Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows 7 running so slowly it appears to be hung up

Started by faithnhope77 , Dec 14 2014 02:17 PM

Page 3 of 5
1
2
3
4
5

Please log in to reply

#31
faithnhope77

Posted 16 December 2014 - 02:51 PM

Member

Topic Starter
Member
69 posts

That's all really good information. Thanks. I guess I somehow didn't realize that Avast was active all the time unless you paid for it and since our Norton was free that is how we made that decision. I will switch over this afternoon and send you that log in the morning.

I forgot about process explorer. Service Host didn't go above 3rd highest while at idle (and it was like 0.97%). Idle Time and process explorer were highest and there was lots of process movement.

My last question at this point is, I have a bunch of programs saved onto my desktop that I assume I won't be needing after this? This may be premature as you haven't indicated we are done, but my system is running vastly better already. VIPRErescue, SuperAntiSpyware, Process Explorer, spsetup, OTL, Grant Perms, Hosts Expert, Malware Bytes, AdwCleaner, CCleaner. I don't want to keep or use these ignorantly. I usually use CCleaner, Malware Bytes and AdwCleaner on a maintenance basis. Does that sound right?

#32
faithnhope77

Posted 17 December 2014 - 09:46 AM

Member

Topic Starter
Member
69 posts

Good morning! So I switched to Avast last night. Thanks again very much for the info on that. The link for the Symantec remover was page not found. When I searched the Norton site, I found a Symantec Endpoint something but didn't want to download that without verifying with you first. Avast ran its boot scan last night and this morning. Of course I can't find the log anywhere! I tried searching for it by modification date even and couldn't find a .txt file anywhere, some BAK and DAT and others but no TXT. I took a screenshot but of course I can't paste it into this post. Not feeling really productive this morning. sorry!! ok, I attached the screen shot.

Attached Thumbnails

#33
RKinner

Posted 17 December 2014 - 10:46 AM

Malware Expert

Expert
24,625 posts

Looks like it found one that we didn't so worth the trouble.

The Norton removal tool link works when I click on it so I expect you tried to copy and paste it. The forum software likes to shorten URLs in the display for some reason. The actual path is:

ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Could I see a new Process Explorer log?

How is it running now?

#34
faithnhope77

Posted 17 December 2014 - 04:23 PM

Member

Topic Starter
Member
69 posts

Ok, so maybe I didn't do as badly as I thought. I got the Norton Removal tool and removed Norton. For some reason, I thought Symantec Remover was a second removal tool that I needed to use. My computer is running great again! Thank you so much! I am a bit confused as to the abrupt onset of my problems if this was caused by the Host Service, unless it was that other virus that Avast handled. And here is a new Process Explorer log:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 78.15 0 K 24 K 0
procexp64.exe 11.30 28,352 K 51,820 K 3460 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Sysinternals
iexplore.exe 2.32 109,616 K 135,824 K 5668 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 2.25 32,624 K 32,640 K 1324 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 1.93 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 1.21 2,720 K 6,220 K 532 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
System 0.65 212 K 4,440 K 4
NOBuAgent.exe 0.47 2,416 K 5,420 K 2524 Norton Online Backup Service Symantec Corporation (Verified) Symantec Corporation
svchost.exe 0.28 4,368 K 8,656 K 752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
HOSTS_Anti-Adware_main.exe 0.25 2,852 K 7,092 K 2880 HOSTS Anti-PUPs/Adwares  (No signature was present in the subject)
netsession_win.exe 0.24 7,748 K 15,400 K 5540 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai NetSession Client
CLMSService.exe 0.14 2,740 K 1,424 K 4700 CLMSService CyberLink (Verified) CyberLink
SearchIndexer.exe 0.12 45,388 K 34,432 K 1444 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
CCC.exe 0.10 104,388 K 22,160 K 4108 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
iexplore.exe 0.09 14,512 K 36,496 K 4208 Internet Explorer Microsoft Corporation (Verified) Microsoft Windows
explorer.exe 0.08 38,096 K 57,132 K 1376 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 0.07 2,364 K 6,604 K 4320 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
svchost.exe 0.06 7,968 K 15,876 K 4364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avastui.exe 0.05 15,440 K 23,756 K 2904 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
mDNSResponder.exe 0.03 2,164 K 5,400 K 1436 Bonjour Service Apple Inc. (Verified) Apple Inc.
MOM.exe 0.03 38,856 K 5,784 K 5076 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
AvastSvc.exe 0.03 59,564 K 41,000 K 1192 avast! Service AVAST Software (Verified) AVAST Software a.s.
NOBuClient.exe 0.03 2,780 K 6,016 K 2812 Norton Online Backup Service Symantec Corporation (Verified) Symantec Corporation
audiodg.exe 0.02 18,720 K 17,240 K 1184 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 33,084 K 47,364 K 340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
GoogleToolbarUser_32.exe 0.01 5,424 K 11,592 K 2392 Google Toolbar Broker Google Inc. (Verified) Google Inc
svchost.exe 0.01 14,460 K 22,328 K 272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 13,424 K 15,416 K 1096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 5,580 K 9,112 K 840 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 0.01 8,512 K 13,864 K 1984 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SASCore64.exe 0.01 1,364 K 3,664 K 1688 Core Service SUPERAntiSpyware.com (Verified) SUPERAntiSpyware.com
AppleMobileDeviceService.exe 0.01 3,016 K 8,740 K 1792 MobileDeviceService Apple Inc. (Verified) Apple Inc.
csrss.exe 0.01 2,168 K 4,600 K 452 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 0.01 8,740 K 14,940 K 1536 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 0.01 6,232 K 14,072 K 644 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 12,556 K 15,888 K 1968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
lsm.exe < 0.01 2,748 K 4,268 K 652 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe < 0.01 2,568 K 8,172 K 5316 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 133,164 K 142,336 K 1016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 3,628 K 11,100 K 3040 iTunesHelper Apple Inc. (Verified) Apple Inc.
netsession_win.exe < 0.01 3,060 K 8,344 K 5524 Akamai NetSession Client Akamai Technologies, Inc. (Verified) Akamai NetSession Client
AvastVBoxSVC.exe < 0.01 4,388 K 11,048 K 4016 AvastVirtualBox Interface Avast Software (Verified) AVAST Software a.s.
ScanToPCActivationApp.exe < 0.01 4,740 K 12,148 K 2188 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
HPNetworkCommunicator.exe < 0.01 3,792 K 8,168 K 3144 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
PhotoshopElementsFileAgent.exe < 0.01 2,400 K 1,508 K 1708 Adobe Photoshop Elements 9.0 (component) Adobe Systems Incorporated (Verified) Adobe Systems Incorporated
wuauclt.exe  1,984 K 6,484 K 2640 Windows Update Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe  17,412 K 13,852 K 4472 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  8,636 K 16,604 K 3096 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe  2,472 K 6,112 K 4824 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  2,856 K 6,904 K 596 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,460 K 4,240 K 540 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
UpdaterService.exe  1,128 K 3,720 K 1832 Updater Service Acer Incorporated (Verified) Acer Incorporated
unsecapp.exe  1,804 K 5,676 K 4924 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe  2,156 K 5,964 K 2052 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  13,984 K 16,664 K 1576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  23,440 K 23,660 K 980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  4,584 K 8,456 K 2696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe  2,444 K 5,792 K 4400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
SuiteTray.exe  1,392 K 4,732 K 2068 SuiteTray Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
smss.exe  452 K 1,088 K 328 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe  7,536 K 10,792 K 636 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe  2,664 K 6,424 K 2680 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe  10,960 K 10,832 K 2156 Realtek HD Audio Manager Realtek Semiconductor (Verified) Microsoft Windows Hardware Compatibility Publisher
procexp.exe  2,224 K 7,088 K 2408 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe  28,660 K 22,376 K 5396 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Windows
PmmUpdate.exe  30,664 K 36,132 K 1276 PMM Update Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
ngservice.exe  1,164 K 3,376 K 4792 avast! NG service AVAST Software (Verified) AVAST Software a.s.
NASvc.exe  1,928 K 5,776 K 3952 NeroUpdate Nero AG (Verified) Nero AG
MsSpellCheckingFacility.exe  3,244 K 8,308 K 1072 Microsoft Spell Checking Facility Microsoft Corporation (Verified) Microsoft Windows
IntuitUpdateService.exe  20,836 K 1,832 K 5848 Intuit Update Service Intuit Inc. (Verified) Intuit
hpwuschd2.exe  948 K 3,440 K 2496 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HotkeyUtility.exe  7,260 K 10,480 K 2864 Hotkey Utility  (Verified) Acer Incorporated
GREGsvc.exe  984 K 3,316 K 1032 Global Registration Service Acer Incorporated (Verified) Acer Incorporated
GoogleCrashHandler64.exe  1,680 K 528 K 1232 Google Crash Handler Google Inc. (Verified) Google Inc
GoogleCrashHandler.exe  1,508 K 528 K 1256 Google Crash Handler Google Inc. (Verified) Google Inc
EgisUpdate.exe  2,876 K 7,260 K 3300 EgisUpdate Release Application Egis Technology Inc. (Verified) EGIS TECHNOLOGY INC.
DMREngine.exe  3,976 K 2,288 K 2360 DMREngine CyberLink (Verified) CyberLink
dllhost.exe  2,340 K 7,052 K 5916 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
Connect.Service.ContentService.exe  20,716 K 25,672 K 1924 Service  (Verified) Autodesk
cmd.exe  2,172 K 3,420 K 3900 Windows Command Processor Microsoft Corporation (Verified) Microsoft Windows
clear.fiMovieService.exe  3,860 K 8,000 K 2776 clear.fi Movie Resident Program CyberLink Corp. (Verified) CyberLink
clear.fiAgent.exe  2,448 K 716 K 2132 clear.fi Resident Program CyberLink Corp. (Verified) CyberLink
atiesrxx.exe  1,420 K 4,140 K 920 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe  2,152 K 6,104 K 1308 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
armsvc.exe  1,188 K 3,816 K 1764 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
AdobeARM.exe  3,692 K 12,584 K 2964 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems

#35
RKinner

Posted 17 December 2014 - 04:56 PM

Malware Expert

Expert
24,625 posts

Might have been the hosts file since that's all we really changed.

Let's run SFC to make sure things are good.

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint? IF it says it couldn't fix everything then:

Copy the next two lines:

findstr /c:"[SR]" \windows\logs\cbs\cbs.log > \windows\logs\cbs\junk.txt

notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue. Right click and Paste or Edit then Paste and the copied line should appear.

Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)

IF SFC does not complain that it couldn't fix all of the files then you can skip the above.

1. Please download the Event Viewer Tool by Vino Rosso

http://images.malwar...om/vino/VEW.exe

and save it to your Desktop:

2. Right-click VEW.exe and Run AS Administrator

3. Under 'Select log to query', select:

* System

4. Under 'Select type to list', select:

* Error

* Warning

Then use the 'Number of events' as follows:

1. Click the radio button for 'Number of events'

Type 20 in the 1 to 20 box

Then click the Run button.

Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application.

#36
faithnhope77

Posted 17 December 2014 - 06:21 PM

Member

Topic Starter
Member
69 posts

The windows SFC report corrupt files found and repaired.

The VEW system log:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/12/2014 4:14:30 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/12/2014 11:16:00 PM
Type: Error Category: 0
Event: 7026 Source: Service Control Manager
The following boot-start or system-start driver(s) failed to load: AFS

Log: 'System' Date/Time: 17/12/2014 11:15:36 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HOSTS Anti-PUPs service failed to start due to the following error: The system cannot find the file specified.

Log: 'System' Date/Time: 17/12/2014 11:14:28 PM
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 17/12/2014 11:15:29 PM
Type: Warning Category: 0
Event: 11 Source: Microsoft-Windows-Wininit
Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications.

#37
faithnhope77

Posted 17 December 2014 - 06:23 PM

Member

Topic Starter
Member
69 posts

And the VEW Application log:

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 17/12/2014 4:21:52 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 17/12/2014 11:16:01 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#38
RKinner

Posted 17 December 2014 - 07:06 PM

Malware Expert

Expert
24,625 posts

Let's run FRST so I can see who the anti-pup service belongs to:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. (You need the 64 bit version) If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

You need to update the AFS.SYS driver. This is Audio File System I think so look on your Acer support site and see if they have a new audio driver for you.

I just remember you were out of space so that might have been the problem too. Did you ever get defrag to run?

#39
faithnhope77

Posted 17 December 2014 - 07:46 PM

Member

Topic Starter
Member
69 posts

FRST Log:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
Ran by Harris Home (administrator) on HARRISHOME-PC on 17-12-2014 17:41:34
Running from C:\Users\Harris Home\Desktop
Loaded Profile: Harris Home (Available profiles: Harris Home)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-10] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-03-28] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\RunOnce: [Adobe Speed Launcher] => 1418858155
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL =
SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {F11DDC78-AB64-46AA-8F80-F9122ECA7A5D} URL = http://search.whites...am={SearchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Harris Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]

