Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 running so slowly it appears to be hung up


  • Please log in to reply

#31
faithnhope77

faithnhope77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

That's all really good information. Thanks.  I guess I somehow didn't realize that Avast was active all the time unless you paid for it and since our Norton was free that is how we made that decision.  I will switch over this afternoon and send you that log in the morning. 

 

I forgot about process explorer.  Service Host didn't go above 3rd highest while at idle (and it was like 0.97%).  Idle Time and process explorer were highest and there was lots of process movement. 

 

My last question at this point is, I have a bunch of programs saved onto my desktop that I assume I won't be needing after this?  This may be premature as you haven't indicated we are done, but my system is running vastly better already.  VIPRErescue, SuperAntiSpyware, Process Explorer, spsetup, OTL, Grant Perms, Hosts Expert, Malware Bytes, AdwCleaner, CCleaner.  I don't want to keep or use these ignorantly.  I usually use CCleaner, Malware Bytes and AdwCleaner on a maintenance basis. Does that sound right? 


  • 0

Advertisements


#32
faithnhope77

faithnhope77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Good morning!  So I switched to Avast last night.  Thanks again very much for the info on that.  The link for the Symantec remover was page not found.  When I searched the Norton site, I found a Symantec Endpoint something but didn't want to download that without verifying with you first.  Avast ran its boot scan last night and this morning.  Of course I can't find the log anywhere! I tried searching for it by modification date even and couldn't find a .txt file anywhere, some BAK and DAT and others but no TXT.  I took a screenshot but of course I can't paste it into this post.  Not feeling really productive this morning.  sorry!! ok, I attached the screen shot.

 

Attached Thumbnails

  • avast screen shot.jpg

  • 0

#33
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Looks like it found one that we didn't so worth the trouble.

 

The Norton removal tool link works when I click on it so I expect you tried to copy and paste it.  The forum software likes to shorten URLs in the display for some reason.  The actual path is:

ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Could I see a new Process Explorer log?

 

How is it running now?


  • 0

#34
faithnhope77

faithnhope77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

Ok, so maybe I didn't do as badly as I thought.  I got the Norton Removal tool and removed Norton.  For some reason, I thought Symantec Remover was a second removal tool that I needed to use.  My computer is running great again!  Thank you so much!  I am a bit confused as to the abrupt onset of my problems if this was caused by the Host Service, unless it was that other virus that Avast handled. And here is a new Process Explorer log:

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 78.15 0 K 24 K 0   
procexp64.exe 11.30 28,352 K 51,820 K 3460 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
iexplore.exe 2.32 109,616 K 135,824 K 5668 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 2.25 32,624 K 32,640 K 1324 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 1.93 0 K 0 K n/a Hardware Interrupts and DPCs  
csrss.exe 1.21 2,720 K 6,220 K 532 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
System 0.65 212 K 4,440 K 4   
NOBuAgent.exe 0.47 2,416 K 5,420 K 2524 Norton Online Backup Service Symantec Corporation (Verified) Symantec Corporation
svchost.exe 0.28 4,368 K 8,656 K 752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HOSTS_Anti-Adware_main.exe 0.25 2,852 K 7,092 K 2880 HOSTS Anti-PUPs/Adwares  (No signature was present in the subject)
netsession_win.exe 0.24 7,748 K 15,400 K 5540 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai NetSession Client
CLMSService.exe 0.14 2,740 K 1,424 K 4700 CLMSService CyberLink (Verified) CyberLink
SearchIndexer.exe 0.12 45,388 K 34,432 K 1444 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
CCC.exe 0.10 104,388 K 22,160 K 4108 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
iexplore.exe 0.09 14,512 K 36,496 K 4208 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.08 38,096 K 57,132 K 1376 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 0.07 2,364 K 6,604 K 4320 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
svchost.exe 0.06 7,968 K 15,876 K 4364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avastui.exe 0.05 15,440 K 23,756 K 2904 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
mDNSResponder.exe 0.03 2,164 K 5,400 K 1436 Bonjour Service Apple Inc. (Verified) Apple Inc.
MOM.exe 0.03 38,856 K 5,784 K 5076 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
AvastSvc.exe 0.03 59,564 K 41,000 K 1192 avast! Service AVAST Software (Verified) AVAST Software a.s.
NOBuClient.exe 0.03 2,780 K 6,016 K 2812 Norton Online Backup Service Symantec Corporation (Verified) Symantec Corporation
audiodg.exe 0.02 18,720 K 17,240 K 1184 Windows Audio Device Graph Isolation  Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 33,084 K 47,364 K 340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
GoogleToolbarUser_32.exe 0.01 5,424 K 11,592 K 2392 Google Toolbar Broker Google Inc. (Verified) Google Inc
svchost.exe 0.01 14,460 K 22,328 K 272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 13,424 K 15,416 K 1096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 5,580 K 9,112 K 840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 8,512 K 13,864 K 1984 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SASCore64.exe 0.01 1,364 K 3,664 K 1688 Core Service SUPERAntiSpyware.com (Verified) SUPERAntiSpyware.com
AppleMobileDeviceService.exe 0.01 3,016 K 8,740 K 1792 MobileDeviceService Apple Inc. (Verified) Apple Inc.
csrss.exe 0.01 2,168 K 4,600 K 452 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 0.01 8,740 K 14,940 K 1536 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.01 6,232 K 14,072 K 644 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 12,556 K 15,888 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe < 0.01 2,748 K 4,268 K 652 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe < 0.01 2,568 K 8,172 K 5316 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 133,164 K 142,336 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 3,628 K 11,100 K 3040 iTunesHelper Apple Inc. (Verified) Apple Inc.
netsession_win.exe < 0.01 3,060 K 8,344 K 5524 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai NetSession Client
AvastVBoxSVC.exe < 0.01 4,388 K 11,048 K 4016 AvastVirtualBox Interface Avast Software (Verified) AVAST Software a.s.
ScanToPCActivationApp.exe < 0.01 4,740 K 12,148 K 2188 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
HPNetworkCommunicator.exe < 0.01 3,792 K 8,168 K 3144 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
PhotoshopElementsFileAgent.exe < 0.01 2,400 K 1,508 K 1708 Adobe Photoshop Elements 9.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
wuauclt.exe  1,984 K 6,484 K 2640 Windows Update Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe  17,412 K 13,852 K 4472 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  8,636 K 16,604 K 3096 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  2,472 K 6,112 K 4824 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  2,856 K 6,904 K 596 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,460 K 4,240 K 540 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
UpdaterService.exe  1,128 K 3,720 K 1832 Updater Service Acer Incorporated (Verified) Acer Incorporated
unsecapp.exe  1,804 K 5,676 K 4924 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe  2,156 K 5,964 K 2052 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  13,984 K 16,664 K 1576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  23,440 K 23,660 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  4,584 K 8,456 K 2696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,444 K 5,792 K 4400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SuiteTray.exe  1,392 K 4,732 K 2068 SuiteTray Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
smss.exe  452 K 1,088 K 328 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe  7,536 K 10,792 K 636 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe  2,664 K 6,424 K 2680 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe  10,960 K 10,832 K 2156 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe  2,224 K 7,088 K 2408 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe  28,660 K 22,376 K 5396 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Windows
PmmUpdate.exe  30,664 K 36,132 K 1276 PMM Update Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
ngservice.exe  1,164 K 3,376 K 4792 avast! NG service AVAST Software (Verified) AVAST Software a.s.
NASvc.exe  1,928 K 5,776 K 3952 NeroUpdate Nero AG (Verified) Nero AG
MsSpellCheckingFacility.exe  3,244 K 8,308 K 1072 Microsoft Spell Checking Facility Microsoft Corporation (Verified) Microsoft Windows
IntuitUpdateService.exe  20,836 K 1,832 K 5848 Intuit Update Service Intuit Inc. (Verified) Intuit
hpwuschd2.exe  948 K 3,440 K 2496 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HotkeyUtility.exe  7,260 K 10,480 K 2864 Hotkey Utility  (Verified) Acer Incorporated
GREGsvc.exe  984 K 3,316 K 1032 Global Registration Service Acer Incorporated (Verified) Acer Incorporated
GoogleCrashHandler64.exe  1,680 K 528 K 1232 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe  1,508 K 528 K 1256 Google Crash Handler Google Inc. (Verified) Google Inc
EgisUpdate.exe  2,876 K 7,260 K 3300 EgisUpdate Release Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
DMREngine.exe  3,976 K 2,288 K 2360 DMREngine CyberLink (Verified) CyberLink
dllhost.exe  2,340 K 7,052 K 5916 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
Connect.Service.ContentService.exe  20,716 K 25,672 K 1924 Service  (Verified) Autodesk
cmd.exe  2,172 K 3,420 K 3900 Windows Command Processor Microsoft Corporation (Verified) Microsoft Windows
clear.fiMovieService.exe  3,860 K 8,000 K 2776 clear.fi Movie Resident Program CyberLink Corp. (Verified) CyberLink
clear.fiAgent.exe  2,448 K 716 K 2132 clear.fi Resident Program CyberLink Corp. (Verified) CyberLink
atiesrxx.exe  1,420 K 4,140 K 920 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe  2,152 K 6,104 K 1308 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe  1,188 K 3,816 K 1764 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AdobeARM.exe  3,692 K 12,584 K 2964 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems


