downloads\Adaware_Installer(1).exe 2014-10-18 19:10 - 2014-10-18 19:10 - 00001077 _____ () C:\Users\Administrator\Desktop\Mozilla Firefox (2).lnk 2014-10-18 18:32 - 2014-10-18 18:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Eraser 6 2014-10-18 00:38 - 2014-10-18 00:38 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\LavasoftStatistics 2014-10-18 00:38 - 2014-10-18 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2014-10-18 00:37 - 2014-11-04 14:33 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection 2014-10-18 00:37 - 2014-10-18 00:37 - 00000000 ____D () C:\Users\Administrator\AppData\Local\adawarebp 2014-10-18 00:36 - 2014-10-18 00:36 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\SecureSearch 2014-10-18 00:35 - 2014-11-01 09:59 - 00000000 ____D () C:\Program Files\Lavasoft 2014-10-18 00:34 - 2014-10-18 00:34 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-10-18 00:26 - 2014-10-18 00:28 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA Corporation 2014-10-18 00:26 - 2014-10-18 00:26 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\AVG2015 2014-10-18 00:26 - 2014-10-18 00:26 - 00000000 ____D () C:\Users\Administrator\AppData\Local\NVIDIA 2014-10-18 00:18 - 2014-10-18 00:31 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Avg2015 2014-10-18 00:17 - 2014-10-18 00:17 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-10-18 00:16 - 2014-10-18 00:16 - 01753736 _____ () C:\Users\Administrator\Downloads\Adaware_Installer.exe 2014-10-17 23:18 - 2014-10-17 23:19 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Living Room\Downloads\mbam-setup-2.0.3.1025.exe 2014-10-17 22:38 - 2014-10-17 22:38 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\AVG2015 2014-10-17 22:33 - 2014-10-17 22:36 - 00000000 ____D () C:\ProgramData\AVG2015 2014-10-17 21:44 - 2014-10-19 09:16 - 00000000 ____D () C:\Users\Living Room\AppData\Local\Avg2015 2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____D () C:\Users\Living Room\Documents\Optimizer Pro 2014-10-16 15:32 - 2014-10-16 15:33 - 05935080 _____ (PC Utilities Software Limited ) C:\Users\Living Room\Downloads\OptimizerPro.exe 2014-10-16 11:20 - 2014-10-16 11:20 - 00000015 _____ () C:\Users\Living Room\Desktop\Bobs Library card card.txt 2014-10-15 23:50 - 2014-10-15 23:50 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-15 23:50 - 2014-10-15 23:50 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-15 23:50 - 2014-10-15 23:50 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-15 23:50 - 2014-10-15 23:50 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-15 23:50 - 2014-10-15 23:50 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-12 14:27 - 2014-10-17 21:41 - 00000000 ____D () C:\Users\Living Room\AppData\Local\Adobe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-09 00:03 - 2013-12-22 12:34 - 00000000 ____D () C:\FRST 2014-11-08 23:54 - 2014-01-16 11:49 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-08 23:52 - 2011-03-22 09:06 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-08 23:09 - 2012-03-23 08:27 - 00000388 _____ () C:\Windows\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job 2014-11-08 22:57 - 2012-03-23 08:27 - 00000388 _____ () C:\Windows\Tasks\update-sys.job 2014-11-08 22:10 - 2014-01-16 11:23 - 01325226 _____ () C:\Windows\WindowsUpdate.log 2014-11-08 17:10 - 2012-01-17 23:35 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\.minecraft 2014-11-08 16:00 - 2013-01-08 18:47 - 00000000 ____D () C:\Users\Living Room\AppData\Local\CrashDumps 2014-11-08 15:19 - 2011-03-07 07:01 - 00000000 ____D () C:\ProgramData\MFAData 2014-11-08 09:52 - 2011-03-22 09:06 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-07 09:35 - 2014-08-20 12:46 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-06 22:53 - 2011-03-06 19:50 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 22:44 - 2012-10-22 20:15 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\Media Player Classic 2014-11-04 17:55 - 2013-07-07 12:56 - 00000000 ____D () C:\Users\Living Room\Desktop\Bobs stuff 2014-11-04 14:42 - 2009-07-13 23:34 - 00026144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-04 14:42 - 2009-07-13 23:34 - 00026144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-04 