Chrome:
=======
CHR Profile: C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (AdBlock) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-31]
CHR Extension: (Avast Online Security) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-16]
CHR Extension: (Google Wallet) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [aaaaichncbpejfjililmiahnkdmfggff] - C:\Users\Harris Home\AppData\Local\catalinagroupltdmoviestoolbarha\GC\toolbar.crx [2013-09-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-16] (Avast Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2013-02-05] (Oak Technology Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-16] (Avast Software)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 17:41 - 2014-12-17 17:42 - 00020439 _____ () C:\Users\Harris Home\Desktop\FRST.txt
2014-12-17 17:41 - 2014-12-17 17:41 - 00000000 ____D () C:\FRST
2014-12-17 17:39 - 2014-12-17 17:39 - 02121216 _____ (Farbar) C:\Users\Harris Home\Desktop\FRST64.exe
2014-12-17 16:14 - 2014-12-17 16:21 - 00000913 _____ () C:\VEW.txt
2014-12-17 16:12 - 2014-12-17 16:12 - 00061440 _____ ( ) C:\Users\Harris Home\Desktop\VEW.exe
2014-12-17 14:20 - 2014-12-17 14:20 - 00009972 _____ () C:\Users\Harris Home\Desktop\System Idle Process 1.TXT
2014-12-16 19:55 - 2014-12-16 19:55 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-55-49.019-aswFe.exe-4176.log
2014-12-16 19:55 - 2014-12-16 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-55-42.085-AvastVBoxSVC.exe-4852.log
2014-12-16 19:47 - 2014-12-16 19:47 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-47-53.019-aswFe.exe-5580.log
2014-12-16 19:47 - 2014-12-16 19:47 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-47-46.041-AvastVBoxSVC.exe-3580.log
2014-12-16 19:37 - 2014-12-16 19:37 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-37-55.019-aswFe.exe-3740.log
2014-12-16 19:35 - 2014-12-16 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-35-00.065-aswFe.exe-5108.log
2014-12-16 19:34 - 2014-12-16 19:34 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-34-53.079-AvastVBoxSVC.exe-4784.log
2014-12-16 19:25 - 2014-12-16 19:25 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\AVAST Software
2014-12-16 19:24 - 2014-12-16 19:24 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-16 19:23 - 2014-12-17 12:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-16 19:23 - 2014-12-16 19:23 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-16 19:23 - 2014-12-16 19:23 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-16 19:23 - 2014-12-16 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-16 19:23 - 2014-12-16 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-16 19:21 - 2014-12-16 19:21 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-16 18:59 - 2014-12-16 18:59 - 00896048 _____ () C:\Users\Harris Home\Desktop\Norton_Removal_Tool.exe
2014-12-16 12:00 - 2014-12-16 12:00 - 00009962 _____ () C:\Users\Harris Home\Desktop\OTL 12162014_112625.txt
2014-12-15 22:17 - 2014-12-15 22:17 - 00000385 _____ () C:\Users\Harris Home\Desktop\grant perms.txt
2014-12-15 21:28 - 2014-12-15 21:28 - 00000000 ____D () C:\Users\Harris Home\Desktop\GrantPerms
2014-12-15 21:27 - 2014-12-15 21:27 - 00453083 _____ () C:\Users\Harris Home\Desktop\GrantPerms.zip
2014-12-15 20:41 - 2014-12-15 21:30 - 00000000 ____D () C:\Users\Harris Home\Desktop\HostsXpert
2014-12-15 20:41 - 2014-12-15 20:30 - 00357766 _____ () C:\Users\Harris Home\Desktop\HostsXpert.zip
2014-12-14 22:15 - 2014-12-14 22:15 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras20141214.Txt
2014-12-14 22:14 - 2014-12-14 22:14 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL20141214.Txt
2014-12-14 22:13 - 2014-12-14 22:13 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras.Txt
2014-12-14 21:17 - 2014-12-14 21:17 - 00011192 _____ () C:\junk.txt
2014-12-14 15:00 - 2014-12-14 14:56 - 04890736 _____ (Piriform Ltd) C:\Users\Harris Home\Desktop\spsetup126.exe
2014-12-14 15:00 - 2014-12-14 14:53 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\procexp.exe
2014-12-13 13:51 - 2014-12-13 13:51 - 00129706 _____ () C:\Users\Harris Home\Desktop\OTL20141213.Txt
2014-12-13 13:40 - 2014-12-14 22:09 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL.Txt
2014-12-13 12:25 - 2014-12-13 12:25 - 00000000 ____D () C:\SUPERDelete
2014-12-13 12:23 - 2014-12-17 04:23 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job
2014-12-13 12:23 - 2014-12-16 12:00 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-12-13 12:23 - 2014-12-13 12:23 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323
2014-12-13 12:23 - 2014-12-13 12:23 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\SUPERAntiSpyware.com
2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-12-13 12:21 - 2014-12-13 12:16 - 20695712 _____ (SUPERAntiSpyware) C:\Users\Harris Home\Desktop\SAS_3311527.EXE
2014-12-13 12:21 - 2014-12-13 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Harris Home\Desktop\OTL.exe
2014-12-12 17:54 - 2014-12-13 03:53 - 00000000 ____D () C:\VIPRERESCUE
2014-12-12 17:54 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys
2014-12-12 17:54 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys
2014-12-12 17:49 - 2014-12-12 17:51 - 185020416 _____ () C:\Users\Harris Home\Desktop\VIPRERescue35652.exe
2014-12-11 12:54 - 2014-12-17 02:18 - 00585652 _____ () C:\Windows\PFRO.log
2014-12-11 10:38 - 2014-12-11 10:38 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Google
2014-12-11 09:29 - 2014-12-16 19:21 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-11 07:41 - 2014-12-17 15:15 - 00001288 _____ () C:\Windows\setupact.log
2014-12-11 07:41 - 2014-12-11 07:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-11 07:38 - 2014-12-11 07:38 - 00028428 _____ () C:\Users\Harris Home\Documents\cc_20141211_073843.reg
2014-12-10 14:16 - 2014-12-10 14:16 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 20:52 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 20:52 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 17:25 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 17:25 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 17:25 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 17:25 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 17:25 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 17:25 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 17:25 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 17:25 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 17:25 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 17:25 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 17:25 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 17:25 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 17:25 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 17:25 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 17:25 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 17:25 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 17:25 - 2014-11-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-09 17:25 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 17:25 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 17:25 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 17:25 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 17:25 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 17:25 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 17:25 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 17:25 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 17:25 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 17:25 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 17:25 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 17:25 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 17:25 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 17:25 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 17:25 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 17:25 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 17:25 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 17:25 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 17:25 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 17:25 - 2014-11-21 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-09 17:25 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 17:25 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 17:25 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 17:25 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 17:25 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 17:25 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 17:25 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 17:25 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 17:25 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 17:25 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 17:25 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 17:25 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 17:25 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 17:25 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 17:25 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 17:25 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 17:25 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 17:25 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 17:25 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 17:25 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 17:25 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 17:25 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 17:25 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 17:25 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 17:25 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 17:25 - 2014-10-29 18:04 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-09 17:25 - 2014-10-29 17:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 17:24 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 17:24 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 17:24 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 17:24 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 17:24 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 17:24 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 17:24 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 17:24 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 17:24 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 17:24 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 17:24 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 17:24 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 17:24 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 17:24 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-07 20:09 - 2014-12-07 20:09 - 00015106 _____ () C:\Users\Harris Home\Documents\cc_20141207_200930.reg
2014-12-05 11:29 - 2014-12-05 11:29 - 00056417 _____ () C:\Users\Harris Home\Documents\harris ppe 20141129.htm
2014-12-05 11:29 - 2014-12-05 11:29 - 00000000 ____D () C:\Users\Harris Home\Documents\harris ppe 20141129_files
2014-11-28 12:19 - 2014-11-28 12:19 - 00000323 _____ () C:\Users\Harris Home\Desktop\HP OfficeJet 4620 series Printer Firmware Update.url
2014-11-23 17:52 - 2014-11-28 15:11 - 00000000 ____D () C:\Users\Harris Home\Desktop\Resumes
2014-11-21 11:26 - 2014-11-21 11:26 - 01562175 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-11-21 11:09 - 2014-11-21 11:09 - 00000000 ____D () C:\NPE
2014-11-21 11:04 - 2014-11-21 11:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\NPE
2014-11-21 10:56 - 2014-11-21 10:56 - 00003256 _____ () C:\Users\Harris Home\Documents\cc_20141121_105625.reg
2014-11-21 10:18 - 2014-11-21 10:18 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\{1A82C459-8EBB-4015-A29E-53AF65772610}
2014-11-21 09:52 - 2014-12-15 14:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-21 09:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 09:52 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 09:20 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-21 09:20 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-21 09:20 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-21 09:20 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-17 17:23 - 2014-01-13 18:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-17 17:16 - 2013-08-27 19:05 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Akamai
2014-12-17 16:50 - 2013-08-08 15:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-17 15:21 - 2011-11-25 01:54 - 01530942 _____ () C:\Windows\WindowsUpdate.log
2014-12-17 15:17 - 2012-02-19 16:37 - 00000000 ____D () C:\ProgramData\clear.fi
2014-12-17 15:15 - 2013-08-08 15:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-17 15:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-17 12:42 - 2012-04-09 10:00 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DBA64999-5666-45EA-BB5B-0E31C915FF61}
2014-12-17 03:01 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-16 19:04 - 2012-04-09 06:45 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-12-16 19:04 - 2012-04-09 06:43 - 00000000 ____D () C:\ProgramData\Norton
2014-12-16 07:25 - 2012-06-09 06:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\CrashDumps
2014-12-14 17:30 - 2013-07-01 18:06 - 00003072 ___SH () C:\Users\Harris Home\Thumbs.db
2014-12-13 12:22 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-13 03:56 - 2013-11-14 09:53 - 00000000 ____D () C:\Users\Harris Home\Documents\plug in for DRM removal
2014-12-13 03:56 - 2013-03-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
2014-12-11 13:18 - 2012-09-12 16:19 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-11 10:38 - 2012-09-19 13:19 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Google
2014-12-11 10:01 - 2012-09-19 13:20 - 00000000 ____D () C:\Program Files\Google
2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\ProgramData\Google
2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-10 14:16 - 2014-05-08 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 21:03 - 2012-02-20 10:05 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 21:01 - 2013-08-13 16:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 20:55 - 2012-02-25 17:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 20:50 - 2013-03-14 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-09 20:23 - 2014-01-13 18:55 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 20:23 - 2014-01-13 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 20:23 - 2014-01-13 18:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-07 17:32 - 2013-12-03 09:36 - 00000000 ____D () C:\ID Vault
2014-12-05 11:25 - 2013-05-23 12:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\HpUpdate
2014-12-01 08:41 - 2014-05-13 07:00 - 00000000 ____D () C:\Users\Harris Home\Documents\mike work docs
2014-11-23 10:26 - 2012-08-23 20:31 - 00000000 ____D () C:\Users\Harris Home\Documents\My Digital Editions
2014-11-23 09:59 - 2014-08-07 11:55 - 00000000 ____D () C:\Users\Harris Home\Documents\My Kindle Content
2014-11-21 16:01 - 2009-07-13 21:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-21 09:52 - 2012-09-12 16:20 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Malwarebytes
2014-11-21 09:52 - 2012-09-12 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-21 06:14 - 2012-09-12 16:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\Harris Home\hpothb07.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-12-16 13:57

==================== End Of Log ============================

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
Ran by Harris Home at 2014-12-17 17:43:07
Running from C:\Users\Harris Home\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