  • 0

#35
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Might have been the hosts file since that's all we really changed.  

 

Let's run SFC to make sure things are good.

 

 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
IF SFC does not complain that it couldn't fix all of the files then you can skip the above.
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.

  • 0

#36
faithnhope77

faithnhope77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

The windows SFC report corrupt files found and repaired.

 

The VEW system log:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/12/2014 4:14:30 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/12/2014 11:16:00 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load:  AFS

Log: 'System' Date/Time: 17/12/2014 11:15:36 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HOSTS Anti-PUPs service failed to start due to the following error:  The system cannot find the file specified.

Log: 'System' Date/Time: 17/12/2014 11:14:28 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/12/2014 11:15:29 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.


  • 0

#37
faithnhope77

faithnhope77

    Member

  • Topic Starter
  • Member
  • PipPip
  • 69 posts

And the VEW Application log:

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/12/2014 4:21:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/12/2014 11:16:01 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#38
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Let's run FRST so I can see who the anti-pup service belongs to:

 

 
Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. (You need the 64 bit version) If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
  •  
     
    You need to update the AFS.SYS  driver.  This is Audio File System I think so look on your Acer support site and see if they have a new audio driver for you.
     
     
    I just remember you were out of space so that might have been the problem too. Did you ever get defrag to run?

    • 0

    #39
    faithnhope77

    faithnhope77

      Member

    • Topic Starter
    • Member
    • PipPip
    • 69 posts

    FRST Log:

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
    Ran by Harris Home (administrator) on HARRISHOME-PC on 17-12-2014 17:41:34
    Running from C:\Users\Harris Home\Desktop
    Loaded Profile: Harris Home (Available profiles: Harris Home)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-10] ()
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
    HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-03-28] ()
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
    HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\RunOnce: [Adobe Speed Launcher] => 1418858155
    HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
    ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL =
    SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {F11DDC78-AB64-46AA-8F80-F9122ECA7A5D} URL = http://search.whites...am={SearchTerms}
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Harris Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
    CHR Extension: (AdBlock) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-31]
    CHR Extension: (Avast Online Security) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-16]
    CHR Extension: (Google Wallet) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [aaaaichncbpejfjililmiahnkdmfggff] - C:\Users\Harris Home\AppData\Local\catalinagroupltdmoviestoolbarha\GC\toolbar.crx [2013-09-10]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-16] (Avast Software)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
    S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2013-02-05] (Oak Technology Inc.) [File not signed]
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-16] (Avast Software)
    S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
    S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
    S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
    S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 17:41 - 2014-12-17 17:42 - 00020439 _____ () C:\Users\Harris Home\Desktop\FRST.txt
    2014-12-17 17:41 - 2014-12-17 17:41 - 00000000 ____D () C:\FRST
    2014-12-17 17:39 - 2014-12-17 17:39 - 02121216 _____ (Farbar) C:\Users\Harris Home\Desktop\FRST64.exe
    2014-12-17 16:14 - 2014-12-17 16:21 - 00000913 _____ () C:\VEW.txt
    2014-12-17 16:12 - 2014-12-17 16:12 - 00061440 _____ ( ) C:\Users\Harris Home\Desktop\VEW.exe
    2014-12-17 14:20 - 2014-12-17 14:20 - 00009972 _____ () C:\Users\Harris Home\Desktop\System Idle Process 1.TXT
    2014-12-16 19:55 - 2014-12-16 19:55 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-55-49.019-aswFe.exe-4176.log
    2014-12-16 19:55 - 2014-12-16 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-55-42.085-AvastVBoxSVC.exe-4852.log
    2014-12-16 19:47 - 2014-12-16 19:47 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-47-53.019-aswFe.exe-5580.log
    2014-12-16 19:47 - 2014-12-16 19:47 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-47-46.041-AvastVBoxSVC.exe-3580.log
    2014-12-16 19:37 - 2014-12-16 19:37 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-37-55.019-aswFe.exe-3740.log
    2014-12-16 19:35 - 2014-12-16 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-35-00.065-aswFe.exe-5108.log
    2014-12-16 19:34 - 2014-12-16 19:34 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-34-53.079-AvastVBoxSVC.exe-4784.log
    2014-12-16 19:25 - 2014-12-16 19:25 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\AVAST Software
    2014-12-16 19:24 - 2014-12-16 19:24 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\system32\vbox
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-16 19:23 - 2014-12-17 12:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-16 19:23 - 2014-12-16 19:23 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-16 19:23 - 2014-12-16 19:23 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-16 19:23 - 2014-12-16 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-16 19:21 - 2014-12-16 19:21 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-16 18:59 - 2014-12-16 18:59 - 00896048 _____ () C:\Users\Harris Home\Desktop\Norton_Removal_Tool.exe
    2014-12-16 12:00 - 2014-12-16 12:00 - 00009962 _____ () C:\Users\Harris Home\Desktop\OTL 12162014_112625.txt
    2014-12-15 22:17 - 2014-12-15 22:17 - 00000385 _____ () C:\Users\Harris Home\Desktop\grant perms.txt
    2014-12-15 21:28 - 2014-12-15 21:28 - 00000000 ____D () C:\Users\Harris Home\Desktop\GrantPerms
    2014-12-15 21:27 - 2014-12-15 21:27 - 00453083 _____ () C:\Users\Harris Home\Desktop\GrantPerms.zip
    2014-12-15 20:41 - 2014-12-15 21:30 - 00000000 ____D () C:\Users\Harris Home\Desktop\HostsXpert
    2014-12-15 20:41 - 2014-12-15 20:30 - 00357766 _____ () C:\Users\Harris Home\Desktop\HostsXpert.zip
    2014-12-14 22:15 - 2014-12-14 22:15 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras20141214.Txt
    2014-12-14 22:14 - 2014-12-14 22:14 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL20141214.Txt
    2014-12-14 22:13 - 2014-12-14 22:13 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras.Txt
    2014-12-14 21:17 - 2014-12-14 21:17 - 00011192 _____ () C:\junk.txt
    2014-12-14 15:00 - 2014-12-14 14:56 - 04890736 _____ (Piriform Ltd) C:\Users\Harris Home\Desktop\spsetup126.exe
    2014-12-14 15:00 - 2014-12-14 14:53 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\procexp.exe
    2014-12-13 13:51 - 2014-12-13 13:51 - 00129706 _____ () C:\Users\Harris Home\Desktop\OTL20141213.Txt
    2014-12-13 13:40 - 2014-12-14 22:09 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL.Txt
    2014-12-13 12:25 - 2014-12-13 12:25 - 00000000 ____D () C:\SUPERDelete
    2014-12-13 12:23 - 2014-12-17 04:23 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job
    2014-12-13 12:23 - 2014-12-16 12:00 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-12-13 12:23 - 2014-12-13 12:23 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323
    2014-12-13 12:23 - 2014-12-13 12:23 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\SUPERAntiSpyware.com
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2014-12-13 12:21 - 2014-12-13 12:16 - 20695712 _____ (SUPERAntiSpyware) C:\Users\Harris Home\Desktop\SAS_3311527.EXE
    2014-12-13 12:21 - 2014-12-13 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Harris Home\Desktop\OTL.exe
    2014-12-12 17:54 - 2014-12-13 03:53 - 00000000 ____D () C:\VIPRERESCUE
    2014-12-12 17:54 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
    2014-12-12 17:54 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
    2014-12-12 17:49 - 2014-12-12 17:51 - 185020416 _____ () C:\Users\Harris Home\Desktop\VIPRERescue35652.exe
    2014-12-11 12:54 - 2014-12-17 02:18 - 00585652 _____ () C:\Windows\PFRO.log
    2014-12-11 10:38 - 2014-12-11 10:38 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Google
    2014-12-11 09:29 - 2014-12-16 19:21 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-11 07:41 - 2014-12-17 15:15 - 00001288 _____ () C:\Windows\setupact.log
    2014-12-11 07:41 - 2014-12-11 07:41 - 00000000 _____ () C:\Windows\setuperr.log
    2014-12-11 07:38 - 2014-12-11 07:38 - 00028428 _____ () C:\Users\Harris Home\Documents\cc_20141211_073843.reg
    2014-12-10 14:16 - 2014-12-10 14:16 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-09 20:52 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-09 20:52 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-09 17:25 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-09 17:25 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2014-12-09 17:25 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-09 17:25 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-09 17:25 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-09 17:25 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-09 17:25 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-09 17:25 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-09 17:25 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-09 17:25 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-09 17:25 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-09 17:25 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-09 17:25 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-09 17:25 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-09 17:25 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-09 17:25 - 2014-11-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-09 17:25 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-09 17:25 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-09 17:25 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-09 17:25 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-09 17:25 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-09 17:25 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-09 17:25 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-09 17:25 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-09 17:25 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-09 17:25 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-09 17:25 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-09 17:25 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-09 17:25 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-09 17:25 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-09 17:25 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-09 17:25 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-09 17:25 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-09 17:25 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-09 17:25 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-09 17:25 - 2014-11-21 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-09 17:25 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-09 17:25 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-09 17:25 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-09 17:25 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-09 17:25 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-09 17:25 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-09 17:25 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-09 17:25 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-09 17:25 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-09 17:25 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-09 17:25 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-09 17:25 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-09 17:25 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-09 17:25 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-09 17:25 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-09 17:25 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-09 17:25 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-09 17:25 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-09 17:25 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-09 17:25 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-09 17:25 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-09 17:25 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-09 17:25 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-09 17:25 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-09 17:25 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-09 17:25 - 2014-10-29 18:04 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-09 17:25 - 2014-10-29 17:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-09 17:24 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-09 17:24 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-09 17:24 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-09 17:24 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-09 17:24 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-09 17:24 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-09 17:24 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-09 17:24 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-12-07 20:09 - 2014-12-07 20:09 - 00015106 _____ () C:\Users\Harris Home\Documents\cc_20141207_200930.reg
    2014-12-05 11:29 - 2014-12-05 11:29 - 00056417 _____ () C:\Users\Harris Home\Documents\harris ppe 20141129.htm
    2014-12-05 11:29 - 2014-12-05 11:29 - 00000000 ____D () C:\Users\Harris Home\Documents\harris ppe 20141129_files
    2014-11-28 12:19 - 2014-11-28 12:19 - 00000323 _____ () C:\Users\Harris Home\Desktop\HP OfficeJet 4620 series Printer Firmware Update.url
    2014-11-23 17:52 - 2014-11-28 15:11 - 00000000 ____D () C:\Users\Harris Home\Desktop\Resumes
    2014-11-21 11:26 - 2014-11-21 11:26 - 01562175 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
    2014-11-21 11:09 - 2014-11-21 11:09 - 00000000 ____D () C:\NPE
    2014-11-21 11:04 - 2014-11-21 11:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\NPE
    2014-11-21 10:56 - 2014-11-21 10:56 - 00003256 _____ () C:\Users\Harris Home\Documents\cc_20141121_105625.reg
    2014-11-21 10:18 - 2014-11-21 10:18 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\{1A82C459-8EBB-4015-A29E-53AF65772610}
    2014-11-21 09:52 - 2014-12-15 14:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-11-21 09:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-11-21 09:52 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-11-21 09:20 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-21 09:20 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-21 09:20 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-21 09:20 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 17:23 - 2014-01-13 18:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-17 17:16 - 2013-08-27 19:05 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Akamai
    2014-12-17 16:50 - 2013-08-08 15:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 15:21 - 2011-11-25 01:54 - 01530942 _____ () C:\Windows\WindowsUpdate.log
    2014-12-17 15:17 - 2012-02-19 16:37 - 00000000 ____D () C:\ProgramData\clear.fi
    2014-12-17 15:15 - 2013-08-08 15:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-17 15:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-17 12:42 - 2012-04-09 10:00 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DBA64999-5666-45EA-BB5B-0E31C915FF61}
    2014-12-17 03:01 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-16 19:04 - 2012-04-09 06:45 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
    2014-12-16 19:04 - 2012-04-09 06:43 - 00000000 ____D () C:\ProgramData\Norton
    2014-12-16 07:25 - 2012-06-09 06:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\CrashDumps
    2014-12-14 17:30 - 2013-07-01 18:06 - 00003072 ___SH () C:\Users\Harris Home\Thumbs.db
    2014-12-13 12:22 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-13 03:56 - 2013-11-14 09:53 - 00000000 ____D () C:\Users\Harris Home\Documents\plug in for DRM removal
    2014-12-13 03:56 - 2013-03-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
    2014-12-11 13:18 - 2012-09-12 16:19 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-11 10:38 - 2012-09-19 13:19 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Google
    2014-12-11 10:01 - 2012-09-19 13:20 - 00000000 ____D () C:\Program Files\Google
    2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\ProgramData\Google
    2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-10 14:16 - 2014-05-08 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-09 21:03 - 2012-02-20 10:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-09 21:01 - 2013-08-13 16:26 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-09 20:55 - 2012-02-25 17:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-09 20:50 - 2013-03-14 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-12-09 20:23 - 2014-01-13 18:55 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-09 20:23 - 2014-01-13 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-09 20:23 - 2014-01-13 18:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-07 17:32 - 2013-12-03 09:36 - 00000000 ____D () C:\ID Vault
    2014-12-05 11:25 - 2013-05-23 12:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\HpUpdate
    2014-12-01 08:41 - 2014-05-13 07:00 - 00000000 ____D () C:\Users\Harris Home\Documents\mike work docs
    2014-11-23 10:26 - 2012-08-23 20:31 - 00000000 ____D () C:\Users\Harris Home\Documents\My Digital Editions
    2014-11-23 09:59 - 2014-08-07 11:55 - 00000000 ____D () C:\Users\Harris Home\Documents\My Kindle Content
    2014-11-21 16:01 - 2009-07-13 21:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-11-21 09:52 - 2012-09-12 16:20 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Malwarebytes
    2014-11-21 09:52 - 2012-09-12 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-11-21 06:14 - 2012-09-12 16:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