14:33 - 2013-12-09 21:40 - 00000000 ____D () C:\ProgramData\ProductData 2014-11-04 14:32 - 2012-07-04 13:14 - 00000000 ____D () C:\Temp 2014-11-04 14:32 - 2012-01-09 15:18 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware 2014-11-04 14:32 - 2011-03-08 03:19 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-11-04 14:32 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-02 19:02 - 2011-05-29 11:46 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\vlc 2014-11-02 00:48 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache 2014-11-01 22:23 - 2011-03-06 22:00 - 00000000 ____D () C:\Windows\Panther 2014-11-01 13:03 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-01 11:53 - 2013-03-16 00:15 - 00000632 __RSH () C:\Users\Living Room\ntuser.pol 2014-11-01 11:53 - 2011-05-15 20:54 - 00000000 ___RD () C:\Users\Living Room\Virtual Machines 2014-11-01 11:53 - 2011-03-06 19:47 - 00000000 ____D () C:\Users\Living Room 2014-11-01 11:45 - 2014-02-11 19:45 - 00317144 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-01 11:45 - 2011-10-02 08:16 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-11-01 11:41 - 2009-07-14 02:50 - 00000000 ____D () C:\Program Files\Windows Journal 2014-11-01 10:46 - 2013-12-18 22:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-01 10:31 - 2011-10-02 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-11-01 09:50 - 2012-12-01 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-11-01 09:50 - 2011-03-07 23:48 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-11-01 09:45 - 2014-07-17 08:26 - 00000000 ____D () C:\Users\Living Room\AppData\Local\NVIDIA Corporation 2014-11-01 09:36 - 2014-07-15 07:02 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-29 19:08 - 2014-09-28 20:03 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-29 15:51 - 2012-02-20 21:08 - 00055605 _____ () C:\Windows\system32\avgrep.txt 2014-10-27 15:16 - 2014-06-02 15:16 - 00000000 ____D () C:\Program Files\Overwolf 2014-10-27 15:16 - 2014-06-02 15:16 - 00000000 ____D () C:\Program Files\Common Files\Overwolf 2014-10-24 09:35 - 2014-02-16 12:48 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2014-10-18 20:03 - 2013-07-04 02:13 - 00000000 ____D () C:\Users\Administrator\AppData\Local\CrashDumps 2014-10-18 15:16 - 2013-07-29 06:12 - 00001241 _____ () C:\Users\Administrator\Desktop\ROBLOX Player.lnk 2014-10-18 15:16 - 2013-07-29 06:12 - 00001060 _____ () C:\Users\Administrator\Desktop\ROBLOX Studio 2013.lnk 2014-10-18 15:16 - 2013-07-29 06:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox 2014-10-18 15:16 - 2009-07-13 21:04 - 00000430 _____ () C:\Windows\win.ini 2014-10-18 00:38 - 2011-03-08 06:10 - 00000000 ____D () C:\ProgramData\Adobe 2014-10-18 00:17 - 2013-06-06 08:07 - 00073600 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-17 23:20 - 2014-09-28 20:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2014-10-17 22:39 - 2011-03-07 07:06 - 00000000 ____D () C:\Program Files\AVG 2014-10-17 22:38 - 2014-08-22 16:37 - 00000000 ___HD () C:\$AVG 2014-10-17 22:38 - 2014-08-22 16:37 - 00000000 ____D () C:\ProgramData\AVG2014 2014-10-17 22:37 - 2014-08-22 16:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-10-17 21:41 - 2014-01-16 11:49 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-10-17 21:41 - 2014-01-16 11:49 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-10-15 23:50 - 2013-10-21 10:55 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-15 23:24 - 2011-12-03 19:10 - 00000000 ____D () C:\Users\Living Room\AppData\Roaming\Audacity 2014-10-15 14:52 - 2012-10-24 04:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-11 22:10 - 2014-09-17 19:43 - 00000224 _____ () C:\Users\Living Room\Desktop\Min worshop for Hivers for Thor.txt Files to move or delete: ==================== C:\Users\Ad\jagex_cl_runescape_LIVE.dat C:\Users\Living Room\jagex_cl_loginapplet_LIVE.dat C:\Users\Living Room\jagex_cl_runescape_LIVE.dat C:\Users\Living Room\jagex_cl_runescape_LIVE1.dat C:\Users\Living Room\random.dat Some content of TEMP: ==================== C:\Users\Administrator\AppData\Local\temp\9a7bd64a-3795-4189-87a0-f93eb25a1d40.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-05 00:16 ==================== End Of Log ============================