clear.fi (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden
3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)
Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Kindle (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Amazon Kindle) (Version: - Amazon)
Any Video Converter Professional 2.7.3 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{95F2E76E-230E-BB48-3F15-E4A7F6050962}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)
AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden
AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)
Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)
Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)
Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden
Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
Autodesk Revit Structure 2012 (HKLM\...\Autodesk Revit Structure 2012) (Version: 11.03.09231 - Autodesk)
Autodesk SketchBookExpress 2011 (HKLM-x32\...\{AF322EC1-3499-45FD-9EDD-DCC7FD5C18DF}) (Version: 5.00.0000 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bigasoft iPod Transfer 1.5.10.3783 (HKLM-x32\...\{16594695-69AA-4b4d-8A7E-723501738B09}_is1) (Version: - Bigasoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97 - WildTangent) Hidden
calibre (HKLM-x32\...\{F9BD2B85-0EF1-4ACB-86EC-A616671EEADA}) (Version: 0.9.23 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.4 - Rovi Corporation)
CinemaNow Player (x32 Version: 3.1.4 - Rovi Corporation) Hidden
clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.)
clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)
Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Disney's Mickey Mouse Preschool (HKLM-x32\...\Mickey Mouse Preschool) (Version: - )
Disney's Ready to Read with Pooh (HKLM-x32\...\Ready to Read with Pooh) (Version: - )
Disney's Winnie the Pooh Baby (HKLM-x32\...\{FED701E0-E194-11D4-B231-0050DACD394D}) (Version: - )
Disney's Winnie the Pooh Kindergarten (HKLM-x32\...\Winnie the Pooh Kindergarten) (Version: - )
Disney's Winnie the Pooh Preschool (HKLM-x32\...\Winnie the Pooh Preschool) (Version: - )
Disney's Winnie the Pooh Toddler (HKLM-x32\...\Winnie the Pooh Toddler) (Version: - )
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Fatal Illusion (HKLM-x32\...\Fatal Illusion) (Version: - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
JumpStart Phonics (HKLM-x32\...\PHONICS) (Version: - Knowledge Adventure)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.1.27456 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
OJ4620FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Princess Fashion Boutique 2 (HKLM-x32\...\{A3554902-AB4A-11D5-AA2E-0008C760B784}) (Version: - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)
Revit Structure 2012 (Version: 11.03.09231 - Autodesk) Hidden
Revit Structure 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
Ultimate EPubsoft DRM Removal 8.9.1 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.9.1 - EPUBSOFT)
Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION
Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION
Unity Web Player (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)
WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Structure 2012\Program\APIContext.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acadficn.dll (Autodesk, Inc.)

==================== Restore Points =========================

16-12-2014 19:21:00 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2014-12-16 11:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0AB2509A-82CE-4A27-83BC-D4489458EDE5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe
Task: {0F08F5F1-E963-4E4D-8BE5-5F78B41CD45F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)
Task: {12A5BF80-2E43-4E8B-9499-776461199DA9} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
Task: {1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
Task: {23A6A98A-350D-4650-A258-1ADE4A9B7711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {260E49EA-962A-47D9-BAAB-E3B8AC7D94D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {304E05D6-1B83-4F31-BC42-D22BBE021A55} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {30D9F266-A272-4B43-82A3-867B053CAC61} - System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {38338D99-5827-4186-82A0-E96E4C5BBA6D} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)
Task: {491A889A-DC33-4BF0-A120-F721F4E2E2EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {4AA3DBF7-042C-4C90-BA8A-4DE8722A579B} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {54CEAF8E-2921-45B1-A857-1250B72DF53F} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)
Task: {77BC962F-0689-4520-9BA8-77AB2046BE44} - System32\Tasks\{628B7852-061E-4FCB-8737-437987C69487} => pcalua.exe -a "C:\Users\Harris Home\Downloads\AutoCAD_2011_English_Win_32bit.exe" -d "C:\Users\Harris Home\Desktop"
Task: {8EF36EDF-CFAD-44B1-8EDD-EFA51579CF1E} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)
Task: {B16C22AA-A4FB-4097-9419-DF23D2F80537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: {BE6C1768-366F-460B-AAD8-AE525B24C88E} - System32\Tasks\AdobeAAMUpdater-1.0-HarrisHome-PC-Harris Home => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {DA049999-D4F5-4903-AE52-6793937E6CEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EBC643E5-C6C4-4B7A-8F34-51E6225060E4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)
Task: {EC32B888-EBD6-4EBA-ADD7-0287BC6774E2} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {FCE14F05-D62E-460E-ABA0-07C782CD4E70} - System32\Tasks\Test TimeTrigger => C:\Users\HARRIS~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
2009-01-21 15:45 - 2009-01-21 15:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-08-10 19:58 - 2011-08-10 19:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2013-03-28 18:43 - 2013-03-28 18:43 - 00302961 _____ () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe
2014-12-16 19:23 - 2014-12-16 19:23 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-16 19:23 - 2014-12-16 19:23 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2014-12-17 12:39 - 2014-12-17 12:39 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121701\algo.dll
2014-12-16 19:23 - 2014-12-16 19:23 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-10 19:57 - 2011-08-10 19:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2014-12-16 19:23 - 2014-12-16 19:23 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-11-25 02:06 - 2011-10-12 02:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:661DFA1C

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

========================= Accounts: ==========================

Administrator (S-1-5-21-853050829-1925703780-783890857-500 - Administrator - Disabled)
Guest (S-1-5-21-853050829-1925703780-783890857-501 - Limited - Enabled)
Harris Home (S-1-5-21-853050829-1925703780-783890857-1000 - Administrator - Enabled) => C:\Users\Harris Home
HomeGroupUser$ (S-1-5-21-853050829-1925703780-783890857-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: F:\
Description: Multi-Card
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/17/2014 05:16:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (12/17/2014 05:15:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.

Error: (12/17/2014 03:16:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (12/17/2014 03:16:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (12/17/2014 03:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HOSTS Anti-PUPs service failed to start due to the following error:
%%2

Error: (12/17/2014 03:14:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon™ HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 3579.27 MB
Available physical RAM: 1873.6 MB
Total Pagefile: 7156.71 MB
Available Pagefile: 5156.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:242.17 GB) NTFS
Drive h: (OneTouch 4) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C317959C)
Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 4F5554FD)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Looking for Driver now...

#40
RKinner

Posted 17 December 2014 - 08:32 PM

Malware Expert

Expert
24,625 posts

Download the attached fixlist.txt to the same location as FRST

Run FRST and press Fix

A fix log will be generated please post that. Run FRST again, check the Additions box and then Scan. You will get two logs. Post them both.

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

#41
faithnhope77

Posted 17 December 2014 - 08:44 PM

Member

Topic Starter
Member
69 posts

ok. Acer support is pretty basic. I can't even find listings for drivers for my system, only the 32 bit version. Even then, they list a Realtek Audio Driver as a zip file. I downloaded that, unzipped and searched and can't find anything that resembles AFS. Any other ideas? I also tried searching the support site and got no results found.

#42
RKinner

Posted 17 December 2014 - 10:20 PM

Malware Expert

Expert
24,625 posts

Give me the model number and service tag (if any). Let me look.

It says AFS is not running. Perhaps we do not need it. Is the audio working? In which case we can just turn it off and not worry about it.

Get autoruns from

http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin. File, Save, to your desktop, autoruns.arn, OK. This file is normally a bit over the forum size limit so will need to be zipped. If you do not have win-zip or 7-zip then get 7-zip from

http://www.7-zip.org/download.html

Download, Save and Run the appropriate msi file for your PC. You want this one:64-bit x64 7-Zip for 64-bit Windows x64 (Intel 64 or AMD64)

Once you have installed you can then right click on autoruns.arn then click on 7-zip, Add to autoruns.zip. It should put the autoruns.zip file in the same directory. Attach it.

#43
faithnhope77

Posted 17 December 2014 - 10:53 PM

Member

Topic Starter
Member
69 posts

http://us.acer.com/a...content/drivers

is the page I was at. I have an "Acer Aspire X1430G." The full ID on the sticker says AX1430G-UW30P but at the Acer site, it came up as what I quoted in the previous sentence. Do you want/need the SN or SNID? I am running your previous instructions now.

Youtube plays videos, Hulu says is needs flash player 10.1.53.65 or higher which I tried to install and Adobe said was successful but the videos still didn't play, Netflix says I need MS Silverlight which I tried to download and it (Netflix) said I already had a more current version installed.

Edited by faithnhope77, 17 December 2014 - 11:02 PM.