    Files to move or delete:
    ====================
    C:\Users\Harris Home\hpothb07.dat

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-12-16 13:57

    ==================== End Of Log ============================

     

     

    Addition log: 

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by Harris Home at 2014-12-17 17:43:07
    Running from C:\Users\Harris Home\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

     clear.fi  (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden
     clear.fi  (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden
    3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
    7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
    Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
    Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version:  - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
    Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
    Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Akamai NetSession Interface (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter Professional 2.7.3 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{95F2E76E-230E-BB48-3F15-E4A7F6050962}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
    AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
    AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
    AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
    Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
    Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
    Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
    Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
    Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
    Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
    Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
    Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
    Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
    Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
    Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
    Autodesk Revit Structure 2012 (HKLM\...\Autodesk Revit Structure 2012) (Version: 11.03.09231 - Autodesk)
    Autodesk SketchBookExpress 2011 (HKLM-x32\...\{AF322EC1-3499-45FD-9EDD-DCC7FD5C18DF}) (Version: 5.00.0000 - Autodesk)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bigasoft iPod Transfer 1.5.10.3783 (HKLM-x32\...\{16594695-69AA-4b4d-8A7E-723501738B09}_is1) (Version:  - Bigasoft Corporation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97 - WildTangent) Hidden
    calibre (HKLM-x32\...\{F9BD2B85-0EF1-4ACB-86EC-A616671EEADA}) (Version: 0.9.23 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
    Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.4 - Rovi Corporation)
    CinemaNow Player (x32 Version: 3.1.4 - Rovi Corporation) Hidden
    clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.)
    clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden
    clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
    Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
    Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version:  - Corel Corporation)
    Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden
    Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Disney's Mickey Mouse Preschool (HKLM-x32\...\Mickey Mouse Preschool) (Version:  - )
    Disney's Ready to Read with Pooh (HKLM-x32\...\Ready to Read with Pooh) (Version:  - )
    Disney's Winnie the Pooh Baby (HKLM-x32\...\{FED701E0-E194-11D4-B231-0050DACD394D}) (Version:  - )
    Disney's Winnie the Pooh Kindergarten (HKLM-x32\...\Winnie the Pooh Kindergarten) (Version:  - )
    Disney's Winnie the Pooh Preschool (HKLM-x32\...\Winnie the Pooh Preschool) (Version:  - )
    Disney's Winnie the Pooh Toddler (HKLM-x32\...\Winnie the Pooh Toddler) (Version:  - )
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
    Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
    Fatal Illusion (HKLM-x32\...\Fatal Illusion) (Version:  - )
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
    Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
    Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
    HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
    iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    JumpStart Phonics (HKLM-x32\...\PHONICS) (Version:  - Knowledge Adventure)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
    Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
    MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
    MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
    MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
    Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
    Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
    Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
    Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
    Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
    NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.1.27456 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    OJ4620FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Princess Fashion Boutique 2 (HKLM-x32\...\{A3554902-AB4A-11D5-AA2E-0008C760B784}) (Version:  - )
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
    Revit Structure 2012 (Version: 11.03.09231 - Autodesk) Hidden
    Revit Structure 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
    Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
    Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
    TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
    Ultimate EPubsoft DRM Removal 8.9.1 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.9.1 - EPUBSOFT)
    Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION
    Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION
    Unity Web Player (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
    WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
    Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
    Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Structure 2012\Program\APIContext.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acadficn.dll (Autodesk, Inc.)

    ==================== Restore Points  =========================

    16-12-2014 19:21:00 avast! antivirus system restore point

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2014-12-16 11:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1             localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0AB2509A-82CE-4A27-83BC-D4489458EDE5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe
    Task: {0F08F5F1-E963-4E4D-8BE5-5F78B41CD45F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
    Task: {12A5BF80-2E43-4E8B-9499-776461199DA9} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
    Task: {1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
    Task: {23A6A98A-350D-4650-A258-1ADE4A9B7711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {260E49EA-962A-47D9-BAAB-E3B8AC7D94D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
    Task: {304E05D6-1B83-4F31-BC42-D22BBE021A55} - System32\Tasks\IHUninstallTrackingTASK => CMD
    Task: {30D9F266-A272-4B43-82A3-867B053CAC61} - System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {38338D99-5827-4186-82A0-E96E4C5BBA6D} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
    Task: {491A889A-DC33-4BF0-A120-F721F4E2E2EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {4AA3DBF7-042C-4C90-BA8A-4DE8722A579B} - System32\Tasks\IHSelfDeleteTASK => CMD
    Task: {54CEAF8E-2921-45B1-A857-1250B72DF53F} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
    Task: {77BC962F-0689-4520-9BA8-77AB2046BE44} - System32\Tasks\{628B7852-061E-4FCB-8737-437987C69487} => pcalua.exe -a "C:\Users\Harris Home\Downloads\AutoCAD_2011_English_Win_32bit.exe" -d "C:\Users\Harris Home\Desktop"
    Task: {8EF36EDF-CFAD-44B1-8EDD-EFA51579CF1E} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)
    Task: {B16C22AA-A4FB-4097-9419-DF23D2F80537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
    Task: {BE6C1768-366F-460B-AAD8-AE525B24C88E} - System32\Tasks\AdobeAAMUpdater-1.0-HarrisHome-PC-Harris Home => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
    Task: {DA049999-D4F5-4903-AE52-6793937E6CEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EBC643E5-C6C4-4B7A-8F34-51E6225060E4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)
    Task: {EC32B888-EBD6-4EBA-ADD7-0287BC6774E2} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
    Task: {FCE14F05-D62E-460E-ABA0-07C782CD4E70} - System32\Tasks\Test TimeTrigger => C:\Users\HARRIS~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    2009-01-21 15:45 - 2009-01-21 15:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
    2011-08-10 19:58 - 2011-08-10 19:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    2013-03-28 18:43 - 2013-03-28 18:43 - 00302961 _____ () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    2014-12-16 19:23 - 2014-12-16 19:23 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2014-12-17 12:39 - 2014-12-17 12:39 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121701\algo.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-08-10 19:57 - 2011-08-10 19:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2011-11-25 02:06 - 2011-10-12 02:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:661DFA1C

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-853050829-1925703780-783890857-500 - Administrator - Disabled)
    Guest (S-1-5-21-853050829-1925703780-783890857-501 - Limited - Enabled)
    Harris Home (S-1-5-21-853050829-1925703780-783890857-1000 - Administrator - Enabled) => C:\Users\Harris Home
    HomeGroupUser$ (S-1-5-21-853050829-1925703780-783890857-1004 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============