#44
faithnhope77

Posted 17 December 2014 - 11:07 PM

Member

Topic Starter
Member
69 posts

first FRST fix log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-12-2014
Ran by Harris Home at 2014-12-17 21:04:23 Run:1
Running from C:\Users\Harris Home\Desktop
Loaded Profile: Harris Home (Available profiles: Harris Home)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [HOSTS Anti-Adware_PUPs] => C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe [302961 2013-03-28] ()
SearchScopes: HKLM -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
SearchScopes: HKLM-x32 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL = http://dts.search.as...&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {52db1893-8a90-4192-aede-08e00b8f8484} URL =
SearchScopes: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> {F11DDC78-AB64-46AA-8F80-F9122ECA7A5D} URL = http://search.whites...am={SearchTerms}
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
S2 HOSTS Anti-PUPs; C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe -update [X]
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 MREMP50; \??\C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs
Task: {0AB2509A-82CE-4A27-83BC-D4489458EDE5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\WSCStub.exe
Task: {12A5BF80-2E43-4E8B-9499-776461199DA9} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
Task: {1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.6.0.32\SymErr.exe
Task: {304E05D6-1B83-4F31-BC42-D22BBE021A55} - System32\Tasks\IHUninstallTrackingTASK => CMD
Task: {4AA3DBF7-042C-4C90-BA8A-4DE8722A579B} - System32\Tasks\IHSelfDeleteTASK => CMD
Task: {FCE14F05-D62E-460E-ABA0-07C782CD4E70} - System32\Tasks\Test TimeTrigger => C:\Users\HARRIS~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
AntiLog32

*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HOSTS Anti-Adware_PUPs => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
"HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-853050829-1925703780-783890857-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key deleted successfully.
"HKCR\CLSID\{52db1893-8a90-4192-aede-08e00b8f8484}" => Key not found.
"HKU\S-1-5-21-853050829-1925703780-783890857-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F11DDC78-AB64-46AA-8F80-F9122ECA7A5D}" => Key deleted successfully.
"HKCR\CLSID\{F11DDC78-AB64-46AA-8F80-F9122ECA7A5D}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}" => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key deleted successfully.
HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
"HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\MozillaPlugins\wacom.com/WacomTabletPlugin" => Key deleted successfully.
C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll not found.
HOSTS Anti-PUPs => Service deleted successfully.
AntiLog32 => Service deleted successfully.
MREMP50 => Service deleted successfully.
MREMP50a64 => Service deleted successfully.
MREMPR5 => Service deleted successfully.
MRENDIS5 => Service deleted successfully.
MRESP50 => Service deleted successfully.
MRESP50a64 => Service deleted successfully.
C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AB2509A-82CE-4A27-83BC-D4489458EDE5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AB2509A-82CE-4A27-83BC-D4489458EDE5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton WSC Integration => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12A5BF80-2E43-4E8B-9499-776461199DA9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12A5BF80-2E43-4E8B-9499-776461199DA9}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Security Suite\Norton Error Processor => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Processor" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1AAF7BA3-1DE6-45DF-92BE-4427F02A6E85}" => Key deleted successfully.
C:\Windows\System32\Tasks\Norton Security Suite\Norton Error Analyzer => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Security Suite\Norton Error Analyzer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{304E05D6-1B83-4F31-BC42-D22BBE021A55}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{304E05D6-1B83-4F31-BC42-D22BBE021A55}" => Key deleted successfully.
C:\Windows\System32\Tasks\IHUninstallTrackingTASK => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHUninstallTrackingTASK" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4AA3DBF7-042C-4C90-BA8A-4DE8722A579B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA3DBF7-042C-4C90-BA8A-4DE8722A579B}" => Key deleted successfully.
C:\Windows\System32\Tasks\IHSelfDeleteTASK => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IHSelfDeleteTASK" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCE14F05-D62E-460E-ABA0-07C782CD4E70}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCE14F05-D62E-460E-ABA0-07C782CD4E70}" => Key deleted successfully.
C:\Windows\System32\Tasks\Test TimeTrigger => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Test TimeTrigger" => Key deleted successfully.
AntiLog32 => Error: No automatic fix found for this entry.

==== End of Fixlog ====

#45
faithnhope77

Posted 17 December 2014 - 11:13 PM

Member

Topic Starter
Member
69 posts

^{second FRST log:}

^{Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014

Ran by Harris Home (administrator) on HARRISHOME-PC on 17-12-2014 21:08:19

Running from C:\Users\Harris Home\Desktop

Loaded Profile: Harris Home (Available profiles: Harris Home)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/}

^{==================== Processes (Whitelisted) =================}

^{(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)}

^{(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe

() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe

() C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe

(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe

(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe}

^{==================== Registry (Whitelisted) ==================}

^{(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)}

^{HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-10] (Realtek Semiconductor)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-24] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-10] ()

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)

HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-28] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-28] (Egis Technology Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-16] (AVAST Software)

HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)

HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Harris Home\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)

HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\RunOnce: [Adobe Speed Launcher] => 1418858155

HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk

ShortcutTarget: hpoddt01.exe.lnk -> C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe (Hewlett-Packard)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)}

^{==================== Internet (Whitelisted) ====================}

^{(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)}

^{HKU\S-1-5-21-853050829-1925703780-783890857-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKU\S-1-5-21-853050829-1925703780-783890857-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab

DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76}

^{FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31010.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll (Dassault Systèmes)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-853050829-1925703780-783890857-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Harris Home\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-16]}

^{Chrome:

=======

CHR Profile: C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]

CHR Extension: (AdBlock) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-31]

CHR Extension: (Avast Online Security) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-12-16]

CHR Extension: (Google Wallet) - C:\Users\Harris Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-23]

CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path

CHR HKLM-x32\...\Chrome\Extension: [aaaaichncbpejfjililmiahnkdmfggff] - C:\Users\Harris Home\AppData\Local\catalinagroupltdmoviestoolbarha\GC\toolbar.crx [2013-09-10]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-16]

CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path}

^{==================== Services (Whitelisted) =================}

^{(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)}

^{R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [18656 2011-02-02] ()

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-16] (AVAST Software)

R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-16] (Avast Software)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)}

^{==================== Drivers (Whitelisted) ====================}

^{(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)}

^{S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [77004 2013-02-05] (Oak Technology Inc.) [File not signed]

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-16] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-16] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-16] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-16] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-16] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-16] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-16] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-16] ()

S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)

S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-15] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-16] (Avast Software)}

^{==================== NetSvcs (Whitelisted) ===================}

^{(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)}

^{==================== One Month Created Files and Folders ========}

^{(If an entry is included in the fixlist, the file\folder will be moved.)}

^{2014-12-17 20:55 - 2014-12-17 20:55 - 01707646 _____ (Thisisu) C:\Users\Harris Home\Desktop\JRT.exe

2014-12-17 20:55 - 2014-12-17 20:55 - 00593080 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\autoruns.exe

2014-12-17 18:21 - 2014-12-17 18:21 - 00000000 ____D () C:\Users\Harris Home\Desktop\Audio_Realtek_6.0.1.6242_W7x86x64

2014-12-17 18:20 - 2014-12-17 18:21 - 108033189 _____ () C:\Users\Harris Home\Desktop\Audio_Realtek_6.0.1.6242_W7x86W7x64_A.zip

2014-12-17 17:43 - 2014-12-17 17:44 - 00034628 _____ () C:\Users\Harris Home\Desktop\Addition.txt

2014-12-17 17:41 - 2014-12-17 21:08 - 00018202 _____ () C:\Users\Harris Home\Desktop\FRST.txt

2014-12-17 17:41 - 2014-12-17 21:08 - 00000000 ____D () C:\FRST

2014-12-17 17:39 - 2014-12-17 17:39 - 02121216 _____ (Farbar) C:\Users\Harris Home\Desktop\FRST64.exe

2014-12-17 16:14 - 2014-12-17 16:21 - 00000913 _____ () C:\VEW.txt

2014-12-17 16:12 - 2014-12-17 16:12 - 00061440 _____ ( ) C:\Users\Harris Home\Desktop\VEW.exe

2014-12-17 14:20 - 2014-12-17 14:20 - 00009972 _____ () C:\Users\Harris Home\Desktop\System Idle Process 1.TXT

2014-12-16 19:55 - 2014-12-16 19:55 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-55-49.019-aswFe.exe-4176.log

2014-12-16 19:55 - 2014-12-16 19:55 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-55-42.085-AvastVBoxSVC.exe-4852.log

2014-12-16 19:47 - 2014-12-16 19:47 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-47-53.019-aswFe.exe-5580.log

2014-12-16 19:47 - 2014-12-16 19:47 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-47-46.041-AvastVBoxSVC.exe-3580.log

2014-12-16 19:37 - 2014-12-16 19:37 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-37-55.019-aswFe.exe-3740.log

2014-12-16 19:35 - 2014-12-16 19:35 - 00000247 _____ () C:\Windows\system32\2014-12-17-03-35-00.065-aswFe.exe-5108.log

2014-12-16 19:34 - 2014-12-16 19:34 - 00000197 _____ () C:\Windows\system32\2014-12-17-03-34-53.079-AvastVBoxSVC.exe-4784.log

2014-12-16 19:25 - 2014-12-16 19:25 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\AVAST Software

2014-12-16 19:24 - 2014-12-16 19:24 - 00001968 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\SysWOW64\vbox

2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\Windows\system32\vbox

2014-12-16 19:24 - 2014-12-16 19:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

2014-12-16 19:23 - 2014-12-17 12:38 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2014-12-16 19:23 - 2014-12-16 19:23 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-12-16 19:23 - 2014-12-16 19:23 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-12-16 19:23 - 2014-12-16 19:23 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-12-16 19:23 - 2014-12-16 19:23 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-12-16 19:21 - 2014-12-16 19:21 - 00000000 ____D () C:\Program Files\AVAST Software