    Name: AntiLog32
    Description: AntiLog32
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AntiLog32
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: F:\
    Description: Multi-Card     
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd
    Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
    Resolution: A registry problem was detected.
     This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
    Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/17/2014 05:16:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
    Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

    Error: (12/17/2014 05:15:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
    Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

    Error: (12/17/2014 03:16:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    System errors:
    =============
    Error: (12/17/2014 03:16:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    AFS

    Error: (12/17/2014 03:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The HOSTS Anti-PUPs service failed to start due to the following error:
    %%2

    Error: (12/17/2014 03:14:28 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: AMD E-450 APU with Radeon™ HD Graphics
    Percentage of memory in use: 47%
    Total physical RAM: 3579.27 MB
    Available physical RAM: 1873.6 MB
    Total Pagefile: 7156.71 MB
    Available Pagefile: 5156.63 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:242.17 GB) NTFS
    Drive h: (OneTouch 4) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C317959C)
    Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 465.8 GB) (Disk ID: 4F5554FD)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

     

    Looking for Driver now...


    • 0

    #40
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,028 posts
    • MVP
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
     

     
    Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
     
    NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
     
    Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
     
    scan-results.jpg
     
    Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
     
    The report will be saved in the C:\AdwCleaner folder.
     
     
     
    Junkware-Removal-Tool
     
    Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
    • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     

     


    • 0

    Advertisements


    #41
    faithnhope77

    faithnhope77

      Member

    • Topic Starter
    • Member
    • PipPip
    • 69 posts

    ok. Acer support is pretty basic.  I can't even find listings for drivers for my system, only the 32 bit version.  Even then, they list a Realtek Audio Driver as a zip file.  I downloaded that, unzipped and searched and can't find anything that resembles AFS.  Any other ideas?  I also tried searching the support site and got no results found.


    • 0

    #42
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 20,028 posts
    • MVP

    Give me the model number and service tag  (if any).  Let me look.

     

    It says AFS is not running.  Perhaps we do not need it.   Is the audio working?  In which case we can just turn it off and not worry about it.

     

    Get autoruns from
     
    Download Save and Run the program by right clicking and Run As Admin.   File, Save, to your desktop, autoruns.arn, OK.  This file is normally a bit over the forum size limit so will need to be zipped.  If you do not have win-zip or 7-zip then get 7-zip from 
    Download, Save and Run the appropriate msi file for your PC.  You want this one:64-bit x64 7-Zip for 64-bit Windows x64 (Intel 64 or AMD64)
     
    Once you have installed you can then right click on autoruns.arn then click on 7-zip, Add to autoruns.zip.  It should put the autoruns.zip file in the same directory.  Attach it.

    • 0

    #43
    faithnhope77

    faithnhope77

      Member

    • Topic Starter
    • Member
    • PipPip
    • 69 posts

    http://us.acer.com/a...content/drivers

    is the page I was at.  I have an "Acer Aspire X1430G."  The full ID on the sticker says AX1430G-UW30P but at the Acer site, it came up as what I quoted in the previous sentence. Do you want/need the SN or SNID?  I am running your previous instructions now.

     

    Youtube plays videos, Hulu says is needs flash player 10.1.53.65 or higher which I tried to install and Adobe said was successful but the videos still didn't play, Netflix says I need MS Silverlight which I tried to download and it (Netflix) said I already had a more current version installed.


    Edited by faithnhope77, 17 December 2014 - 11:02 PM.

    • 0

    #44
    faithnhope77

    faithnhope77

      Member

    • Topic Starter
    • Member
    • PipPip
    • 69 posts

    first FRST fix log:

     

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
    Ran by Harris Home at 2014-12-17 21:04:23 Run:1
    Running from C:\Users\Harris Home\Desktop
    Loaded Profile: Harris Home (Available profiles: Harris Home)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-03-28] ()
    SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
    SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL =
    SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {F11DDC78-AB64-46AA-8F80-F9122ECA7A5D} URL = http://search.whites...am={SearchTerms}
    BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
    Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
    S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
    S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
    S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
    S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
    S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
    S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
    S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
    S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
    Task: {0AB2509A-82CE-4A27-83BC-D4489458EDE5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe
    Task: {12A5BF80-2E43-4E8B-9499-776461199DA9} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
    Task: {1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
    Task: {304E05D6-1B83-4F31-BC42-D22BBE021A55} - System32\Tasks\IHUninstallTrackingTASK => CMD
    Task: {4AA3DBF7-042C-4C90-BA8A-4DE8722A579B} - System32\Tasks\IHSelfDeleteTASK => CMD
    Task: {FCE14F05-D62E-460E-ABA0-07C782CD4E70} - System32\Tasks\Test TimeTrigger => C:\Users\HARRIS~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
    AntiLog32

    *****************

    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HOSTS Anti-Adware_PUPs => value deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
    "HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
    HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
    "HKU\S-1-5-21-853050829-1925703780-783890857-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
    "HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
    "HKU\S-1-5-21-853050829-1925703780-783890857-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F11DDC78-AB64-46AA-8F80-F9122ECA7A5D}" => Key deleted successfully.
    "HKCR\CLSID\{F11DDC78-AB64-46AA-8F80-F9122ECA7A5D}" => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key not found.
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
    "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key deleted successfully.
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
    "HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
    "HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => Key deleted successfully.
    C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll not found.
    HOSTS Anti-PUPs => Service deleted successfully.
    AntiLog32 => Service deleted successfully.
    MREMP50 => Service deleted successfully.
    MREMP50a64 => Service deleted successfully.
    MREMPR5 => Service deleted successfully.
    MRENDIS5 => Service deleted successfully.
    MRESP50 => Service deleted successfully.
    MRESP50a64 => Service deleted successfully.
    C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AB2509A-82CE-4A27-83BC-D4489458EDE5}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AB2509A-82CE-4A27-83BC-D4489458EDE5}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12A5BF80-2E43-4E8B-9499-776461199DA9}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12A5BF80-2E43-4E8B-9499-776461199DA9}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Norton Security Suite\Norton Error Processor => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Processor" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Norton Security Suite\Norton Error Analyzer => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Analyzer" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{304E05D6-1B83-4F31-BC42-D22BBE021A55}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{304E05D6-1B83-4F31-BC42-D22BBE021A55}" => Key deleted successfully.
    C:\Windows\System32\Tasks\IHUninstallTrackingTASK => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AA3DBF7-042C-4C90-BA8A-4DE8722A579B}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA3DBF7-042C-4C90-BA8A-4DE8722A579B}" => Key deleted successfully.
    C:\Windows\System32\Tasks\IHSelfDeleteTASK => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHSelfDeleteTASK" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCE14F05-D62E-460E-ABA0-07C782CD4E70}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCE14F05-D62E-460E-ABA0-07C782CD4E70}" => Key deleted successfully.
    C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully.
    AntiLog32 => Error: No automatic fix found for this entry.

    ==== End of Fixlog ====


    • 0

    #45
    faithnhope77

    faithnhope77

      Member

    • Topic Starter
    • Member
    • PipPip
    • 69 posts

    second FRST log:

     

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
    Ran by Harris Home (administrator) on HARRISHOME-PC on 17-12-2014 21:08:19
    Running from C:\Users\Harris Home\Desktop
    Loaded Profile: Harris Home (Available profiles: Harris Home)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
    (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe
    (Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe

    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-10] ()
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
    HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
    HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\RunOnce: [Adobe Speed Launcher] => 1418858155
    HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
    ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
    DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

    FireFox:
    ========
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Harris Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]

    Chrome:
    =======
    CHR Profile: C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
    CHR Extension: (AdBlock) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-31]
    CHR Extension: (Avast Online Security) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-16]
    CHR Extension: (Google Wallet) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
    CHR HKLM-x32\...\Chrome\Extension: [aaaaichncbpejfjililmiahnkdmfggff] - C:\Users\Harris Home\AppData\Local\catalinagroupltdmoviestoolbarha\GC\toolbar.crx [2013-09-10]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-16] (Avast Software)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
    S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
    S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
    R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2013-02-05] (Oak Technology Inc.) [File not signed]
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
    S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
    S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-16] (Avast Software)