2014-12-16 18:59 - 2014-12-16 18:59 - 00896048 _____ () C:\Users\Harris Home\Desktop\Norton_Removal_Tool.exe

2014-12-16 12:00 - 2014-12-16 12:00 - 00009962 _____ () C:\Users\Harris Home\Desktop\OTL 12162014_112625.txt

2014-12-15 22:17 - 2014-12-15 22:17 - 00000385 _____ () C:\Users\Harris Home\Desktop\grant perms.txt

2014-12-15 21:28 - 2014-12-15 21:28 - 00000000 ____D () C:\Users\Harris Home\Desktop\GrantPerms

2014-12-15 21:27 - 2014-12-15 21:27 - 00453083 _____ () C:\Users\Harris Home\Desktop\GrantPerms.zip

2014-12-15 20:41 - 2014-12-15 21:30 - 00000000 ____D () C:\Users\Harris Home\Desktop\HostsXpert

2014-12-15 20:41 - 2014-12-15 20:30 - 00357766 _____ () C:\Users\Harris Home\Desktop\HostsXpert.zip

2014-12-14 22:15 - 2014-12-14 22:15 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras20141214.Txt

2014-12-14 22:14 - 2014-12-14 22:14 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL20141214.Txt

2014-12-14 22:13 - 2014-12-14 22:13 - 00115196 _____ () C:\Users\Harris Home\Desktop\Extras.Txt

2014-12-14 21:17 - 2014-12-14 21:17 - 00011192 _____ () C:\junk.txt

2014-12-14 15:00 - 2014-12-14 14:56 - 04890736 _____ (Piriform Ltd) C:\Users\Harris Home\Desktop\spsetup126.exe

2014-12-14 15:00 - 2014-12-14 14:53 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Harris Home\Desktop\procexp.exe

2014-12-13 13:51 - 2014-12-13 13:51 - 00129706 _____ () C:\Users\Harris Home\Desktop\OTL20141213.Txt

2014-12-13 13:40 - 2014-12-14 22:09 - 00143348 _____ () C:\Users\Harris Home\Desktop\OTL.Txt

2014-12-13 12:25 - 2014-12-13 12:25 - 00000000 ____D () C:\SUPERDelete

2014-12-13 12:23 - 2014-12-17 20:23 - 00000522 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job

2014-12-13 12:23 - 2014-12-17 20:23 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2014-12-13 12:23 - 2014-12-13 12:23 - 00003544 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323

2014-12-13 12:23 - 2014-12-13 12:23 - 00001812 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk

2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\SUPERAntiSpyware.com

2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2014-12-13 12:23 - 2014-12-13 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2014-12-13 12:21 - 2014-12-13 12:16 - 20695712 _____ (SUPERAntiSpyware) C:\Users\Harris Home\Desktop\SAS_3311527.EXE

2014-12-13 12:21 - 2014-12-13 12:12 - 00602112 _____ (OldTimer Tools) C:\Users\Harris Home\Desktop\OTL.exe

2014-12-12 17:54 - 2014-12-13 03:53 - 00000000 ____D () C:\VIPRERESCUE

2014-12-12 17:54 - 2013-09-04 13:57 - 00031264 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiutil.sys

2014-12-12 17:54 - 2013-05-23 07:39 - 00041032 _____ (ThreatTrack Security) C:\Windows\system32\Drivers\gfiark.sys

2014-12-12 17:49 - 2014-12-12 17:51 - 185020416 _____ () C:\Users\Harris Home\Desktop\VIPRERescue35652.exe

2014-12-11 12:54 - 2014-12-17 02:18 - 00585652 _____ () C:\Windows\PFRO.log

2014-12-11 10:38 - 2014-12-11 10:38 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Google

2014-12-11 09:29 - 2014-12-16 19:21 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-12-11 07:41 - 2014-12-17 15:15 - 00001288 _____ () C:\Windows\setupact.log

2014-12-11 07:41 - 2014-12-11 07:41 - 00000000 _____ () C:\Windows\setuperr.log

2014-12-11 07:38 - 2014-12-11 07:38 - 00028428 _____ () C:\Users\Harris Home\Documents\cc_20141211_073843.reg

2014-12-10 14:16 - 2014-12-10 14:16 - 00000000 ____D () C:\Windows\system32\appraiser

2014-12-09 20:52 - 2014-10-17 18:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll

2014-12-09 20:52 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-12-09 17:25 - 2014-12-03 18:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2014-12-09 17:25 - 2014-12-03 18:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-12-09 17:25 - 2014-12-01 15:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe

2014-12-09 17:25 - 2014-11-26 17:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-12-09 17:25 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-12-09 17:25 - 2014-11-21 19:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-12-09 17:25 - 2014-11-21 19:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-12-09 17:25 - 2014-11-21 19:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-12-09 17:25 - 2014-11-21 18:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-12-09 17:25 - 2014-11-21 18:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-12-09 17:25 - 2014-11-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-12-09 17:25 - 2014-11-21 18:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-12-09 17:25 - 2014-11-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-12-09 17:25 - 2014-11-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-12-09 17:25 - 2014-11-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-12-09 17:25 - 2014-11-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-12-09 17:25 - 2014-11-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-12-09 17:25 - 2014-11-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-12-09 17:25 - 2014-11-21 18:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-12-09 17:25 - 2014-11-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-12-09 17:25 - 2014-11-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-12-09 17:25 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-12-09 17:25 - 2014-11-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-12-09 17:25 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-12-09 17:25 - 2014-11-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-12-09 17:25 - 2014-11-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-12-09 17:25 - 2014-11-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-12-09 17:25 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-12-09 17:25 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-12-09 17:25 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-12-09 17:25 - 2014-11-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-12-09 17:25 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-12-09 17:25 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-12-09 17:25 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-12-09 17:25 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-12-09 17:25 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-12-09 17:25 - 2014-11-21 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-12-09 17:25 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-12-09 17:25 - 2014-11-21 17:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-12-09 17:25 - 2014-11-21 17:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-12-09 17:25 - 2014-11-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-12-09 17:25 - 2014-11-21 17:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-12-09 17:25 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-12-09 17:25 - 2014-11-21 17:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-12-09 17:25 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-12-09 17:25 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-12-09 17:25 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-12-09 17:25 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-12-09 17:25 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-12-09 17:25 - 2014-11-21 17:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-12-09 17:25 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-12-09 17:25 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-12-09 17:25 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-12-09 17:25 - 2014-11-21 17:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-12-09 17:25 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-12-09 17:25 - 2014-11-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-12-09 17:25 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-12-09 17:25 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-12-09 17:25 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-12-09 17:25 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2014-12-09 17:25 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll

2014-12-09 17:25 - 2014-11-10 17:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys

2014-12-09 17:25 - 2014-10-29 18:04 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-12-09 17:25 - 2014-10-29 17:46 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-12-09 17:24 - 2014-11-07 19:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-12-09 17:24 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-12-09 17:24 - 2014-10-29 18:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe

2014-12-09 17:24 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe

2014-12-09 17:24 - 2014-10-02 18:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll

2014-12-09 17:24 - 2014-10-02 18:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll

2014-12-09 17:24 - 2014-10-02 18:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll

2014-12-09 17:24 - 2014-10-02 18:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll

2014-12-09 17:24 - 2014-10-02 18:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe

2014-12-09 17:24 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll

2014-12-09 17:24 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll

2014-12-09 17:24 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll

2014-12-09 17:24 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll

2014-12-09 17:24 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe

2014-12-07 20:09 - 2014-12-07 20:09 - 00015106 _____ () C:\Users\Harris Home\Documents\cc_20141207_200930.reg

2014-12-05 11:29 - 2014-12-05 11:29 - 00056417 _____ () C:\Users\Harris Home\Documents\harris ppe 20141129.htm

2014-12-05 11:29 - 2014-12-05 11:29 - 00000000 ____D () C:\Users\Harris Home\Documents\harris ppe 20141129_files

2014-11-28 12:19 - 2014-11-28 12:19 - 00000323 _____ () C:\Users\Harris Home\Desktop\HP OfficeJet 4620 series Printer Firmware Update.url

2014-11-23 17:52 - 2014-11-28 15:11 - 00000000 ____D () C:\Users\Harris Home\Desktop\Resumes

2014-11-21 11:26 - 2014-11-21 11:26 - 01562175 _____ () C:\Windows\system32\Drivers\etc\hosts.bak

2014-11-21 11:09 - 2014-11-21 11:09 - 00000000 ____D () C:\NPE

2014-11-21 11:04 - 2014-11-21 11:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\NPE

2014-11-21 10:56 - 2014-11-21 10:56 - 00003256 _____ () C:\Users\Harris Home\Documents\cc_20141121_105625.reg

2014-11-21 10:18 - 2014-11-21 10:18 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\{1A82C459-8EBB-4015-A29E-53AF65772610}

2014-11-21 09:52 - 2014-12-15 14:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-21 09:52 - 2014-12-11 13:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-11-21 09:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-11-21 09:52 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-11-21 09:20 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-21 09:20 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-21 09:20 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-21 09:20 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2014-11-18 14:56 - 2014-11-18 14:56 - 01202848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL}

^{==================== One Month Modified Files and Folders =======}

^{(If an entry is included in the fixlist, the file\folder will be moved.)}

^{2014-12-17 21:06 - 2014-10-15 15:43 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite

2014-12-17 20:50 - 2013-08-08 15:54 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-12-17 20:41 - 2014-08-19 21:16 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Adobe

2014-12-17 20:41 - 2014-01-13 18:55 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-12-17 20:41 - 2014-01-13 18:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-12-17 20:41 - 2014-01-13 18:55 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-12-17 20:41 - 2014-01-13 18:55 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-12-17 20:22 - 2011-11-25 01:54 - 01531037 _____ () C:\Windows\WindowsUpdate.log

2014-12-17 17:50 - 2013-08-08 15:54 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-12-17 17:16 - 2013-08-27 19:05 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Akamai

2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-17 15:23 - 2009-07-13 20:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-17 15:17 - 2012-02-19 16:37 - 00000000 ____D () C:\ProgramData\clear.fi

2014-12-17 15:15 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-17 12:42 - 2012-04-09 10:00 - 00003970 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DBA64999-5666-45EA-BB5B-0E31C915FF61}

2014-12-17 03:01 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache

2014-12-16 19:04 - 2012-04-09 06:45 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared

2014-12-16 19:04 - 2012-04-09 06:43 - 00000000 ____D () C:\ProgramData\Norton

2014-12-16 07:25 - 2012-06-09 06:23 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\CrashDumps

2014-12-14 17:30 - 2013-07-01 18:06 - 00003072 ___SH () C:\Users\Harris Home\Thumbs.db

2014-12-13 12:22 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-12-13 03:56 - 2013-11-14 09:53 - 00000000 ____D () C:\Users\Harris Home\Documents\plug in for DRM removal

2014-12-11 13:18 - 2012-09-12 16:19 - 00001066 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-11 10:38 - 2012-09-19 13:19 - 00000000 ____D () C:\Users\Harris Home\AppData\Local\Google

2014-12-11 10:01 - 2012-09-19 13:20 - 00000000 ____D () C:\Program Files\Google

2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\ProgramData\Google

2014-12-11 10:01 - 2012-09-19 13:19 - 00000000 ____D () C:\Program Files (x86)\Google

2014-12-10 14:16 - 2014-05-08 18:20 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-12-10 14:16 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\AppCompat

2014-12-09 21:03 - 2012-02-20 10:05 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-12-09 21:01 - 2013-08-13 16:26 - 00000000 ____D () C:\Windows\system32\MRT

2014-12-09 20:55 - 2012-02-25 17:13 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-12-09 20:50 - 2013-03-14 21:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-12-09 20:48 - 2013-03-14 21:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-12-07 17:32 - 2013-12-03 09:36 - 00000000 ____D () C:\ID Vault

2014-12-05 11:25 - 2013-05-23 12:34 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\HpUpdate

2014-12-01 08:41 - 2014-05-13 07:00 - 00000000 ____D () C:\Users\Harris Home\Documents\mike work docs

2014-11-23 10:26 - 2012-08-23 20:31 - 00000000 ____D () C:\Users\Harris Home\Documents\My Digital Editions

2014-11-23 09:59 - 2014-08-07 11:55 - 00000000 ____D () C:\Users\Harris Home\Documents\My Kindle Content

2014-11-21 16:01 - 2009-07-13 21:08 - 00032638 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-11-21 09:52 - 2012-09-12 16:20 - 00000000 ____D () C:\Users\Harris Home\AppData\Roaming\Malwarebytes

2014-11-21 09:52 - 2012-09-12 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-11-21 06:14 - 2012-09-12 16:19 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys}

^{Files to move or delete:

====================

C:\Users\Harris Home\hpothb07.dat}

^{==================== Bamital & volsnap Check =================}

^{(There is no automatic fix for files that do not pass verification.)}

^{C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed}

^{LastRegBack: 2014-12-16 13:57}

^{==================== End Of Log ============================}

^{Addition log:}

^{Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014

Ran by Harris Home at 2014-12-17 21:09:38

Running from C:\Users\Harris Home\Desktop

Boot Mode: Normal

==========================================================}

^{==================== Security Center ========================}

^{(If an entry is included in the fixlist, it will be removed.)}

^{AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}}

^{==================== Installed Programs ======================}

^{(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)}

^{clear.fi (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden

clear.fi (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden

3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)

7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated)

Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)

Action Replay DSi Code Manager (HKLM-x32\...\Action Replay DSi Code Manager_is1) (Version: - )

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)

Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)

Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.07 - Adobe Systems Incorporated)

Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Akamai) (Version: - Akamai Technologies, Inc)

Amazon Kindle (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\Amazon Kindle) (Version: - Amazon)

Any Video Converter Professional 2.7.3 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden

ATI Catalyst Install Manager (HKLM\...\{95F2E76E-230E-BB48-3F15-E4A7F6050962}) (Version: 3.0.829.0 - ATI Technologies, Inc.)

AutoCAD 2012 - English (HKLM\...\AutoCAD 2012 - English) (Version: 18.2.51.0 - Autodesk)

AutoCAD 2012 - English (Version: 18.2.51.0 - Autodesk) Hidden

AutoCAD 2012 Language Pack - English (Version: 18.2.51.0 - Autodesk) Hidden

Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)

Autodesk Content Service (HKLM-x32\...\{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}) (Version: 2.0.90 - Autodesk)

Autodesk Design Review 2012 (HKLM-x32\...\Autodesk Design Review 2012) (Version: 12.0.0.93 - Autodesk, Inc.)

Autodesk Design Review 2012 (x32 Version: 12.0.0.93 - Autodesk, Inc.) Hidden

Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)

Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden

Autodesk Inventor Fusion 2012 (HKLM\...\Autodesk Inventor Fusion 2012) (Version: 1.0.0.79 - Autodesk, Inc.)

Autodesk Inventor Fusion 2012 (Version: 1.0.0.79 - Autodesk, Inc.) Hidden

Autodesk Inventor Fusion 2012 Language Pack (Version: 1.0.0.79 - Autodesk, Inc.) Hidden

Autodesk Inventor Fusion plug-in for AutoCAD 2012 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2012) (Version: 0.0.1.138 - Autodesk)

Autodesk Inventor Fusion plug-in for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden

Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012 (Version: 0.0.1.138 - Autodesk) Hidden

Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)

Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)

Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)

Autodesk Material Library Low Resolution Image Library 2012 (HKLM-x32\...\{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}) (Version: 2.5.0.8 - Autodesk)

Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)

Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)

Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden

Autodesk Revit Structure 2012 (HKLM\...\Autodesk Revit Structure 2012) (Version: 11.03.09231 - Autodesk)

Autodesk SketchBookExpress 2011 (HKLM-x32\...\{AF322EC1-3499-45FD-9EDD-DCC7FD5C18DF}) (Version: 5.00.0000 - Autodesk)

Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bigasoft iPod Transfer 1.5.10.3783 (HKLM-x32\...\{16594695-69AA-4b4d-8A7E-723501738B09}_is1) (Version: - Bigasoft Corporation)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Build-a-lot 4 - Power Source (x32 Version: 2.2.0.97 - WildTangent) Hidden

calibre (HKLM-x32\...\{F9BD2B85-0EF1-4ACB-86EC-A616671EEADA}) (Version: 0.9.23 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)

Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden

CinemaNow Player (HKLM-x32\...\com.bby.cinemanowplayer) (Version: 3.1.4 - Rovi Corporation)

CinemaNow Player (x32 Version: 3.1.4 - Rovi Corporation) Hidden

clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.)

clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden

clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated)

Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)

Corel Painter Essentials 4 (HKLM-x32\...\_{53A908D4-99C6-469B-BC13-F4189F260742}) (Version: - Corel Corporation)

Corel Painter Essentials 4 (x32 Version: 4.2 - Corel Corporation) Hidden

Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Disney's Mickey Mouse Preschool (HKLM-x32\...\Mickey Mouse Preschool) (Version: - )

Disney's Ready to Read with Pooh (HKLM-x32\...\Ready to Read with Pooh) (Version: - )

Disney's Winnie the Pooh Baby (HKLM-x32\...\{FED701E0-E194-11D4-B231-0050DACD394D}) (Version: - )

Disney's Winnie the Pooh Kindergarten (HKLM-x32\...\Winnie the Pooh Kindergarten) (Version: - )

Disney's Winnie the Pooh Preschool (HKLM-x32\...\Winnie the Pooh Preschool) (Version: - )

Disney's Winnie the Pooh Toddler (HKLM-x32\...\Winnie the Pooh Toddler) (Version: - )

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)

Fatal Illusion (HKLM-x32\...\Fatal Illusion) (Version: - )

Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)

Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden

Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden

Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated)

HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)

HP Memories Disc (HKLM-x32\...\{B376402D-58EA-45EA-BD50-DD924EB67A70}) (Version: 1.0.4.805 - Hewlett-Packard Company)

HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)

iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)

iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.6.2375.747 - )

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden

JumpStart Phonics (HKLM-x32\...\PHONICS) (Version: - Knowledge Adventure)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31010.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)

Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden

MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden

MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden

Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG)

Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)

Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)

Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)

Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)

NOOK Study (HKLM-x32\...\NOOK Study) (Version: 2.1.1.27456 - Barnesandnoble.com)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

OJ4620FWUpdateAlert (x32 Version: 1.00.0000 - HP) Hidden

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Princess Fashion Boutique 2 (HKLM-x32\...\{A3554902-AB4A-11D5-AA2E-0008C760B784}) (Version: - )

QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.)

Revit Structure 2012 (Version: 11.03.09231 - Autodesk) Hidden

Revit Structure 2012 Language Pack - English (Version: 11.03.09231 - Autodesk) Hidden

Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden

TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)

Ultimate EPubsoft DRM Removal 8.9.1 (HKLM-x32\...\{49617AB8-5A31-44A7-95A6-BE6CE251A6F1}) (Version: 8.9.1 - EPUBSOFT)

Uninstall Helper (HKLM-x32\...\Uninstall Helper 2.0.1.0) (Version: 2.0.1.0 - InstallX, LLC) <==== ATTENTION

Uninstall Helper (x32 Version: 2.0.1.0 - InstallX, LLC) Hidden <==== ATTENTION

Unity Web Player (HKU\S-1-5-21-853050829-1925703780-783890857-1000\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)

WeatherBug (HKLM-x32\...\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}) (Version: 7.0.0.10 - Earth Networks, Inc.)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated)

WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden

Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)

Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden}

^{==================== Custom CLSID (selected items): ==========================}

^{(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)}

^{CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{083C82AE-568E-45dd-A92C-01422CA45760}\InprocServer32 -> C:\Program Files\Autodesk\Revit Structure 2012\Program\APIContext.dll (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{B77E471C-FBF3-4CB5-880F-D7528AD4B349}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acad.exe (Autodesk, Inc.)

CustomCLSID: HKU\S-1-5-21-853050829-1925703780-783890857-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2012 - English\acadficn.dll (Autodesk, Inc.)}

^{==================== Restore Points =========================}

^{16-12-2014 19:21:00 avast! antivirus system restore point}

^{==================== Hosts content: ==========================}

^{(If needed Hosts: directive could be included in the fixlist to reset Hosts.)}

^{2009-07-13 18:34 - 2014-12-16 11:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost}

^{==================== Scheduled Tasks (whitelisted) =============}

^{(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)}

^{Task: {0F08F5F1-E963-4E4D-8BE5-5F78B41CD45F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-16] (AVAST Software)

Task: {23A6A98A-350D-4650-A258-1ADE4A9B7711} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {260E49EA-962A-47D9-BAAB-E3B8AC7D94D7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)

Task: {30D9F266-A272-4B43-82A3-867B053CAC61} - System32\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: {38338D99-5827-4186-82A0-E96E4C5BBA6D} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink)

Task: {491A889A-DC33-4BF0-A120-F721F4E2E2EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {54CEAF8E-2921-45B1-A857-1250B72DF53F} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2014-09-04] (Adobe Systems Incorporated)

Task: {77BC962F-0689-4520-9BA8-77AB2046BE44} - System32\Tasks\{628B7852-061E-4FCB-8737-437987C69487} => pcalua.exe -a "C:\Users\Harris Home\Downloads\AutoCAD_2011_English_Win_32bit.exe" -d "C:\Users\Harris Home\Desktop"

Task: {8EF36EDF-CFAD-44B1-8EDD-EFA51579CF1E} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated)

Task: {B16C22AA-A4FB-4097-9419-DF23D2F80537} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-17] (Adobe Systems Incorporated)

Task: {BE6C1768-366F-460B-AAD8-AE525B24C88E} - System32\Tasks\AdobeAAMUpdater-1.0-HarrisHome-PC-Harris Home => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)

Task: {DA049999-D4F5-4903-AE52-6793937E6CEE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {EBC643E5-C6C4-4B7A-8F34-51E6225060E4} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.)

Task: {EC32B888-EBD6-4EBA-ADD7-0287BC6774E2} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 968eb133-f0d1-4d51-9d5f-99163be90323.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe}

^{==================== Loaded Modules (whitelisted) =============}

^{2011-02-02 13:08 - 2011-02-02 13:08 - 00018656 _____ () C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

2009-01-21 15:45 - 2009-01-21 15:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll

2011-08-10 19:58 - 2011-08-10 19:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe

2014-12-16 19:23 - 2014-12-16 19:23 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll

2014-12-16 19:23 - 2014-12-16 19:23 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll

2011-05-24 23:50 - 2011-05-24 23:50 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2014-12-17 12:39 - 2014-12-17 12:39 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14121701\algo.dll

2014-12-16 19:23 - 2014-12-16 19:23 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll

2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-08-10 19:57 - 2011-08-10 19:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll

2014-12-16 19:23 - 2014-12-16 19:23 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2011-11-25 02:06 - 2011-10-12 02:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll}

^{==================== Alternate Data Streams (whitelisted) =========}

^{(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)}

^{AlternateDataStreams: C:\ProgramData\Temp:661DFA1C}

^{==================== Safe Mode (whitelisted) ===================}

^{(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)}

^{==================== EXE Association (whitelisted) =============}

^{(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)}

^{==================== MSCONFIG/TASK MANAGER disabled items =========}

^{(Currently there is no automatic fix for this section.)}

^{MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime}

^{========================= Accounts: ==========================}

^{Administrator (S-1-5-21-853050829-1925703780-783890857-500 - Administrator - Disabled)

Guest (S-1-5-21-853050829-1925703780-783890857-501 - Limited - Enabled)

Harris Home (S-1-5-21-853050829-1925703780-783890857-1000 - Administrator - Enabled) => C:\Users\Harris Home

HomeGroupUser$ (S-1-5-21-853050829-1925703780-783890857-1004 - Limited - Enabled)}

^{==================== Faulty Device Manager Devices =============}

^{Name: AntiLog32

Description: AntiLog32

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer:

Service: AntiLog32

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.}

^{Name: F:\

Description: Multi-Card

Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}

Manufacturer: Generic-

Service: WUDFRd

Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)

Resolution: A registry problem was detected.

This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.}

^{==================== Event log errors: =========================}

^{Application errors:

==================

Error: (12/17/2014 05:16:08 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)

Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.}

^{Error: (12/17/2014 05:15:30 PM) (Source: MsiInstaller) (EventID: 11310) (User: HarrisHome-PC)

Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Harris Home\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.}

^{Error: (12/17/2014 03:16:01 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003}

^{System errors:

=============

Error: (12/17/2014 03:16:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

AFS}

^{Error: (12/17/2014 03:15:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The HOSTS Anti-PUPs service failed to start due to the following error:

%%2}

^{Error: (12/17/2014 03:14:28 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}}

^{Microsoft Office Sessions:

=========================}

^{==================== Memory info ===========================}

^{Processor: AMD E-450 APU with Radeon™ HD Graphics

Percentage of memory in use: 48%

Total physical RAM: 3579.27 MB

Available physical RAM: 1848.26 MB

Total Pagefile: 7156.71 MB

Available Pagefile: 5135.74 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB}

^{==================== Drives ================================}

^{Drive c: (Acer) (Fixed) (Total:911.88 GB) (Free:241.8 GB) NTFS

Drive h: (OneTouch 4) (Fixed) (Total:465.76 GB) (Free:0 GB) NTFS}

^{==================== MBR & Partition Table ==================}

^{========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C317959C)

Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=911.9 GB) - (Type=07 NTFS)}

^{========================================================

Disk: 2 (Size: 465.8 GB) (Disk ID: 4F5554FD)

Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)}

^{==================== End Of Log ============================}