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 20:55 - 2014-12-17 20:55 - 01707646 _____ (Thisisu) C:\Users\Harris Home\Desktop\JRT.exe
    2014-12-17 20:55 - 2014-12-17 20:55 - 00593080 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\autoruns.exe
    2014-12-17 18:21 - 2014-12-17 18:21 - 00000000 ____D () C:\Users\Harris Home\Desktop\Audio_Realtek_6.0.1.6242_W7x86x64
    2014-12-17 18:20 - 2014-12-17 18:21 - 108033189 _____ () C:\Users\Harris Home\Desktop\Audio_Realtek_6.0.1.6242_W7x86W7x64_A.zip
    2014-12-17 17:43 - 2014-12-17 17:44 - 00034628 _____ () C:\Users\Harris Home\Desktop\Addition.txt
    2014-12-17 17:41 - 2014-12-17 21:08 - 00018202 _____ () C:\Users\Harris Home\Desktop\FRST.txt
    2014-12-17 17:41 - 2014-12-17 21:08 - 00000000 ____D () C:\FRST
    2014-12-17 17:39 - 2014-12-17 17:39 - 02121216 _____ (Farbar) C:\Users\Harris Home\Desktop\FRST64.exe
    2014-12-17 16:14 - 2014-12-17 16:21 - 00000913 _____ () C:\VEW.txt
    2014-12-17 16:12 - 2014-12-17 16:12 - 00061440 _____ ( ) C:\Users\Harris Home\Desktop\VEW.exe
    2014-12-17 14:20 - 2014-12-17 14:20 - 00009972 _____ () C:\Users\Harris Home\Desktop\System Idle Process 1.TXT
    2014-12-16 19:55 - 2014-12-16 19:55 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-55-49.019-aswFe.exe-4176.log
    2014-12-16 19:55 - 2014-12-16 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-55-42.085-AvastVBoxSVC.exe-4852.log
    2014-12-16 19:47 - 2014-12-16 19:47 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-47-53.019-aswFe.exe-5580.log
    2014-12-16 19:47 - 2014-12-16 19:47 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-47-46.041-AvastVBoxSVC.exe-3580.log
    2014-12-16 19:37 - 2014-12-16 19:37 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-37-55.019-aswFe.exe-3740.log
    2014-12-16 19:35 - 2014-12-16 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-35-00.065-aswFe.exe-5108.log
    2014-12-16 19:34 - 2014-12-16 19:34 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-34-53.079-AvastVBoxSVC.exe-4784.log
    2014-12-16 19:25 - 2014-12-16 19:25 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\AVAST Software
    2014-12-16 19:24 - 2014-12-16 19:24 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\system32\vbox
    2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-16 19:23 - 2014-12-17 12:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2014-12-16 19:23 - 2014-12-16 19:23 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2014-12-16 19:23 - 2014-12-16 19:23 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2014-12-16 19:23 - 2014-12-16 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2014-12-16 19:23 - 2014-12-16 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2014-12-16 19:21 - 2014-12-16 19:21 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-16 18:59 - 2014-12-16 18:59 - 00896048 _____ () C:\Users\Harris Home\Desktop\Norton_Removal_Tool.exe
    2014-12-16 12:00 - 2014-12-16 12:00 - 00009962 _____ () C:\Users\Harris Home\Desktop\OTL 12162014_112625.txt
    2014-12-15 22:17 - 2014-12-15 22:17 - 00000385 _____ () C:\Users\Harris Home\Desktop\grant perms.txt
    2014-12-15 21:28 - 2014-12-15 21:28 - 00000000 ____D () C:\Users\Harris Home\Desktop\GrantPerms
    2014-12-15 21:27 - 2014-12-15 21:27 - 00453083 _____ () C:\Users\Harris Home\Desktop\GrantPerms.zip
    2014-12-15 20:41 - 2014-12-15 21:30 - 00000000 ____D () C:\Users\Harris Home\Desktop\HostsXpert
    2014-12-15 20:41 - 2014-12-15 20:30 - 00357766 _____ () C:\Users\Harris Home\Desktop\HostsXpert.zip
    2014-12-14 22:15 - 2014-12-14 22:15 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras20141214.Txt
    2014-12-14 22:14 - 2014-12-14 22:14 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL20141214.Txt
    2014-12-14 22:13 - 2014-12-14 22:13 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras.Txt
    2014-12-14 21:17 - 2014-12-14 21:17 - 00011192 _____ () C:\junk.txt
    2014-12-14 15:00 - 2014-12-14 14:56 - 04890736 _____ (Piriform Ltd) C:\Users\Harris Home\Desktop\spsetup126.exe
    2014-12-14 15:00 - 2014-12-14 14:53 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\procexp.exe
    2014-12-13 13:51 - 2014-12-13 13:51 - 00129706 _____ () C:\Users\Harris Home\Desktop\OTL20141213.Txt
    2014-12-13 13:40 - 2014-12-14 22:09 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL.Txt
    2014-12-13 12:25 - 2014-12-13 12:25 - 00000000 ____D () C:\SUPERDelete
    2014-12-13 12:23 - 2014-12-17 20:23 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job
    2014-12-13 12:23 - 2014-12-17 20:23 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-12-13 12:23 - 2014-12-13 12:23 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323
    2014-12-13 12:23 - 2014-12-13 12:23 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\SUPERAntiSpyware.com
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2014-12-13 12:21 - 2014-12-13 12:16 - 20695712 _____ (SUPERAntiSpyware) C:\Users\Harris Home\Desktop\SAS_3311527.EXE
    2014-12-13 12:21 - 2014-12-13 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Harris Home\Desktop\OTL.exe
    2014-12-12 17:54 - 2014-12-13 03:53 - 00000000 ____D () C:\VIPRERESCUE
    2014-12-12 17:54 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
    2014-12-12 17:54 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
    2014-12-12 17:49 - 2014-12-12 17:51 - 185020416 _____ () C:\Users\Harris Home\Desktop\VIPRERescue35652.exe
    2014-12-11 12:54 - 2014-12-17 02:18 - 00585652 _____ () C:\Windows\PFRO.log
    2014-12-11 10:38 - 2014-12-11 10:38 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Google
    2014-12-11 09:29 - 2014-12-16 19:21 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-11 07:41 - 2014-12-17 15:15 - 00001288 _____ () C:\Windows\setupact.log
    2014-12-11 07:41 - 2014-12-11 07:41 - 00000000 _____ () C:\Windows\setuperr.log
    2014-12-11 07:38 - 2014-12-11 07:38 - 00028428 _____ () C:\Users\Harris Home\Documents\cc_20141211_073843.reg
    2014-12-10 14:16 - 2014-12-10 14:16 - 00000000 ____D () C:\Windows\system32\appraiser
    2014-12-09 20:52 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
    2014-12-09 20:52 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2014-12-09 17:25 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2014-12-09 17:25 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2014-12-09 17:25 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
    2014-12-09 17:25 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2014-12-09 17:25 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2014-12-09 17:25 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-12-09 17:25 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-12-09 17:25 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-12-09 17:25 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-12-09 17:25 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-12-09 17:25 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-12-09 17:25 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-12-09 17:25 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2014-12-09 17:25 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-12-09 17:25 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-12-09 17:25 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-12-09 17:25 - 2014-11-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-12-09 17:25 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-12-09 17:25 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-12-09 17:25 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-12-09 17:25 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-12-09 17:25 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-12-09 17:25 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-12-09 17:25 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-12-09 17:25 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-12-09 17:25 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-12-09 17:25 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2014-12-09 17:25 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-12-09 17:25 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-12-09 17:25 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-12-09 17:25 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-12-09 17:25 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2014-12-09 17:25 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-12-09 17:25 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-12-09 17:25 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-12-09 17:25 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-12-09 17:25 - 2014-11-21 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-12-09 17:25 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-12-09 17:25 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-12-09 17:25 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-12-09 17:25 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2014-12-09 17:25 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-12-09 17:25 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-12-09 17:25 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-12-09 17:25 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-12-09 17:25 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-12-09 17:25 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2014-12-09 17:25 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-12-09 17:25 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-12-09 17:25 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-12-09 17:25 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-12-09 17:25 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-12-09 17:25 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2014-12-09 17:25 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-12-09 17:25 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-12-09 17:25 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-12-09 17:25 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-12-09 17:25 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-12-09 17:25 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-12-09 17:25 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
    2014-12-09 17:25 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
    2014-12-09 17:25 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2014-12-09 17:25 - 2014-10-29 18:04 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
    2014-12-09 17:25 - 2014-10-29 17:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
    2014-12-09 17:24 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
    2014-12-09 17:24 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
    2014-12-09 17:24 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
    2014-12-09 17:24 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
    2014-12-09 17:24 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
    2014-12-09 17:24 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
    2014-12-09 17:24 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
    2014-12-09 17:24 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
    2014-12-09 17:24 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
    2014-12-09 17:24 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
    2014-12-07 20:09 - 2014-12-07 20:09 - 00015106 _____ () C:\Users\Harris Home\Documents\cc_20141207_200930.reg
    2014-12-05 11:29 - 2014-12-05 11:29 - 00056417 _____ () C:\Users\Harris Home\Documents\harris ppe 20141129.htm
    2014-12-05 11:29 - 2014-12-05 11:29 - 00000000 ____D () C:\Users\Harris Home\Documents\harris ppe 20141129_files
    2014-11-28 12:19 - 2014-11-28 12:19 - 00000323 _____ () C:\Users\Harris Home\Desktop\HP OfficeJet 4620 series Printer Firmware Update.url
    2014-11-23 17:52 - 2014-11-28 15:11 - 00000000 ____D () C:\Users\Harris Home\Desktop\Resumes
    2014-11-21 11:26 - 2014-11-21 11:26 - 01562175 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
    2014-11-21 11:09 - 2014-11-21 11:09 - 00000000 ____D () C:\NPE
    2014-11-21 11:04 - 2014-11-21 11:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\NPE
    2014-11-21 10:56 - 2014-11-21 10:56 - 00003256 _____ () C:\Users\Harris Home\Documents\cc_20141121_105625.reg
    2014-11-21 10:18 - 2014-11-21 10:18 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\{1A82C459-8EBB-4015-A29E-53AF65772610}
    2014-11-21 09:52 - 2014-12-15 14:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-11-21 09:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-11-21 09:52 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-11-21 09:20 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2014-11-21 09:20 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
    2014-11-21 09:20 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2014-11-21 09:20 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
    2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 21:06 - 2014-10-15 15:43 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
    2014-12-17 20:50 - 2013-08-08 15:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-17 20:41 - 2014-08-19 21:16 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Adobe
    2014-12-17 20:41 - 2014-01-13 18:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2014-12-17 20:41 - 2014-01-13 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-17 20:41 - 2014-01-13 18:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-17 20:41 - 2014-01-13 18:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-12-17 20:22 - 2011-11-25 01:54 - 01531037 _____ () C:\Windows\WindowsUpdate.log
    2014-12-17 17:50 - 2013-08-08 15:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-17 17:16 - 2013-08-27 19:05 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Akamai
    2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 15:17 - 2012-02-19 16:37 - 00000000 ____D () C:\ProgramData\clear.fi
    2014-12-17 15:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-12-17 12:42 - 2012-04-09 10:00 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DBA64999-5666-45EA-BB5B-0E31C915FF61}
    2014-12-17 03:01 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
    2014-12-16 19:04 - 2012-04-09 06:45 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
    2014-12-16 19:04 - 2012-04-09 06:43 - 00000000 ____D () C:\ProgramData\Norton
    2014-12-16 07:25 - 2012-06-09 06:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\CrashDumps
    2014-12-14 17:30 - 2013-07-01 18:06 - 00003072 ___SH () C:\Users\Harris Home\Thumbs.db
    2014-12-13 12:22 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-12-13 03:56 - 2013-11-14 09:53 - 00000000 ____D () C:\Users\Harris Home\Documents\plug in for DRM removal
    2014-12-11 13:18 - 2012-09-12 16:19 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-11 10:38 - 2012-09-19 13:19 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Google
    2014-12-11 10:01 - 2012-09-19 13:20 - 00000000 ____D () C:\Program Files\Google
    2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\ProgramData\Google
    2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-10 14:16 - 2014-05-08 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
    2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-12-09 21:03 - 2012-02-20 10:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-09 21:01 - 2013-08-13 16:26 - 00000000 ____D () C:\Windows\system32\MRT
    2014-12-09 20:55 - 2012-02-25 17:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-12-09 20:50 - 2013-03-14 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
    2014-12-07 17:32 - 2013-12-03 09:36 - 00000000 ____D () C:\ID Vault
    2014-12-05 11:25 - 2013-05-23 12:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\HpUpdate
    2014-12-01 08:41 - 2014-05-13 07:00 - 00000000 ____D () C:\Users\Harris Home\Documents\mike work docs
    2014-11-23 10:26 - 2012-08-23 20:31 - 00000000 ____D () C:\Users\Harris Home\Documents\My Digital Editions
    2014-11-23 09:59 - 2014-08-07 11:55 - 00000000 ____D () C:\Users\Harris Home\Documents\My Kindle Content
    2014-11-21 16:01 - 2009-07-13 21:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2014-11-21 09:52 - 2012-09-12 16:20 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Malwarebytes
    2014-11-21 09:52 - 2012-09-12 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-11-21 06:14 - 2012-09-12 16:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

    Files to move or delete:
    ====================
    C:\Users\Harris Home\hpothb07.dat

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2014-12-16 13:57

    ==================== End Of Log ============================

     

     

    Addition log:

     

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by Harris Home at 2014-12-17 21:09:38
    Running from C:\Users\Harris Home\Desktop
    Boot Mode: Normal
    ==========================================================

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

     clear.fi  (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden
     clear.fi  (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden
    3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
    7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
    Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
    Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version:  - )
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
    Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
    Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
    Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
    Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
    Akamai NetSession Interface (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
    Amazon Kindle (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Amazon Kindle) (Version:  - Amazon)
    Any Video Converter Professional 2.7.3 (HKLM-x32\...\Any Video Converter Professional_is1) (Version:  - Any-Video-Converter.com)
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
    ATI Catalyst Install Manager (HKLM\...\{95F2E76E-230E-BB48-3F15-E4A7F6050962}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
    AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
    AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
    AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
    Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
    Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
    Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
    Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
    Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
    Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
    Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
    Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
    Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
    Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
    Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
    Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
    Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
    Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
    Autodesk Revit Structure 2012 (HKLM\...\Autodesk Revit Structure 2012) (Version: 11.03.09231 - Autodesk)
    Autodesk SketchBookExpress 2011 (HKLM-x32\...\{AF322EC1-3499-45FD-9EDD-DCC7FD5C18DF}) (Version: 5.00.0000 - Autodesk)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bigasoft iPod Transfer 1.5.10.3783 (HKLM-x32\...\{16594695-69AA-4b4d-8A7E-723501738B09}_is1) (Version:  - Bigasoft Corporation)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97 - WildTangent) Hidden
    calibre (HKLM-x32\...\{F9BD2B85-0EF1-4ACB-86EC-A616671EEADA}) (Version: 0.9.23 - Kovid Goyal)
    CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
    Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.4 - Rovi Corporation)
    CinemaNow Player (x32 Version: 3.1.4 - Rovi Corporation) Hidden
    clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.)
    clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden
    clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
    Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
    Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version:  - Corel Corporation)
    Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden
    Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Disney's Mickey Mouse Preschool (HKLM-x32\...\Mickey Mouse Preschool) (Version:  - )
    Disney's Ready to Read with Pooh (HKLM-x32\...\Ready to Read with Pooh) (Version:  - )
    Disney's Winnie the Pooh Baby (HKLM-x32\...\{FED701E0-E194-11D4-B231-0050DACD394D}) (Version:  - )
    Disney's Winnie the Pooh Kindergarten (HKLM-x32\...\Winnie the Pooh Kindergarten) (Version:  - )
    Disney's Winnie the Pooh Preschool (HKLM-x32\...\Winnie the Pooh Preschool) (Version:  - )
    Disney's Winnie the Pooh Toddler (HKLM-x32\...\Winnie the Pooh Toddler) (Version:  - )
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
    Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
    Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
    FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
    Fatal Illusion (HKLM-x32\...\Fatal Illusion) (Version:  - )
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
    Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
    Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
    HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
    HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
    HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
    HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
    HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
    iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
    iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    JumpStart Phonics (HKLM-x32\...\PHONICS) (Version:  - Knowledge Adventure)
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
    Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
    Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
    MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
    MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
    MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
    Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
    Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
    Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
    Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
    Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
    NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.1.27456 - Barnesandnoble.com)
    Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
    OJ4620FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Princess Fashion Boutique 2 (HKLM-x32\...\{A3554902-AB4A-11D5-AA2E-0008C760B784}) (Version:  - )
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
    Revit Structure 2012 (Version: 11.03.09231 - Autodesk) Hidden
    Revit Structure 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
    Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
    Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
    Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
    TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
    Ultimate EPubsoft DRM Removal 8.9.1 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.9.1 - EPUBSOFT)
    Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION
    Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION
    Unity Web Player (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
    WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
    WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
    Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
    Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
    Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Structure 2012\Program\APIContext.dll (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
    CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acadficn.dll (Autodesk, Inc.)

    ==================== Restore Points  =========================

    16-12-2014 19:21:00 avast! antivirus system restore point

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2014-12-16 11:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1             localhost

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0F08F5F1-E963-4E4D-8BE5-5F78B41CD45F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
    Task: {23A6A98A-350D-4650-A258-1ADE4A9B7711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {260E49EA-962A-47D9-BAAB-E3B8AC7D94D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
    Task: {30D9F266-A272-4B43-82A3-867B053CAC61} - System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {38338D99-5827-4186-82A0-E96E4C5BBA6D} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
    Task: {491A889A-DC33-4BF0-A120-F721F4E2E2EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
    Task: {54CEAF8E-2921-45B1-A857-1250B72DF53F} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
    Task: {77BC962F-0689-4520-9BA8-77AB2046BE44} - System32\Tasks\{628B7852-061E-4FCB-8737-437987C69487} => pcalua.exe -a "C:\Users\Harris Home\Downloads\AutoCAD_2011_English_Win_32bit.exe" -d "C:\Users\Harris Home\Desktop"
    Task: {8EF36EDF-CFAD-44B1-8EDD-EFA51579CF1E} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)
    Task: {B16C22AA-A4FB-4097-9419-DF23D2F80537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-17] (Adobe Systems Incorporated)
    Task: {BE6C1768-366F-460B-AAD8-AE525B24C88E} - System32\Tasks\AdobeAAMUpdater-1.0-HarrisHome-PC-Harris Home => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
    Task: {DA049999-D4F5-4903-AE52-6793937E6CEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {EBC643E5-C6C4-4B7A-8F34-51E6225060E4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)
    Task: {EC32B888-EBD6-4EBA-ADD7-0287BC6774E2} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) =============

    2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
    2009-01-21 15:45 - 2009-01-21 15:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
    2011-08-10 19:58 - 2011-08-10 19:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
    2014-12-16 19:23 - 2014-12-16 19:23 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
    2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
    2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2014-12-17 12:39 - 2014-12-17 12:39 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121701\algo.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
    2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-08-10 19:57 - 2011-08-10 19:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
    2014-12-16 19:23 - 2014-12-16 19:23 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2011-11-25 02:06 - 2011-10-12 02:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\Temp:661DFA1C

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-853050829-1925703780-783890857-500 - Administrator - Disabled)
    Guest (S-1-5-21-853050829-1925703780-783890857-501 - Limited - Enabled)
    Harris Home (S-1-5-21-853050829-1925703780-783890857-1000 - Administrator - Enabled) => C:\Users\Harris Home
    HomeGroupUser$ (S-1-5-21-853050829-1925703780-783890857-1004 - Limited - Enabled)

    ==================== Faulty Device Manager Devices =============

    Name: AntiLog32
    Description: AntiLog32
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer:
    Service: AntiLog32
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.

    Name: F:\
    Description: Multi-Card     
    Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
    Manufacturer: Generic-
    Service: WUDFRd
    Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
    Resolution: A registry problem was detected.
     This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
    Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/17/2014 05:16:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
    Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

    Error: (12/17/2014 05:15:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
    Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

    Error: (12/17/2014 03:16:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    System errors:
    =============
    Error: (12/17/2014 03:16:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    AFS

    Error: (12/17/2014 03:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The HOSTS Anti-PUPs service failed to start due to the following error:
    %%2

    Error: (12/17/2014 03:14:28 PM) (Source: DCOM) (EventID: 10010) (User: )
    Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

    Microsoft Office Sessions:
    =========================

    ==================== Memory info ===========================

    Processor: AMD E-450 APU with Radeon™ HD Graphics
    Percentage of memory in use: 48%
    Total physical RAM: 3579.27 MB
    Available physical RAM: 1848.26 MB
    Total Pagefile: 7156.71 MB
    Available Pagefile: 5135.74 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:241.8 GB) NTFS
    Drive h: (OneTouch 4) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C317959C)
    Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 2 (Size: 465.8 GB) (Disk ID: 4F5554FD)
    Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

     

     


    • 0






    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP