Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

slow computer

Started by realapp , Feb 26 2015 08:30 PM

  • Please log in to reply

#1
realapp
Posted 26 February 2015 - 08:30 PM

realapp

    Member

  • Member
  • PipPipPip
  • 338 posts
Computer has been running slow for a while. I have Avast installed as well as malware bytes and superantispyware. Nothing shows up. Have not a clue. Any help would be greatly appreciated. Here is the OTL log. Thanks
 
 
OTL logfile created on: 2/26/2015 7:42:42 PM - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Evan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16798)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.68 Gb Total Physical Memory | 1.41 Gb Available Physical Memory | 38.34% Memory free
7.36 Gb Paging File | 4.75 Gb Available in Paging File | 64.52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 449.66 Gb Total Space | 351.51 Gb Free Space | 78.17% Space Free | Partition Type: NTFS
 
Computer Name: EVANSPC | User Name: Evan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/02/26 19:42:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Evan\Downloads\OTL (8).exe
PRC - [2015/02/15 14:57:30 | 002,694,320 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2015/02/11 15:12:44 | 005,739,680 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2015/02/10 19:12:26 | 042,555,824 | ---- | M] (Dropbox, Inc.) -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2015/02/06 19:23:34 | 005,227,112 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2015/02/06 19:21:40 | 000,104,416 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2015/02/06 18:56:45 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/11/21 06:12:46 | 007,229,752 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/09/10 12:37:16 | 000,769,696 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
PRC - [2014/02/20 18:35:51 | 001,758,160 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/11/05 11:25:45 | 004,327,728 | ---- | M] (MediaMall Technologies, Inc.) -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe
PRC - [2013/09/25 06:37:14 | 000,181,152 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/12/06 15:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 15:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/06/16 22:40:58 | 000,087,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
PRC - [2011/03/31 06:38:38 | 000,416,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2011/03/31 06:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2011/02/22 11:02:16 | 000,120,104 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011/02/22 11:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011/02/18 17:21:22 | 000,177,448 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2011/02/15 12:36:10 | 000,257,344 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
PRC - [2011/02/15 12:35:34 | 000,297,280 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2011/01/31 14:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe
PRC - [2010/09/27 20:00:56 | 000,340,336 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2010/09/17 17:10:16 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/09/17 17:10:02 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/04/13 10:57:56 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/17 22:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/03/17 22:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015/02/26 18:35:59 | 000,043,008 | ---- | M] () -- c:\Users\Evan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt0trk0.dll
MOD - [2015/02/17 16:44:57 | 009,171,272 | ---- | M] () -- C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll
MOD - [2015/02/17 16:44:53 | 001,117,512 | ---- | M] () -- C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
MOD - [2015/02/17 16:44:51 | 000,211,272 | ---- | M] () -- C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
MOD - [2015/02/15 14:58:10 | 036,730,032 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
MOD - [2015/02/11 15:12:44 | 005,739,680 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2015/02/10 15:00:30 | 000,750,080 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
MOD - [2015/02/10 15:00:30 | 000,047,616 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\libEGL.dll
MOD - [2015/02/10 15:00:28 | 000,865,280 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
MOD - [2015/02/10 15:00:28 | 000,200,704 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
MOD - [2015/02/06 18:56:48 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/05/22 19:28:09 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\06430595f137de048fb5fbe3d1530303\System.Windows.Forms.ni.dll
MOD - [2014/05/22 19:27:49 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\81c48cadb8c9a4aaf613d96972e88b44\System.Configuration.ni.dll
MOD - [2014/05/22 19:26:42 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\5e3a0c91391ae30592ac1c01090f975a\WindowsBase.ni.dll
MOD - [2014/05/14 20:09:18 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014/05/14 20:08:45 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/02/15 07:39:03 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll
MOD - [2014/02/15 07:37:17 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/15 07:36:43 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/15 07:36:33 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/15 07:36:20 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2011/12/06 15:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/22 11:01:38 | 000,206,216 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011/02/22 11:01:38 | 000,169,352 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011/02/15 12:37:10 | 000,465,640 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015/02/06 19:21:40 | 000,104,416 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2015/02/06 18:56:45 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/09/14 17:50:29 | 000,172,344 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2011/01/31 14:55:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2015/02/06 20:05:40 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/21 06:12:56 | 000,969,016 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/11/21 06:12:54 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/11/05 11:25:45 | 004,327,728 | ---- | M] (MediaMall Technologies, Inc.) [Auto | Running] -- C:\Program Files (x86)\MediaMall\MediaMallServer.exe -- (MediaMall Server)
SRV - [2013/09/25 06:37:14 | 000,181,152 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor12.0)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/26 18:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 18:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/12/06 15:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/08/09 13:28:18 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/06/16 22:40:58 | 000,087,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2011/03/31 06:38:36 | 000,352,848 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2011/02/15 12:36:10 | 000,257,344 | ---- | M] (NTI Corporation) [Auto | Running] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010/10/22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/10/12 11:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/27 19:09:54 | 000,172,912 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2010/04/13 10:57:58 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/03/17 22:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/03/17 22:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/01/08 07:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015/02/06 19:23:21 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2015/02/06 19:22:24 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2015/02/06 19:21:50 | 000,028,184 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2015/02/06 19:21:40 | 000,449,936 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdisFlt.sys -- (aswNdisFlt)
DRV:64bit: - [2015/02/06 18:56:54 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015/02/06 18:56:54 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015/02/06 18:56:54 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015/02/06 18:56:54 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015/02/06 18:56:54 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015/02/06 18:56:53 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/12/14 16:07:03 | 000,034,512 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\debutfilterx64.sys -- (debutfilter)
DRV:64bit: - [2014/11/21 06:14:22 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/11/21 06:14:08 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/07/19 03:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2013/06/26 18:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 18:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 18:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 18:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/03/05 19:28:18 | 000,028,528 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\povrtdev.sys -- (msvad_simple)
DRV:64bit: - [2013/02/11 22:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012/09/03 10:12:36 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/08 12:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/07/22 10:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 15:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/18 22:51:36 | 000,062,584 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011/04/18 22:51:36 | 000,022,912 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011/04/18 22:51:36 | 000,020,328 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011/04/05 05:26:26 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/04/04 14:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 14:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/17 03:42:38 | 002,712,064 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/09 22:01:45 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2011/03/09 22:01:45 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2011/03/01 08:33:16 | 004,720,704 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/01/17 16:56:14 | 000,412,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/09/21 19:47:10 | 000,243,712 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/07/19 18:10:40 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/04/01 14:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/02/26 17:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/16 23:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 18:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009/01/29 17:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.gr/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2006.53
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playon.tv/PlayOnToolbar: C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Evan\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy64.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Evan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/26 10:56:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015/02/06 19:31:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/12 22:37:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/10/26 10:56:05 | 000,000,000 | ---D | M]
 
[2012/08/01 06:28:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan\AppData\Roaming\Mozilla\Extensions
[2014/04/03 10:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default\extensions
[2013/04/12 22:36:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2015/02/06 19:31:20 | 000,000,000 | ---D | M] ("Avast Online Security") -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013/04/12 22:37:24 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/12/23 18:09:01 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/05 19:24:59 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: avast! Online Security = C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
 
O1 HOSTS File: ([2014/04/03 10:15:09 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {0347C33E-8762-4905-BF09-768834316C61} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\Evan\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [Driver Support] C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [iutghfws] "C:\Users\Evan\AppData\Local\jqhisrrp.exe" File not found
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
O4 - Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}  (ExentInf Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B06BF4C-FFD7-4511-9771-B9D290391CC5}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF479938-5C98-4782-90A5-D39C7AC4C15B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6E055BB-98EE-4114-892B-59092F877D86}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/02/25 16:39:38 | 000,000,000 | ---D | C] -- C:\Users\Evan\AppData\Roaming\java
[2015/02/25 16:34:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Roblox
[2015/02/25 16:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
[2015/02/25 16:12:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Roblox
[2015/02/23 18:15:22 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2015/02/23 17:36:01 | 000,000,000 | R--D | C] -- C:\Users\Evan\Creative Cloud Files
[2015/02/23 17:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015/02/19 23:24:50 | 000,000,000 | ---D | C] -- C:\Users\Evan\AppData\Local\{E0BED9A0-878E-4323-A2F2-465B2821ABCA}
[2015/02/06 20:50:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015/02/06 19:22:42 | 000,028,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2015/02/06 19:22:29 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/02/06 19:21:40 | 000,449,936 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2015/02/06 18:56:51 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2 C:\Users\Evan\Desktop\*.tmp files -> C:\Users\Evan\Desktop\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/02/26 19:45:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
[2015/02/26 19:37:04 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015/02/26 19:35:04 | 000,000,536 | ---- | M] () -- C:\Windows\tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001.job
[2015/02/26 19:20:10 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
[2015/02/26 19:17:20 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015/02/26 19:17:20 | 000,017,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015/02/26 19:05:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015/02/26 18:40:09 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015/02/26 18:39:31 | 001,165,804 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015/02/26 18:39:30 | 000,318,836 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015/02/26 18:39:30 | 000,006,450 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015/02/26 18:35:34 | 000,000,632 | RHS- | M] () -- C:\Users\Evan\ntuser.pol
[2015/02/26 18:34:33 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015/02/26 18:33:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015/02/26 18:32:57 | 2962,255,872 | -HS- | M] () -- C:\hiberfil.sys
[2015/02/26 17:14:34 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2015/02/26 16:45:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
[2015/02/26 16:03:02 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job
[2015/02/26 10:00:07 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job
[2015/02/25 16:36:30 | 000,001,319 | ---- | M] () -- C:\Users\Evan\Desktop\ROBLOX Player.lnk
[2015/02/25 16:36:30 | 000,001,138 | ---- | M] () -- C:\Users\Evan\Desktop\ROBLOX Studio.lnk
[2015/02/25 15:50:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
[2015/02/23 17:24:01 | 000,001,301 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2015/02/20 16:37:33 | 000,002,362 | ---- | M] () -- C:\Users\Evan\Desktop\Google Chrome.lnk
[2015/02/13 15:03:18 | 000,001,135 | ---- | M] () -- C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015/02/13 15:02:14 | 000,001,017 | ---- | M] () -- C:\Users\Evan\Desktop\Dropbox.lnk
[2015/02/12 12:28:42 | 000,000,478 | ---- | M] () -- C:\Windows\tasks\Driver Support-RTMRules.job
[2015/02/12 12:28:41 | 000,000,490 | ---- | M] () -- C:\Windows\tasks\Driver Support-RTMScan.job
[2015/02/12 12:28:41 | 000,000,488 | ---- | M] () -- C:\Windows\tasks\Driver Support-RTMUpdater.job
[2015/02/07 11:55:18 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SUPERANTISPYWARE.DB3
[2015/02/06 19:23:21 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2015/02/06 19:22:24 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2015/02/06 19:21:50 | 000,028,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2015/02/06 19:21:40 | 000,449,936 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2015/02/06 18:56:54 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2015/02/06 18:56:54 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015/02/06 18:56:54 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015/02/06 18:56:54 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015/02/06 18:56:54 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015/02/06 18:56:54 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015/02/06 18:56:53 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015/02/06 18:56:51 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2 C:\Users\Evan\Desktop\*.tmp files -> C:\Users\Evan\Desktop\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/02/25 16:36:28 | 000,001,319 | ---- | C] () -- C:\Users\Evan\Desktop\ROBLOX Player.lnk
[2015/02/25 16:34:51 | 000,001,138 | ---- | C] () -- C:\Users\Evan\Desktop\ROBLOX Studio.lnk
[2015/02/23 18:18:51 | 000,001,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
[2015/02/23 17:24:01 | 000,001,313 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
[2015/02/23 17:24:01 | 000,001,301 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
[2015/02/12 12:28:42 | 000,000,478 | ---- | C] () -- C:\Windows\tasks\Driver Support-RTMRules.job
[2015/02/12 12:28:41 | 000,000,490 | ---- | C] () -- C:\Windows\tasks\Driver Support-RTMScan.job
[2015/02/12 12:28:41 | 000,000,488 | ---- | C] () -- C:\Windows\tasks\Driver Support-RTMUpdater.job
[2015/02/07 11:55:18 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SUPERANTISPYWARE.DB3
[2015/02/04 20:29:57 | 006,356,018 | ---- | C] () -- C:\Users\Evan\Desktop\MMH.rar
[2014/07/25 10:45:51 | 000,007,609 | ---- | C] () -- C:\Users\Evan\AppData\Local\resmon.resmoncfg
[2014/07/22 16:57:07 | 000,000,023 | ---- | C] () -- C:\Users\Evan\jagexappletviewer.preferences
[2014/03/31 09:15:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/03/31 09:13:42 | 000,000,066 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2013/12/22 10:30:19 | 000,012,326 | ---- | C] () -- C:\Users\Evan\AppData\Local\tdnndntv
[2013/12/22 10:29:15 | 000,067,992 | ---- | C] () -- C:\Users\Evan\AppData\Local\iscjiksh
[2013/12/22 10:28:14 | 000,000,000 | ---- | C] () -- C:\Users\Evan\AppData\Roaming\SharedSettings.ccs
[2013/04/07 13:14:01 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2013/03/25 16:47:26 | 000,207,259 | ---- | C] () -- C:\Windows\hpwins28.dat.temp
[2012/03/05 09:57:17 | 000,000,632 | RHS- | C] () -- C:\Users\Evan\ntuser.pol
[2011/10/28 07:46:17 | 000,000,043 | ---- | C] () -- C:\Users\Evan\jagex_cl_runescape_LIVE.dat
[2011/10/28 07:46:17 | 000,000,024 | ---- | C] () -- C:\Users\Evan\random.dat
[2010/06/18 02:18:40 | 000,417,902 | ---- | C] () -- C:\Users\Evan\Scary Scream.mp3
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 20:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015/02/25 17:03:37 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\.minecraft
[2013/10/18 09:53:48 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\AVAST Software
[2011/10/14 21:13:03 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Barnes & Noble
[2013/11/08 13:37:24 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/10/16 17:17:00 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1
[2013/12/25 16:14:33 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\DiskAid
[2015/02/26 18:37:19 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Dropbox
[2015/02/25 16:39:38 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\java
[2012/06/05 15:30:02 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\ly.logic.LogiclyDesktop
[2015/01/07 13:22:25 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\mjusbsp
[2012/01/02 14:34:58 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Motorola
[2013/10/14 12:22:00 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Outertech
[2014/03/31 09:17:28 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\PC Speed Maximizer
[2013/11/08 14:28:49 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\PDAppFlex
[2011/10/14 21:55:06 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\PowerCinema
[2012/03/31 21:49:08 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Rovio
[2015/02/23 09:51:10 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\SoftGrid Client
[2013/03/22 19:36:24 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\TFP
[2011/10/18 13:38:21 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\TP
[2012/05/26 11:20:14 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\WildTangent
[2011/11/17 16:27:47 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\Windows Live Writer
[2012/05/04 15:30:52 | 000,000,000 | ---D | M] -- C:\Users\Evan\AppData\Roaming\WindSolutions
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 408 bytes -> C:\ProgramData\Temp:5C321E34
 
< End of report >
 

  • 0

Advertisements

#2
RKinner
Posted 27 February 2015 - 08:25 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Download and save the AVG removal tool
 
 
Run the Avg Remover by right clicking and Run As Admin.
 
 
Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
sfc  /scannow
 
(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:
 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy  (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  
 
Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.
 
 
 
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 
 
If you haven't done so recently let Avast do a boot-time scan while you sleep tonight.
 
How to do a boot-time scan while you sleep:
First mute the speakers so it won't wake you up when Windows loads.  Click on the Orange ball.  Click on Scan, then Scan for Viruses and wait a couple of minutes for the page to change.  Change Quickscan to Boot-time Scan.  Click on Settings.  Where it says Heuristic Sensitivity click on the last rectangle so that all of them are  orange and it says High.  Check both boxes.  Then change When a threat is found ... to:  Move to Chest.  OK.  Now click on Start.  Close the Avast window and then reboot.  The scan will start.  It will tell you where it will save the report.  Usually it's 
C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.  When Windows loads Click on the Orange Ball then Scan, Then Scan History (at the bottom of the page). Click on the last scan and then Detailed Report.  If it found anything then open the aswBoot.txt file and copy and paste it.  If you can't find it then take a screen shot of the Detailed Report:

  • 0

#3
realapp
Posted 03 March 2015 - 04:21 PM

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Attached File  EVANSPC.txt   65.22KB   294 downloads

 

There was no complaint when I ran the first scan. So I skipped the next two lines and then tried to download the Event viewer tool but I kept getting a run time error.

Attached Files


Edited by realapp, 03 March 2015 - 05:20 PM.

  • 0

#4
RKinner
Posted 03 March 2015 - 07:00 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Did you forget to right click on VEW.exe and Run As Administrator?

 

MalwareBytes is the big user of your CPU.  Don't know why. It shouldn't be.  Probably needs to be uninstalled and reinstalled.


  • 0

#5
realapp
Posted 04 March 2015 - 09:09 AM

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

I ran the boot scan and when i woke up this morning it said it couldn't load windows. It gave the option to load normally or try to fix. It automatically tried to fix but couldn't fix anything. So I restarted computer and it loaded but doesn't look right. Some icons are whited out and so it start menu. Also, when Iooked in avast under scan but there is no "scan history". 

 

I do believe I ran as administrator on event viewer but I can retry???


  • 0

#6
RKinner
Posted 04 March 2015 - 10:26 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I would do a System Restore to the last restore point before your scan.

 

  1. Open System Restore by clicking the Start button . In the search box, type System Restore, and then, in the list of results, click System Restore. ...
  2. Follow the steps in the wizard to choose a restore point and restore your computer.

 

 

See if you can open

 

C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt

 

I think it may be hidden so you might need to:

 

Open the Control Panel menu and click Folder Options.
    After the new window appears select the View tab.
    Put a checkmark in the checkbox labeled Display the contents of system folders.
    Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
    Remove the checkmark from the checkbox labeled Hide protected operating system files.
    Press the Apply button and then the OK button 
 
If you find it copy and paste it into a reply.

  • 0

#7
realapp
Posted 04 March 2015 - 01:32 PM

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts
The report is below.
Also, after I shut down computer again it restarted normal. So, I didn't revert back to restore point, should I??? Thanks!!
 
 
 
12/22/2013 15:47
Scan of all local drives
 
File C:\Program Files (x86)\OpenDownloaderManager\odminstaller.exe|>$INSTDIR\Help\Free Download Manager.chm|>addanewflashvideodownload.htm Error 42136 {CHM archive is corrupted.}
File C:\Users\Evan\AppData\Local\Temp\PhxB692\setup__423.exe is infected by Win32:WhiteSmoke-A [PUP], Moved to chest
File C:\Users\Evan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\077SY1Q3\setup__423[1].exe is infected by Win32:WhiteSmoke-A [PUP], Moved to chest
File C:\Users\Evan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4MLKI155\pack[1].7z|>bprotect.exe is infected by Win32:BProtect-D [Trj], Delete: Error 42111 {The operation is not supported for this type of archive.}, Delete: Error 42111 {The operation is not supported for this type of archive.}, Delete: Error 42111 {The operation is not supported for this type of archive.}, Move to chest: Error 42111 {The operation is not supported for this type of archive.}, Delete: Error 42111 {The operation is not supported for this type of archive.}, Repair: Error 42060 {The file was not repaired.}
Scanning aborted
 
Number of searched folders: 17620
Number of tested files: 358575
Number of infected files: 3
 
----------------------------------------
04/04/2014 18:01
Scan of all local drives
 
 
Scanning aborted
Number of searched folders: 1507
Number of tested files: 99123
Number of infected files: 0
 
----------------------------------------
02/06/2015 15:41
Scan of all local drives
 
File C:\Program Files (x86)\OpenDownloaderManager\odminstaller.exe|>$INSTDIR\Help\Free Download Manager.chm|>addanewflashvideodownload.htm Error 42136 {CHM archive is corrupted.}
File C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\File System\004\t\00\00000000 is infected by Win32:Malware-gen, Moved to chest
File C:\Users\Evan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Exent\DACC\ec58ca15-40d6-4567-9e58-f84cc980e590|>\data2.cab Error 42127 {CAB archive is corrupted.}
File C:\Users\Evan\Downloads\[PS3]+Assassins+creed+3+by+DM13 (1).rar|>[PS3] Assassins creed 3 by DM13\BLES01667AC3AC3_0\SND0.AT3 Error 42126 {RAR archive is corrupted.}
 
----------------------------------------
03/03/2015 22:05
Scan of all local drives
 
File C:\Program Files (x86)\OpenDownloaderManager\odminstaller.exe|>$INSTDIR\Help\Free Download Manager.chm|>addanewflashvideodownload.htm Error 42136 {CHM archive is corrupted.}
File C:\Users\Evan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Exent\DACC\ec58ca15-40d6-4567-9e58-f84cc980e590|>\data2.cab Error 42127 {CAB archive is corrupted.}
File C:\Users\Evan\Downloads\Greed for Glory Hack (1).exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\Evan\Downloads\Greed for Glory Hack (2).exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\Evan\Downloads\Greed for Glory Hack.exe is infected by Win32:Malware-gen, Moved to chest
File C:\Users\Evan\Downloads\[PS3]+Assassins+creed+3+by+DM13 (1).rar|>[PS3] Assassins creed 3 by DM13\BLES01667AC3AC3_0\SND0.AT3 Error 42126 {RAR archive is corrupted.}

  • 0

#8
realapp
Posted 09 March 2015 - 03:43 PM

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Do I need to post something else?


  • 0

#9
RKinner
Posted 09 March 2015 - 04:43 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Sorry.  Missed your post for some reason.

 

If it is running OK then no need to restore.

 

 

 

Let's let FRST remove the files that Avast found that were corrupt:

 

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.
 
 

 

 


  • 0

#10
realapp
Posted 09 March 2015 - 08:04 PM

realapp

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 338 posts

Sorry, don't mean to sound like a complete dunce but I'm not sure what FRST is and I don't think I have it downloaded? Thanks:)


  • 0

Advertisements

#11
RKinner
Posted 09 March 2015 - 09:01 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

My fault.  I usually start with FRST.

 

Please download Farbar Recovery Scan Tool and save it to your Desktop. 
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • click on the Addition.txt box. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste that log back here and also the second log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 
    •  
    Were you able to uninstall MBAM and reinstall it?  If so run process Explorer again as before and post the log.

    • 0

    #12
    realapp
    Posted 09 March 2015 - 10:17 PM

    realapp

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 338 posts
    I was able to delete Malwarebytes but when I tried reinstalling it wouldn't open. So I have not installed again.  Below are the scans. Thanks!
     
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2015 01
    Ran by Evan (administrator) on EVANSPC on 09-03-2015 23:09:49
    Running from C:\Users\Evan\Downloads
    Loaded Profiles: Evan (Available profiles: Evan & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    (PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    (Dropbox, Inc.) C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
    HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-06] (AVAST Software)
    HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-20] (APN)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-06] (SUPERAntiSpyware)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [B3BEE1887845D5C660FDE31E603772F67165C947._service_run] => C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [cdloader] => C:\Users\Evan\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [Google Update] => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc.)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [iutghfws] => "C:\Users\Evan\AppData\Local\jqhisrrp.exe"
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [4785504 2014-05-22] (PC Drivers Headquarters)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Policies\system: [LogonHoursAction] 2
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
    ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
    Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.gr/
    SearchScopes: HKLM -> DefaultScope value is missing.
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKU\S-1-5-21-4046523146-1281529262-768510782-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-06] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: No Name -> {0347C33E-8762-4905-BF09-768834316C61} ->  No File
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-06] (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
    BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} ->  No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
    DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [2013-11-25] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2013-08-15] (MediaMall Technologies, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2013-07-24] ()
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Evan\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-21] (Citrix Online)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Evan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Limited)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @talk.google.com/O1DPlugin -> C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Evan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Evan\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-26]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-18]
    FF HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
     
    Chrome: 
    =======
    CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (avast! Online Security) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-20]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20]
    CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
    CHR Extension: (YouTube) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-09]
    CHR Extension: (Facebook) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-09-28]
    CHR Extension: (Google Search) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-09]
    CHR Extension: (FromDocToPDF) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp [2015-02-10]
    CHR Extension: (Avast Online Security) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-06]
    CHR Extension: (Google Wallet) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-11]
    CHR Extension: (Gmail) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-09]
    CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Evan\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.4.0.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-06]
    StartMenuInternet: Google Chrome - C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-14] (SUPERAntiSpyware.com)
    R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-06] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-02-06] (AVAST Software)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    S2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [4327728 2013-11-05] (MediaMall Technologies, Inc.)
    R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()
    S2 vToolbarUpdater12.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [X]
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-06] ()
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-02-06] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-06] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-02-06] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-06] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-06] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-06] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-06] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-06] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-06] ()
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [31080 2012-09-03] (AVG Technologies)
    R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-12-14] ()
    R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc.)
    S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
    R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-09 23:09 - 2015-03-09 23:10 - 00029268 _____ () C:\Users\Evan\Downloads\FRST.txt
    2015-03-09 23:05 - 2015-03-09 23:09 - 00000000 ____D () C:\FRST
    2015-03-09 23:05 - 2015-03-09 23:05 - 02095104 _____ (Farbar) C:\Users\Evan\Downloads\FRST64.exe
    2015-03-09 19:03 - 2015-03-09 19:04 - 00279040 _____ () C:\Windows\Minidump\030915-42260-01.dmp
    2015-03-08 23:09 - 2015-03-08 23:09 - 00044313 _____ () C:\Users\Evan\Desktop\Epic Sports Checkout.html
    2015-03-08 23:09 - 2015-03-08 23:09 - 00000000 ____D () C:\Users\Evan\Desktop\Epic Sports Checkout_files
    2015-03-08 16:37 - 2015-03-08 16:37 - 00278984 _____ () C:\Windows\Minidump\030815-39234-01.dmp
    2015-03-07 15:16 - 2015-03-07 15:16 - 00279040 _____ () C:\Windows\Minidump\030715-38750-01.dmp
    2015-03-07 11:34 - 2015-03-07 11:35 - 00278984 _____ () C:\Windows\Minidump\030715-73226-01.dmp
    2015-03-04 15:18 - 2015-03-04 15:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000928 _____ () C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Genie.lnk
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNDA3100v2 Genie
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
    2015-03-04 15:15 - 2011-12-12 18:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
    2015-03-04 15:15 - 2011-07-22 11:33 - 00025056 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
    2015-03-04 15:15 - 2011-04-19 18:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
    2015-03-04 15:15 - 2011-04-19 18:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
    2015-03-04 15:15 - 2011-04-19 18:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
    2015-03-04 15:15 - 2010-06-09 14:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
    2015-03-04 15:10 - 2015-03-04 15:10 - 35770251 _____ () C:\Users\Evan\Downloads\WNDA3100v2 Software Version 2.0.0.1.zip
    2015-03-03 18:16 - 2015-03-03 18:16 - 00012598 _____ () C:\Users\Evan\Desktop\System Idle Process.txt
    2015-03-03 18:09 - 2015-03-03 18:09 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
    2015-03-03 18:08 - 2015-03-03 18:08 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Evan\Downloads\procexp.exe
    2015-03-03 17:50 - 2015-03-03 17:54 - 00066785 _____ () C:\Users\Evan\Desktop\EVANSPC.txt
    2015-03-03 17:41 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files\Speccy
    2015-03-03 17:11 - 2015-03-03 17:11 - 00061440 _____ ( ) C:\Users\Evan\Downloads\VEW.exe
    2015-03-03 16:27 - 2015-03-03 16:27 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184 (2).exe
    2015-03-03 16:23 - 2015-03-03 16:23 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184 (1).exe
    2015-03-03 16:22 - 2015-03-03 16:33 - 00000994 _____ () C:\Users\Evan\Downloads\avgremover.log
    2015-03-03 16:22 - 2015-03-03 16:22 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184.exe
    2015-02-27 12:59 - 2015-02-27 12:59 - 00011328 _____ () C:\Users\Evan\Downloads\10U Phone Tree.xlsx
    2015-02-27 12:55 - 2015-02-27 12:55 - 00035840 _____ () C:\Users\Evan\Downloads\2015 Spring 10u Softball (1).xls
    2015-02-27 12:53 - 2015-02-27 12:53 - 00035840 _____ () C:\Users\Evan\Downloads\2015 Spring 10u Softball.xls
    2015-02-26 20:42 - 2015-02-26 20:42 - 00602112 _____ (OldTimer Tools) C:\Users\Evan\Downloads\OTL (8).exe
    2015-02-26 17:44 - 2015-02-26 17:44 - 03021050 _____ () C:\Users\Evan\Downloads\WNDR3300-V1.0.45_1.0.45NA (1).zip
    2015-02-26 17:37 - 2015-02-26 17:37 - 03021050 _____ () C:\Users\Evan\Downloads\WNDR3300-V1.0.45_1.0.45NA.zip
    2015-02-25 17:39 - 2015-02-25 17:39 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\java
    2015-02-25 17:36 - 2015-02-25 17:36 - 00001319 _____ () C:\Users\Evan\Desktop\ROBLOX Player.lnk
    2015-02-25 17:34 - 2015-02-25 17:36 - 00001138 _____ () C:\Users\Evan\Desktop\ROBLOX Studio.lnk
    2015-02-25 17:34 - 2015-02-25 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-02-25 17:34 - 2015-02-25 17:34 - 00000000 ____D () C:\ProgramData\Roblox
    2015-02-25 17:33 - 2015-02-25 17:33 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (8).exe
    2015-02-25 17:16 - 2015-02-25 17:16 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (7).exe
    2015-02-25 17:15 - 2015-02-25 17:15 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (6).exe
    2015-02-25 17:15 - 2015-02-25 17:15 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (5).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (4).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (3).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (2).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00000000 ____D () C:\Program Files (x86)\Roblox
    2015-02-25 17:11 - 2015-02-25 17:11 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (1).exe
    2015-02-25 17:02 - 2015-02-25 17:02 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher.exe
    2015-02-23 19:18 - 2015-02-23 19:18 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
    2015-02-23 19:15 - 2015-02-23 19:28 - 00000000 ____D () C:\Program Files\Adobe
    2015-02-23 18:36 - 2015-02-23 18:36 - 00000000 ___RD () C:\Users\Evan\Creative Cloud Files
    2015-02-23 18:24 - 2015-02-23 18:24 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
    2015-02-23 18:24 - 2015-02-23 18:24 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
    2015-02-23 18:13 - 2015-02-23 18:20 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-23 18:04 - 2015-02-23 18:04 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\Evan\Downloads\CreativeCloudSet-Up.exe
    2015-02-21 17:06 - 2015-02-21 17:06 - 00013644 _____ () C:\Users\Evan\Downloads\2015 Pool Divisions (1).xlsx
    2015-02-21 17:05 - 2015-02-21 17:05 - 00017183 _____ () C:\Users\Evan\Downloads\2015 Brackets (1).xlsx
    2015-02-21 17:04 - 2015-02-21 17:04 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores (2).xlsx
    2015-02-20 20:48 - 2015-02-20 20:48 - 00014773 _____ () C:\Users\Evan\Downloads\life-skills-requirements (1).xlsx
    2015-02-20 19:59 - 2015-02-20 19:59 - 00014773 _____ () C:\Users\Evan\Downloads\life-skills-requirements.xlsx
    2015-02-20 18:22 - 2015-02-20 18:22 - 00017201 _____ () C:\Users\Evan\Downloads\Master Schedule Draft 11.20.14.xlsx
    2015-02-20 00:24 - 2015-02-20 00:25 - 00000000 ____D () C:\Users\Evan\AppData\Local\{E0BED9A0-878E-4323-A2F2-465B2821ABCA}
    2015-02-16 21:59 - 2015-02-16 21:59 - 00013644 _____ () C:\Users\Evan\Downloads\2015 Pool Divisions.xlsx
    2015-02-16 21:56 - 2015-02-16 21:56 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores (1).xlsx
    2015-02-16 21:53 - 2015-02-16 21:53 - 00017183 _____ () C:\Users\Evan\Downloads\2015 Brackets.xlsx
    2015-02-16 21:53 - 2015-02-16 21:53 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores.xlsx
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000490 _____ () C:\Windows\Tasks\Driver Support-RTMScan.job
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000488 _____ () C:\Windows\Tasks\Driver Support-RTMUpdater.job
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000478 _____ () C:\Windows\Tasks\Driver Support-RTMRules.job
    2015-02-07 12:55 - 2015-02-07 12:55 - 00000000 _____ () C:\Windows\system32\SUPERANTISPYWARE.DB3
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-09 23:05 - 2012-04-01 16:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-03-09 22:45 - 2011-12-21 17:27 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
    2015-03-09 22:40 - 2009-07-14 00:13 - 00006450 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-03-09 22:39 - 2014-07-21 10:48 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001.job
    2015-03-09 22:39 - 2012-07-12 19:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-03-09 22:39 - 2012-02-20 21:15 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
    2015-03-09 22:39 - 2011-08-09 14:16 - 01929657 _____ () C:\Windows\WindowsUpdate.log
    2015-03-09 19:14 - 2009-07-13 23:45 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-03-09 19:14 - 2009-07-13 23:45 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-03-09 19:07 - 2013-03-05 15:51 - 00000000 ___RD () C:\Users\Evan\Dropbox
    2015-03-09 19:07 - 2013-03-05 15:47 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Dropbox
    2015-03-09 19:07 - 2012-11-18 12:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-03-09 19:07 - 2011-10-13 20:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-03-09 19:06 - 2011-10-13 21:37 - 00000000 ____D () C:\ProgramData\clear.fi
    2015-03-09 19:05 - 2013-10-25 13:41 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
    2015-03-09 19:05 - 2012-07-12 19:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-03-09 19:05 - 2012-03-05 10:57 - 00000632 __RSH () C:\Users\Evan\ntuser.pol
    2015-03-09 19:05 - 2012-01-02 15:33 - 00000000 ____D () C:\Temp
    2015-03-09 19:05 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan
    2015-03-09 19:04 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-03-09 19:03 - 2012-05-16 20:54 - 490923028 _____ () C:\Windows\MEMORY.DMP
    2015-03-09 19:03 - 2012-05-16 20:54 - 00000000 ____D () C:\Windows\Minidump
    2015-03-09 19:03 - 2009-07-13 23:51 - 00135939 _____ () C:\Windows\setupact.log
    2015-03-09 16:45 - 2011-12-21 17:27 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
    2015-03-09 16:03 - 2011-10-14 16:04 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job
    2015-03-08 16:49 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan\AppData\Local\Adobe
    2015-03-06 11:00 - 2011-10-14 16:04 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job
    2015-03-05 18:27 - 2013-09-13 20:17 - 00000000 ____D () C:\ProgramData\MediaMall
    2015-03-05 18:24 - 2010-11-20 22:47 - 00839988 _____ () C:\Windows\PFRO.log
    2015-03-05 18:23 - 2011-10-18 14:38 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\SoftGrid Client
    2015-03-05 18:11 - 2011-10-13 21:48 - 00000000 ____D () C:\Users\Evan\Desktop\Security
    2015-03-05 16:20 - 2012-02-20 21:15 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
    2015-03-04 15:15 - 2011-04-18 23:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-03-04 14:43 - 2012-12-02 15:26 - 02525696 ___SH () C:\Users\Evan\Downloads\Thumbs.db
    2015-03-04 09:40 - 2009-07-14 00:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-03-03 18:19 - 2012-11-20 15:05 - 02134528 ___SH () C:\Users\Evan\Desktop\Thumbs.db
    2015-03-03 16:15 - 2014-03-22 21:01 - 00000000 ____D () C:\Users\Evan\Desktop\8u Indians Softball
    2015-02-26 21:20 - 2012-11-14 10:56 - 00112260 _____ () C:\Users\Evan\Downloads\OTL.Txt
    2015-02-26 18:14 - 2014-03-31 10:15 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2015-02-26 12:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-02-25 18:03 - 2012-06-05 15:48 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\.minecraft
    2015-02-24 21:32 - 2014-07-21 10:48 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001
    2015-02-24 19:50 - 2012-09-06 07:49 - 00000000 ____D () C:\Users\Evan\Desktop\MOMDAD
    2015-02-23 19:36 - 2013-11-08 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
    2015-02-23 19:33 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Adobe
    2015-02-23 19:33 - 2011-04-18 23:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-02-23 18:27 - 2011-04-18 23:53 - 00000000 ____D () C:\ProgramData\Adobe
    2015-02-23 18:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-02-20 17:37 - 2012-02-20 21:17 - 00002362 _____ () C:\Users\Evan\Desktop\Google Chrome.lnk
    2015-02-13 20:52 - 2014-03-24 19:49 - 00000000 ____D () C:\ProgramData\UAB
    2015-02-13 16:02 - 2013-03-05 15:51 - 00001017 _____ () C:\Users\Evan\Desktop\Dropbox.lnk
    2015-02-13 16:02 - 2013-03-05 15:48 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-02-07 16:22 - 2011-10-13 20:13 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Mozilla
    2015-02-07 16:16 - 2012-02-20 21:15 - 00003876 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA
    2015-02-07 16:15 - 2012-02-20 21:15 - 00003480 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core
    2015-02-07 00:32 - 2012-07-12 19:23 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-02-07 00:32 - 2012-07-12 19:23 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
     
    ==================== Files in the root of some directories =======
     
    2015-02-06 19:28 - 2015-02-06 19:28 - 0000000 _____ () C:\Program Files (x86)\GUT9AAA.tmp
    2013-12-22 11:28 - 2013-12-22 11:28 - 0000000 _____ () C:\Users\Evan\AppData\Roaming\SharedSettings.ccs
    2014-12-14 20:08 - 2014-12-14 20:08 - 0001181 _____ () C:\Users\Evan\AppData\Roaming\trace_FilterInstaller.txt
    2014-12-14 20:08 - 2014-12-14 20:08 - 0000000 _____ () C:\Users\Evan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
    2013-12-22 11:29 - 2013-12-22 11:29 - 0067992 _____ () C:\Users\Evan\AppData\Local\iscjiksh
    2014-07-25 11:45 - 2014-11-06 17:26 - 0007609 _____ () C:\Users\Evan\AppData\Local\resmon.resmoncfg
    2013-12-22 11:30 - 2013-12-22 11:30 - 0012326 _____ () C:\Users\Evan\AppData\Local\tdnndntv
    2011-08-09 14:32 - 2011-08-09 14:35 - 0015211 _____ () C:\ProgramData\ArcadeDeluxe5.log
    2011-10-26 11:45 - 2013-03-25 18:18 - 0003300 _____ () C:\ProgramData\hpzinstall.log
     
    Files to move or delete:
    ====================
    C:\Users\Evan\jagex_cl_runescape_LIVE.dat
    C:\Users\Evan\random.dat
     
     
    Some content of TEMP:
    ====================
    C:\Users\Evan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptz2m87.dll
    C:\Users\Evan\AppData\Local\Temp\pwi0hpqv.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-02-25 13:28
     
    ==================== End Of Log ============================
     
     
     
     
     
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2015 01
    Ran by Evan at 2015-03-09 23:11:36
    Running from C:\Users\Evan\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
    Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
    Acer Crystal Eye Webcam (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
    Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.4 - WildTangent)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0301.2011 - Acer Incorporated)
    Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
    Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Angry Birds Space (HKLM-x32\...\{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}) (Version: 1.0.0 - Rovio)
    Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-006A-76A7-A758B70C0A03}) (Version: 12.10.3.30 - APN, LLC) <==== ATTENTION
    Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
    Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Busytown Uninstall (HKLM-x32\...\Busytown) (Version:  - )
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
    clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
    clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
    clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.05 - NCH Software)
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DiskAid 6.5.1.0 (HKLM\...\DiskAid_is1) (Version: 6.5.1.0 - DigiDNA)
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 8.1 - Driver Support)
    Dropbox (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
    Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
    Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
    FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    GetDiz (HKLM-x32\...\GetDiz) (Version: 4.8 - Outertech)
    Google Chrome (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    GoToMeeting 6.5.0.2377 (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\GoToMeeting) (Version: 6.5.0.2377 - CitrixOnline)
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.5 - Acer Inc.)
    Logicly (HKLM-x32\...\ly.logic.LogiclyDesktop) (Version:  - Joshua Tynjala)
    magicJack (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
    MediaInfo 0.7.52 (HKLM\...\MediaInfo) (Version: 0.7.52 - MediaArea.net)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola)
    Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
    Mozilla Firefox 20.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
    MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
    MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
    Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
    NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
    NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PlayOn (HKLM-x32\...\{F21DECDA-C978-44CE-A109-085B8CBDE706}) (Version: 3.7.15 - MediaMall Technologies, Inc.)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    Quick Screen Capture 3.0 (HKLM-x32\...\Quick Screen Capture 3.0_is1) (Version: 3.0 - Etru Software Development)
    QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
    ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
    Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
    Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
    SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1132 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
    Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
    TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
    WildTangent Games App (x32 Version: 4.0.6.14 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WinRAR 5.00 beta 7 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.7 - win.rar GmbH)
    Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
     
    ==================== Restore Points  =========================
     
    Check "winmgmt" service or repair WMI.
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 21:34 - 2014-04-03 11:15 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {011E5A06-3058-4F81-B788-E66BDC544A55} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-06] (AVAST Software)
    Task: {034A3BDE-9BEF-4DA6-B46D-864782F06871} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
    Task: {04850818-0BE5-41E8-9A5E-1F3674A39E49} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {1331F64E-A032-4821-A48B-6CADA4282A63} - System32\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {2E514F4E-8D99-48F9-A719-0E01E5E85C05} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {347C6A1C-5D96-447B-A701-265F7EB1D7C7} - System32\Tasks\{2F52B03F-A57F-41B3-94C2-EFFF8E091810} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
    Task: {3D03FAE7-7B3E-4FC2-9F17-5D66C0936E5B} - System32\Tasks\AdobeAAMUpdater-1.0-EvansPc-Evan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
    Task: {41C82907-CEA1-49A4-9103-5F68238EC2D3} - System32\Tasks\{2A4127B4-007F-4F86-98B7-0DDF84B64BD3} => Chrome.exe 
    Task: {4BBBD4F3-4D7D-4FD5-8094-73EEA60FD0A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {6115292D-20B4-4557-993F-0255F45548C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {62C7804D-39CF-4F70-B900-BC93818359BA} - System32\Tasks\{E6AE6510-1F8D-4F23-A44C-C2AF955819BF} => Firefox.exe http://ui.skype.com/...ffered;disabled
    Task: {6BF99ED0-7307-435E-B9D8-E67F109FF0A4} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {6D151C53-E294-4BDC-829D-B2D40283011C} - System32\Tasks\FGRun => C:\Users\Evan\AppData\Roaming\pack.exe
    Task: {6D6499F8-7BE7-400C-82A4-80C51A867544} - System32\Tasks\{79AE2647-5CD9-402E-B0A2-B07475D70EF2} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [2011-10-24] (Apple Inc.)
    Task: {6D7C49E9-0B96-40B9-A47F-414A8875ED1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
    Task: {76CA7021-6268-41ED-832E-44BA09CB00A6} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {798ADB9A-1407-48EB-B093-76D6B42C0F91} - \BrowserDefendert No Task File <==== ATTENTION
    Task: {7CD881BF-C2C2-46CD-AA18-4D4109131F7F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {86360C84-17F5-42A4-823A-B7358632A9E4} - System32\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {8AF228B0-E9FD-4B74-874E-9AA1CD21B431} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {91008A81-3DC7-4FBB-8074-E46F5459CFFA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {912ED026-729E-4094-823D-CE9CBAE6998A} - System32\Tasks\{FE92EC34-6D25-451E-9F37-6DBED4AC0389} => pcalua.exe -a "C:\Users\Evan\Downloads\AdobeAIRInstaller (1).exe" -d C:\Users\Evan\Downloads
    Task: {91513C28-1031-4AB3-B405-4A943AB31F00} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
    Task: {9E4A9977-5025-478C-A040-96DEE5CF675B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {AD658A67-BD2C-4EEE-BADE-FEA7F1C2171D} - System32\Tasks\{1C73C729-B4E5-40E1-A308-BB5F2567CC2B} => Chrome.exe 
    Task: {C06F03AB-2332-4923-B32D-70A70B97A539} - System32\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\2377\g2mupdate.exe [2015-02-24] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {DC6ABDBB-BBB3-41D9-BC24-30387E343587} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
    Task: {E1FE74A8-2D50-471D-85C4-EC90CC70FC58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
    Task: {EBF017A5-5A67-4145-923D-FC91F1B0A178} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {ED16368A-65BB-4B98-B025-E6ED5923EC5F} - \PC Speed Maximizer Schedule No Task File <==== ATTENTION
    Task: {F77B85E4-87CD-459B-A116-246BA19D328C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {FC61A631-E84D-4FFE-AFC5-F7F68309709D} - \pcreg No Task File <==== ATTENTION
    Task: {FEA98B49-B152-484B-91B6-EB2903806E9B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
    Task: {FED6DF03-EC25-4615-9A3F-09446BF5F4E9} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {FFC36402-FC4D-4B72-B39B-B9A3BBCA3386} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Driver Support-RTMRules.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\Driver Support-RTMScan.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\Driver Support-RTMUpdater.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\2377\g2mupdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2015-02-11 16:13 - 2015-02-11 16:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
    2009-01-21 18:45 - 2009-01-21 18:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
    2014-03-13 12:37 - 2014-05-22 20:41 - 00428424 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
    2015-03-04 15:15 - 2011-12-14 18:55 - 08453376 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    2011-12-06 16:00 - 2011-12-06 16:00 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    2011-12-06 16:00 - 2011-12-06 16:00 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    2015-03-04 15:15 - 2011-12-14 18:53 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    2015-02-11 16:12 - 2015-02-11 16:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2015-03-09 15:29 - 2015-03-09 15:29 - 02919936 _____ () C:\Program Files\AVAST Software\Avast\defs\15030900\algo.dll
    2015-03-09 19:08 - 2015-03-09 19:08 - 02920960 _____ () C:\Program Files\AVAST Software\Avast\defs\15030901\algo.dll
    2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
    2011-06-16 23:39 - 2011-06-16 23:39 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
    2011-09-19 02:59 - 2011-09-19 02:59 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
    2011-02-22 12:01 - 2011-02-22 12:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
    2015-03-04 15:15 - 2011-12-14 11:43 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
    2011-02-15 13:37 - 2011-02-15 13:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00750080 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-03-09 19:06 - 2015-03-09 19:06 - 00043008 _____ () c:\users\evan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptz2m87.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00047616 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00865280 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00200704 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2015-02-06 19:56 - 2015-02-06 19:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
    2011-02-15 13:36 - 2011-02-15 13:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
    2011-02-15 13:37 - 2011-02-15 13:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
    2015-03-04 15:15 - 2011-12-14 11:22 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
    2011-04-18 23:22 - 2010-04-13 11:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
    2015-02-20 17:36 - 2015-02-17 17:44 - 01117512 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
    2015-02-20 17:36 - 2015-02-17 17:44 - 00211272 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\libegl.dll
    2015-02-20 17:36 - 2015-02-17 17:44 - 09171272 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-4046523146-1281529262-768510782-500 - Administrator - Disabled)
    Evan (S-1-5-21-4046523146-1281529262-768510782-1001 - Administrator - Enabled) => C:\Users\Evan
    Guest (S-1-5-21-4046523146-1281529262-768510782-501 - Administrator - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-4046523146-1281529262-768510782-1002 - Administrator - Enabled)
     
    ==================== Faulty Device Manager Devices =============
     
    Could not list Devices. Check "winmgmt" service or repair WMI.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/09/2015 10:40:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
     
    Error: (03/09/2015 10:40:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9859
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8674
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8674
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (03/09/2015 10:13:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7363
     
    Error: (03/09/2015 10:13:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7363
     
     
    System errors:
    =============
    Error: (03/09/2015 10:39:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:39:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:39:04 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/09/2015 10:39:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:39:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:39:03 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/09/2015 10:13:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:13:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/09/2015 10:13:43 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/09/2015 08:21:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
     
    Microsoft Office Sessions:
    =========================
    Error: (03/09/2015 10:40:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F20300004D070000
     
    Error: (03/09/2015 10:40:02 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9859
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9859
     
    Error: (03/09/2015 10:13:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 8674
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 8674
     
    Error: (03/09/2015 10:13:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (03/09/2015 10:13:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7363
     
    Error: (03/09/2015 10:13:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7363
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2012-11-19 10:23:42.536
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2012-11-19 10:23:42.458
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
    Percentage of memory in use: 58%
    Total physical RAM: 3766.7 MB
    Available physical RAM: 1548.88 MB
    Total Pagefile: 7531.59 MB
    Available Pagefile: 5061.86 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.84 MB
     
    ==================== Drives ================================
     
    Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:352.36 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 22F65FB9)
    Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=449.7 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    • 0

    #13
    RKinner
    Posted 10 March 2015 - 08:45 AM

    RKinner

      Malware Expert

    • Expert
    • 24,625 posts
    • MVP
    Download the attached fixlist.txt to the same location as FRST
    Run FRST and press Fix
    A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

    • 0

    #14
    realapp
    Posted 12 March 2015 - 03:46 PM

    realapp

      Member

    • Topic Starter
    • Member
    • PipPipPip
    • 338 posts
    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
    Ran by Evan at 2015-03-12 18:18:03 Run:2
    Running from C:\Users\Evan\Downloads
    Loaded Profiles: Evan (Available profiles: Evan & Guest)
    Boot Mode: Normal
    ==============================================
     
    Content of fixlist:
    *****************
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [iutghfws] => "C:\Users\Evan\AppData\Local\jqhisrrp.exe"
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    CHR HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-20] (APN)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [B3BEE1887845D5C660FDE31E603772F67165C947._service_run] => C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [Google Update] => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-21] (Google Inc.)
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    SearchScopes: HKLM -> DefaultScope value is missing.
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope value is missing.
    SearchScopes: HKU\S-1-5-21-4046523146-1281529262-768510782-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO-x32: No Name -> {0347C33E-8762-4905-BF09-768834316C61} ->  No File 
    BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} ->  No File
    Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
    DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
    CHR HKLM-x32\...\Chrome\Extension: [aaaaaaooaijelonlmbcbjkocdnicdfmo] - C:\Users\Evan\AppData\Local\APN\GoogleCRXs\aaaaaaooaijelonlmbcbjkocdnicdfmo_7.15.4.0.crx [Not Found]
    CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [Not Found]
    StartMenuInternet: Google Chrome - C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    S2 vToolbarUpdater12.2.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [X]
    S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
    Task: {034A3BDE-9BEF-4DA6-B46D-864782F06871} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION
    Task: {41C82907-CEA1-49A4-9103-5F68238EC2D3} - System32\Tasks\{2A4127B4-007F-4F86-98B7-0DDF84B64BD3} => Chrome.exe 
    Task: {6115292D-20B4-4557-993F-0255F45548C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {6D151C53-E294-4BDC-829D-B2D40283011C} - System32\Tasks\FGRun => C:\Users\Evan\AppData\Roaming\pack.exe
    Task: {798ADB9A-1407-48EB-B093-76D6B42C0F91} - \BrowserDefendert No Task File <==== ATTENTION
    Task: {AD658A67-BD2C-4EEE-BADE-FEA7F1C2171D} - System32\Tasks\{1C73C729-B4E5-40E1-A308-BB5F2567CC2B} => Chrome.exe 
    Task: {ED16368A-65BB-4B98-B025-E6ED5923EC5F} - \PC Speed Maximizer Schedule No Task File <==== ATTENTION
    Task: {FC61A631-E84D-4FFE-AFC5-F7F68309709D} - \pcreg No Task File <==== ATTENTION
    C:\Users\Evan\AppData\Local\jqhisrrp.exe
     
     
     
     
     
    *****************
     
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iutghfws => Value not found.
    "C:\Windows\system32\GroupPolicy\Machine" => File/Directory not found.
    HKLM\SOFTWARE\Policies\Google => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Google => Key not found. 
    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => Value not found.
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Windows\CurrentVersion\Run\\B3BEE1887845D5C660FDE31E603772F67165C947._service_run => Value not found.
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value not found.
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Policies\Microsoft\Internet Explorer => Key not found. 
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61} => Key not found. 
    HKCR\Wow6432Node\CLSID\{0347C33E-8762-4905-BF09-768834316C61} => Key not found. 
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} => Key not found. 
    HKCR\Wow6432Node\CLSID\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value not found.
    HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found. 
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455} => Key not found. 
    HKCR\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455} => Key not found. 
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaaaooaijelonlmbcbjkocdnicdfmo => Key not found. 
    HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk => Key not found. 
    HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command\\Default => Value was restored successfully.
    vToolbarUpdater12.2.6 => Service not found.
    MBAMSwissArmy => Service not found.
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208} => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1} => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8} => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9} => Key not found. 
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{034A3BDE-9BEF-4DA6-B46D-864782F06871} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41C82907-CEA1-49A4-9103-5F68238EC2D3} => Key not found. 
    C:\Windows\System32\Tasks\{2A4127B4-007F-4F86-98B7-0DDF84B64BD3} not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2A4127B4-007F-4F86-98B7-0DDF84B64BD3} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6115292D-20B4-4557-993F-0255F45548C7} => Key not found. 
    C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6D151C53-E294-4BDC-829D-B2D40283011C} => Key not found. 
    C:\Windows\System32\Tasks\FGRun not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FGRun => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{798ADB9A-1407-48EB-B093-76D6B42C0F91} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD658A67-BD2C-4EEE-BADE-FEA7F1C2171D} => Key not found. 
    C:\Windows\System32\Tasks\{1C73C729-B4E5-40E1-A308-BB5F2567CC2B} not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C73C729-B4E5-40E1-A308-BB5F2567CC2B} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED16368A-65BB-4B98-B025-E6ED5923EC5F} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Speed Maximizer Schedule => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC61A631-E84D-4FFE-AFC5-F7F68309709D} => Key not found. 
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg => Key not found. 
    "C:\Users\Evan\AppData\Local\jqhisrrp.exe" => File/Directory not found.
     
    ==== End of Fixlog 18:18:09 ====
     
     
     
     
     
     
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
    Ran by Evan (administrator) on EVANSPC on 12-03-2015 18:23:49
    Running from C:\Users\Evan\Downloads
    Loaded Profiles: Evan (Available profiles: Evan & Guest)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 10 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
    (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
    () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    (PC Drivers Headquarters) C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
    (NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
    (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
    (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
    (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
    () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    (Dropbox, Inc.) C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
    () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Evan\AppData\Local\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11779176 2011-02-18] (Realtek Semiconductor)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
    HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336 2010-09-27] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-09-17] (Egis Technology Inc.)
    HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-09-17] (Egis Technology Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-02-15] (NTI Corporation)
    HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-02-18] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-11-02] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-10-24] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736 2012-01-16] (Apple Inc.)
    HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
    HKLM-x32\...\Run: [] => [X]
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-06] (AVAST Software)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-02-15] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKLM\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-02-06] (SUPERAntiSpyware)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [cdloader] => C:\Users\Evan\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Run: [Driver Support] => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [4785504 2014-05-22] (PC Drivers Headquarters)
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Policies\Explorer: [HideSCAHealth] 1
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
    HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
    ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
    ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
    Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    ShortcutTarget: Dropbox.lnk -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
    ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
    ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.gr/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-06] (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
    BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-06] (AVAST Software)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\ruo31qt8.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1206147.dll [2013-11-25] (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2013-08-15] (MediaMall Technologies, Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\4\NP_wtapp.dll [2013-07-24] ()
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Evan\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-21] (Citrix Online)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\Roblox\Versions\version-708f91f0ad924d5c\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Evan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2012-10-12] (Skype Limited)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @talk.google.com/O1DPlugin -> C:\Users\Evan\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin HKU\S-1-5-21-4046523146-1281529262-768510782-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Evan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Evan\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-10-26]
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-10-18]
    FF HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
     
    Chrome: 
    =======
    CHR StartupUrls: Profile 2 -> "hxxp://www.google.com/"
    CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (avast! Online Security) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-10-20]
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-20]
    CHR Profile: C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2
    CHR Extension: (YouTube) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-09]
    CHR Extension: (Facebook) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-09-28]
    CHR Extension: (Google Search) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-09]
    CHR Extension: (FromDocToPDF) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dhhjmlmdpcpiojiffodbldlkgcnaeogp [2015-02-10]
    CHR Extension: (Avast Online Security) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-06]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
    CHR Extension: (Google Wallet) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-11]
    CHR Extension: (Gmail) - C:\Users\Evan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-09]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-06]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-14] (SUPERAntiSpyware.com)
    R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-06] (AVAST Software)
    R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2015-02-06] (AVAST Software)
    R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
    R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
    R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [4327728 2013-11-05] (MediaMall Technologies, Inc.)
    R2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [257344 2011-02-15] (NTI Corporation)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
    R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
     
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-06] ()
    R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2015-02-06] (AVAST Software)
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-02-06] (AVAST Software)
    R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2015-02-06] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-06] (AVAST Software)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-06] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-06] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-06] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-06] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-06] ()
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [31080 2012-09-03] (AVG Technologies)
    R3 debutfilter; C:\Windows\System32\DRIVERS\debutfilterx64.sys [34512 2014-12-14] ()
    R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-03-05] (MediaMall Technologies, Inc.)
    S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
    R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
     
     
    ==================== One Month Created Files and Folders ========
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-12 16:44 - 2015-03-12 16:44 - 00000000 ____D () C:\Users\Evan\Downloads\FRST-OlderVersion
    2015-03-11 13:33 - 2015-03-11 13:34 - 00278984 _____ () C:\Windows\Minidump\031115-40638-01.dmp
    2015-03-10 15:43 - 2015-03-10 15:43 - 00000000 ____D () C:\Users\Evan\AppData\Local\{D8A16FB0-7845-4B30-89FB-23F9860FD4C6}
    2015-03-10 00:01 - 2015-03-10 00:01 - 00419682 _____ () C:\Users\Evan\Downloads\Malala Yousafzai.pptx
    2015-03-09 23:11 - 2015-03-12 16:49 - 00047786 _____ () C:\Users\Evan\Downloads\Addition.txt
    2015-03-09 23:09 - 2015-03-12 18:24 - 00026896 _____ () C:\Users\Evan\Downloads\FRST.txt
    2015-03-09 23:05 - 2015-03-12 18:23 - 00000000 ____D () C:\FRST
    2015-03-09 23:05 - 2015-03-12 16:44 - 02095616 _____ (Farbar) C:\Users\Evan\Downloads\FRST64.exe
    2015-03-09 19:03 - 2015-03-09 19:04 - 00279040 _____ () C:\Windows\Minidump\030915-42260-01.dmp
    2015-03-08 23:09 - 2015-03-08 23:09 - 00044313 _____ () C:\Users\Evan\Desktop\Epic Sports Checkout.html
    2015-03-08 23:09 - 2015-03-08 23:09 - 00000000 ____D () C:\Users\Evan\Desktop\Epic Sports Checkout_files
    2015-03-08 16:37 - 2015-03-08 16:37 - 00278984 _____ () C:\Windows\Minidump\030815-39234-01.dmp
    2015-03-07 15:16 - 2015-03-07 15:16 - 00279040 _____ () C:\Windows\Minidump\030715-38750-01.dmp
    2015-03-07 11:34 - 2015-03-07 11:35 - 00278984 _____ () C:\Windows\Minidump\030715-73226-01.dmp
    2015-03-04 15:18 - 2015-03-04 15:18 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000928 _____ () C:\Users\Public\Desktop\NETGEAR WNDA3100v2 Genie.lnk
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR WNDA3100v2 Genie
    2015-03-04 15:15 - 2015-03-04 15:15 - 00000000 ____D () C:\Program Files (x86)\NETGEAR
    2015-03-04 15:15 - 2011-12-12 18:42 - 01256192 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmwlhigh664.sys
    2015-03-04 15:15 - 2011-07-22 11:33 - 00025056 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\SCMNdisP.sys
    2015-03-04 15:15 - 2011-04-19 18:52 - 00095544 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
    2015-03-04 15:15 - 2011-04-19 18:31 - 03900928 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
    2015-03-04 15:15 - 2011-04-19 18:31 - 03566592 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
    2015-03-04 15:15 - 2010-06-09 14:11 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\wpcap.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\SysWOW64\Packet.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
    2015-03-04 15:15 - 2010-02-03 12:20 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
    2015-03-04 15:10 - 2015-03-04 15:10 - 35770251 _____ () C:\Users\Evan\Downloads\WNDA3100v2 Software Version 2.0.0.1.zip
    2015-03-03 18:16 - 2015-03-03 18:16 - 00012598 _____ () C:\Users\Evan\Desktop\System Idle Process.txt
    2015-03-03 18:09 - 2015-03-03 18:09 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
    2015-03-03 18:08 - 2015-03-03 18:08 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Evan\Downloads\procexp.exe
    2015-03-03 17:50 - 2015-03-03 17:54 - 00066785 _____ () C:\Users\Evan\Desktop\EVANSPC.txt
    2015-03-03 17:41 - 2015-03-03 18:05 - 00000000 ____D () C:\Program Files\Speccy
    2015-03-03 17:11 - 2015-03-03 17:11 - 00061440 _____ ( ) C:\Users\Evan\Downloads\VEW.exe
    2015-03-03 16:27 - 2015-03-03 16:27 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184 (2).exe
    2015-03-03 16:23 - 2015-03-03 16:23 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184 (1).exe
    2015-03-03 16:22 - 2015-03-03 16:33 - 00000994 _____ () C:\Users\Evan\Downloads\avgremover.log
    2015-03-03 16:22 - 2015-03-03 16:22 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Evan\Downloads\avg_remover_stf_x86_2011_1184.exe
    2015-02-27 12:59 - 2015-02-27 12:59 - 00011328 _____ () C:\Users\Evan\Downloads\10U Phone Tree.xlsx
    2015-02-27 12:55 - 2015-02-27 12:55 - 00035840 _____ () C:\Users\Evan\Downloads\2015 Spring 10u Softball (1).xls
    2015-02-27 12:53 - 2015-02-27 12:53 - 00035840 _____ () C:\Users\Evan\Downloads\2015 Spring 10u Softball.xls
    2015-02-26 20:42 - 2015-02-26 20:42 - 00602112 _____ (OldTimer Tools) C:\Users\Evan\Downloads\OTL (8).exe
    2015-02-26 17:44 - 2015-02-26 17:44 - 03021050 _____ () C:\Users\Evan\Downloads\WNDR3300-V1.0.45_1.0.45NA (1).zip
    2015-02-26 17:37 - 2015-02-26 17:37 - 03021050 _____ () C:\Users\Evan\Downloads\WNDR3300-V1.0.45_1.0.45NA.zip
    2015-02-25 17:39 - 2015-02-25 17:39 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\java
    2015-02-25 17:36 - 2015-02-25 17:36 - 00001319 _____ () C:\Users\Evan\Desktop\ROBLOX Player.lnk
    2015-02-25 17:34 - 2015-02-25 17:36 - 00001138 _____ () C:\Users\Evan\Desktop\ROBLOX Studio.lnk
    2015-02-25 17:34 - 2015-02-25 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
    2015-02-25 17:34 - 2015-02-25 17:34 - 00000000 ____D () C:\ProgramData\Roblox
    2015-02-25 17:33 - 2015-02-25 17:33 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (8).exe
    2015-02-25 17:16 - 2015-02-25 17:16 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (7).exe
    2015-02-25 17:15 - 2015-02-25 17:15 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (6).exe
    2015-02-25 17:15 - 2015-02-25 17:15 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (5).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (4).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (3).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (2).exe
    2015-02-25 17:12 - 2015-02-25 17:12 - 00000000 ____D () C:\Program Files (x86)\Roblox
    2015-02-25 17:11 - 2015-02-25 17:11 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher (1).exe
    2015-02-25 17:02 - 2015-02-25 17:02 - 00639856 _____ (ROBLOX Corporation) C:\Users\Evan\Downloads\RobloxPlayerLauncher.exe
    2015-02-23 19:18 - 2015-02-23 19:18 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
    2015-02-23 19:15 - 2015-02-23 19:28 - 00000000 ____D () C:\Program Files\Adobe
    2015-02-23 18:36 - 2015-02-23 18:36 - 00000000 ___RD () C:\Users\Evan\Creative Cloud Files
    2015-02-23 18:24 - 2015-02-23 18:24 - 00001313 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
    2015-02-23 18:24 - 2015-02-23 18:24 - 00001301 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
    2015-02-23 18:13 - 2015-02-23 18:20 - 00000000 ____D () C:\ProgramData\Package Cache
    2015-02-23 18:04 - 2015-02-23 18:04 - 00672944 _____ (Adobe Systems Incorporated) C:\Users\Evan\Downloads\CreativeCloudSet-Up.exe
    2015-02-21 17:06 - 2015-02-21 17:06 - 00013644 _____ () C:\Users\Evan\Downloads\2015 Pool Divisions (1).xlsx
    2015-02-21 17:05 - 2015-02-21 17:05 - 00017183 _____ () C:\Users\Evan\Downloads\2015 Brackets (1).xlsx
    2015-02-21 17:04 - 2015-02-21 17:04 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores (2).xlsx
    2015-02-20 20:48 - 2015-02-20 20:48 - 00014773 _____ () C:\Users\Evan\Downloads\life-skills-requirements (1).xlsx
    2015-02-20 19:59 - 2015-02-20 19:59 - 00014773 _____ () C:\Users\Evan\Downloads\life-skills-requirements.xlsx
    2015-02-20 18:22 - 2015-02-20 18:22 - 00017201 _____ () C:\Users\Evan\Downloads\Master Schedule Draft 11.20.14.xlsx
    2015-02-20 00:24 - 2015-02-20 00:25 - 00000000 ____D () C:\Users\Evan\AppData\Local\{E0BED9A0-878E-4323-A2F2-465B2821ABCA}
    2015-02-16 21:59 - 2015-02-16 21:59 - 00013644 _____ () C:\Users\Evan\Downloads\2015 Pool Divisions.xlsx
    2015-02-16 21:56 - 2015-02-16 21:56 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores (1).xlsx
    2015-02-16 21:53 - 2015-02-16 21:53 - 00017183 _____ () C:\Users\Evan\Downloads\2015 Brackets.xlsx
    2015-02-16 21:53 - 2015-02-16 21:53 - 00011774 _____ () C:\Users\Evan\Downloads\2015 Schedule&Scores.xlsx
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000490 _____ () C:\Windows\Tasks\Driver Support-RTMScan.job
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000488 _____ () C:\Windows\Tasks\Driver Support-RTMUpdater.job
    2015-02-12 13:28 - 2015-02-12 13:28 - 00000478 _____ () C:\Windows\Tasks\Driver Support-RTMRules.job
     
    ==================== One Month Modified Files and Folders =======
     
    (If an entry is included in the fixlist, the file\folder will be moved.)
     
    2015-03-12 18:24 - 2013-09-13 20:17 - 00000000 ____D () C:\ProgramData\MediaMall
    2015-03-12 18:20 - 2012-02-20 21:15 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
    2015-03-12 18:18 - 2009-07-13 23:45 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-03-12 18:18 - 2009-07-13 23:45 - 00017296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-03-12 18:13 - 2013-03-05 15:51 - 00000000 ___RD () C:\Users\Evan\Dropbox
    2015-03-12 18:13 - 2013-03-05 15:47 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Dropbox
    2015-03-12 18:13 - 2009-07-14 00:13 - 00006450 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-03-12 18:12 - 2011-10-13 21:37 - 00000000 ____D () C:\ProgramData\clear.fi
    2015-03-12 18:11 - 2012-07-12 19:23 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-03-12 18:11 - 2012-03-05 10:57 - 00000008 __RSH () C:\Users\Evan\ntuser.pol
    2015-03-12 18:11 - 2012-01-02 15:33 - 00000000 ____D () C:\Temp
    2015-03-12 18:11 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan
    2015-03-12 18:11 - 2011-08-09 14:16 - 02048358 _____ () C:\Windows\WindowsUpdate.log
    2015-03-12 18:09 - 2014-03-31 10:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
    2015-03-12 18:08 - 2013-10-25 13:41 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
    2015-03-12 18:08 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-03-12 18:08 - 2009-07-13 23:51 - 00136107 _____ () C:\Windows\setupact.log
    2015-03-12 18:06 - 2011-10-18 14:38 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\SoftGrid Client
    2015-03-12 18:05 - 2012-04-01 16:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-03-12 18:05 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
    2015-03-12 17:37 - 2012-07-12 19:23 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-03-12 17:35 - 2014-07-21 10:48 - 00000536 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001.job
    2015-03-12 16:45 - 2011-12-21 17:27 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job
    2015-03-12 16:45 - 2011-12-21 17:27 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
    2015-03-12 16:03 - 2011-10-14 16:04 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job
    2015-03-12 15:20 - 2012-02-20 21:15 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job
    2015-03-12 10:00 - 2011-10-14 16:04 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job
    2015-03-12 06:25 - 2012-02-20 21:17 - 00002362 _____ () C:\Users\Evan\Desktop\Google Chrome.lnk
    2015-03-11 13:48 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan\AppData\Local\Adobe
    2015-03-11 13:36 - 2009-07-14 00:08 - 00032616 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-03-11 13:33 - 2012-05-16 20:54 - 561828380 _____ () C:\Windows\MEMORY.DMP
    2015-03-11 13:33 - 2012-05-16 20:54 - 00000000 ____D () C:\Windows\Minidump
    2015-03-10 21:47 - 2014-03-22 21:01 - 00000000 ____D () C:\Users\Evan\Desktop\8u Indians Softball
    2015-03-10 16:03 - 2011-10-13 20:32 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2015-03-09 19:07 - 2012-11-18 12:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
    2015-03-05 18:24 - 2010-11-20 22:47 - 00839988 _____ () C:\Windows\PFRO.log
    2015-03-05 18:11 - 2011-10-13 21:48 - 00000000 ____D () C:\Users\Evan\Desktop\Security
    2015-03-04 15:15 - 2011-04-18 23:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2015-03-04 14:43 - 2012-12-02 15:26 - 02525696 ___SH () C:\Users\Evan\Downloads\Thumbs.db
    2015-03-03 18:19 - 2012-11-20 15:05 - 02134528 ___SH () C:\Users\Evan\Desktop\Thumbs.db
    2015-02-26 21:20 - 2012-11-14 10:56 - 00112260 _____ () C:\Users\Evan\Downloads\OTL.Txt
    2015-02-26 12:08 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
    2015-02-25 18:03 - 2012-06-05 15:48 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\.minecraft
    2015-02-24 21:32 - 2014-07-21 10:48 - 00003562 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001
    2015-02-24 19:50 - 2012-09-06 07:49 - 00000000 ____D () C:\Users\Evan\Desktop\MOMDAD
    2015-02-23 19:36 - 2013-11-08 15:22 - 00000000 ____D () C:\Program Files\Common Files\Adobe
    2015-02-23 19:33 - 2011-10-13 19:59 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Adobe
    2015-02-23 19:33 - 2011-04-18 23:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2015-02-23 18:27 - 2011-04-18 23:53 - 00000000 ____D () C:\ProgramData\Adobe
    2015-02-23 18:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
    2015-02-13 20:52 - 2014-03-24 19:49 - 00000000 ____D () C:\ProgramData\UAB
    2015-02-13 16:02 - 2013-03-05 15:51 - 00001017 _____ () C:\Users\Evan\Desktop\Dropbox.lnk
    2015-02-13 16:02 - 2013-03-05 15:48 - 00000000 ____D () C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
     
    ==================== Files in the root of some directories =======
     
    2015-02-06 19:28 - 2015-02-06 19:28 - 0000000 _____ () C:\Program Files (x86)\GUT9AAA.tmp
    2013-12-22 11:28 - 2013-12-22 11:28 - 0000000 _____ () C:\Users\Evan\AppData\Roaming\SharedSettings.ccs
    2014-12-14 20:08 - 2014-12-14 20:08 - 0001181 _____ () C:\Users\Evan\AppData\Roaming\trace_FilterInstaller.txt
    2014-12-14 20:08 - 2014-12-14 20:08 - 0000000 _____ () C:\Users\Evan\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
    2013-12-22 11:29 - 2013-12-22 11:29 - 0067992 _____ () C:\Users\Evan\AppData\Local\iscjiksh
    2014-07-25 11:45 - 2014-11-06 17:26 - 0007609 _____ () C:\Users\Evan\AppData\Local\resmon.resmoncfg
    2013-12-22 11:30 - 2013-12-22 11:30 - 0012326 _____ () C:\Users\Evan\AppData\Local\tdnndntv
    2011-08-09 14:32 - 2011-08-09 14:35 - 0015211 _____ () C:\ProgramData\ArcadeDeluxe5.log
    2011-10-26 11:45 - 2013-03-25 18:18 - 0003300 _____ () C:\ProgramData\hpzinstall.log
     
    Files to move or delete:
    ====================
    C:\Users\Evan\jagex_cl_runescape_LIVE.dat
    C:\Users\Evan\random.dat
     
     
    Some content of TEMP:
    ====================
    C:\Users\Evan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpldfnhg.dll
    C:\Users\Evan\AppData\Local\Temp\mmbtooar.dll
    C:\Users\Evan\AppData\Local\Temp\pwi0hpqv.dll
     
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-02-25 13:28
     
    ==================== End Of Log ============================
     
     
     
     
     
     
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
    Ran by Evan at 2015-03-12 18:25:48
    Running from C:\Users\Evan\Downloads
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
    FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    4500_G510nz_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
    4500G510nz_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
    64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
    Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.85 - NTI Corporation)
    Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1523 - CyberLink Corp.)
    Acer Crystal Eye Webcam (x32 Version: 1.0.1523 - CyberLink Corp.) Hidden
    Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
    Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.4 - WildTangent)
    Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3004 - Acer Incorporated)
    Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0301.2011 - Acer Incorporated)
    Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
    Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.1.474 - Adobe Systems Incorporated)
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
    Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
    Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
    Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
    Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.)
    Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Angry Birds Space (HKLM-x32\...\{3F2A323E-60C4-41E8-8CCB-9715D1D750C3}) (Version: 1.0.0 - Rovio)
    Apple Application Support (HKLM-x32\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-006A-76A7-A758B70C0A03}) (Version: 12.10.3.30 - APN, LLC) <==== ATTENTION
    Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Backup Manager V3 (x32 Version: 3.0.0.85 - NTI Corporation) Hidden
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
    Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version:  - )
    BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Busytown Uninstall (HKLM-x32\...\Busytown) (Version:  - )
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.1422.00 - CyberLink Corp.)
    clear.fi (x32 Version: 1.0.1422.00 - CyberLink Corp.) Hidden
    clear.fi (x32 Version: 9.0.7418 - CyberLink Corp.) Hidden
    clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3008 - Acer Incorporated)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.05 - NCH Software)
    Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    DiskAid 6.5.1.0 (HKLM\...\DiskAid_is1) (Version: 6.5.1.0 - DigiDNA)
    DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
    DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 8.1 - Driver Support)
    Dropbox (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
    eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
    Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
    Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
    FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
    Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    GetDiz (HKLM-x32\...\GetDiz) (Version: 4.8 - Outertech)
    Google Chrome (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
    Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
    GoToMeeting 6.5.0.2377 (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\GoToMeeting) (Version: 6.5.0.2377 - CitrixOnline)
    GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
    HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
    HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
    HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
    HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
    HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
    HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
    Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
    Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
    iTunes (HKLM\...\{5E11C972-1E76-45FE-8F92-14E0D1140B1B}) (Version: 10.5.3.3 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.5 - Acer Inc.)
    Logicly (HKLM-x32\...\ly.logic.LogiclyDesktop) (Version:  - Joshua Tynjala)
    magicJack (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
    MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
    MediaEspresso (x32 Version: 1.0.1418_35759 - CyberLink Corp.) Hidden
    MediaInfo 0.7.52 (HKLM\...\MediaInfo) (Version: 0.7.52 - MediaArea.net)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5131.5000 - Microsoft Corporation)
    Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft SkyDrive (HKU\S-1-5-21-4046523146-1281529262-768510782-1001\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    MotoHelper 2.1.32 Driver 5.4.0 (HKLM-x32\...\MotoHelper) (Version: 2.1.32 - Motorola)
    MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
    MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola)
    Motorola Mobile Drivers Installation 5.4.0 (Version: 5.4.0 - Motorola Inc.) Hidden
    Mozilla Firefox 20.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
    Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
    MyWinLocker (Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    MyWinLocker 4 (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.11 - Egis Technology Inc.)
    MyWinLocker Suite (x32 Version: 4.0.14.11 - Egis Technology Inc.) Hidden
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
    Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
    NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8942 - NTI Corporation)
    NTI Media Maker 9 (x32 Version: 9.0.2.8942 - NTI Corporation) Hidden
    OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
    Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1004 - Microsoft Corporation) Hidden
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PlayOn (HKLM-x32\...\{F21DECDA-C978-44CE-A109-085B8CBDE706}) (Version: 3.7.15 - MediaMall Technologies, Inc.)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
    Quick Screen Capture 3.0 (HKLM-x32\...\Quick Screen Capture 3.0_is1) (Version: 3.0 - Etru Software Development)
    QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6314 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
    ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
    Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
    Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
    Shredder (Version: 2.0.8.7 - Egis Technology Inc.) Hidden
    Shredder (x32 Version: 2.0.8.7 - Egis Technology Inc.) Hidden
    Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
    SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
    Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1132 - SUPERAntiSpyware.com)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)
    Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden
    Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
    Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
    TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
    Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
    VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.74 - NCH Software)
    Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
    WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
    Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
    WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
    WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
    WildTangent Games App (x32 Version: 4.0.6.14 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    WinRAR 5.00 beta 7 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.7 - win.rar GmbH)
    Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
     
    ==================== Custom CLSID (selected items): ==========================
     
    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
     
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1468\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Evan\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Evan\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_1\amd64\FileSyncApi64.dll (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-4046523146-1281529262-768510782-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Evan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
     
    ==================== Restore Points  =========================
     
    Check "winmgmt" service or repair WMI.
     
     
    ==================== Hosts content: ==========================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2009-07-13 21:34 - 2014-04-03 11:15 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
    127.0.0.1       localhost
    ::1       localhost
     
    ==================== Scheduled Tasks (whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
     
    Task: {011E5A06-3058-4F81-B788-E66BDC544A55} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-06] (AVAST Software)
    Task: {04850818-0BE5-41E8-9A5E-1F3674A39E49} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {1331F64E-A032-4821-A48B-6CADA4282A63} - System32\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {2E514F4E-8D99-48F9-A719-0E01E5E85C05} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {347C6A1C-5D96-447B-A701-265F7EB1D7C7} - System32\Tasks\{2F52B03F-A57F-41B3-94C2-EFFF8E091810} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2009-05-21] (Hewlett-Packard Company)
    Task: {3D03FAE7-7B3E-4FC2-9F17-5D66C0936E5B} - System32\Tasks\AdobeAAMUpdater-1.0-EvansPc-Evan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
    Task: {4BBBD4F3-4D7D-4FD5-8094-73EEA60FD0A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {62C7804D-39CF-4F70-B900-BC93818359BA} - System32\Tasks\{E6AE6510-1F8D-4F23-A44C-C2AF955819BF} => Firefox.exe http://ui.skype.com/...ffered;disabled
    Task: {6BF99ED0-7307-435E-B9D8-E67F109FF0A4} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {6D6499F8-7BE7-400C-82A4-80C51A867544} - System32\Tasks\{79AE2647-5CD9-402E-B0A2-B07475D70EF2} => C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe [2011-10-24] (Apple Inc.)
    Task: {6D7C49E9-0B96-40B9-A47F-414A8875ED1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
    Task: {76CA7021-6268-41ED-832E-44BA09CB00A6} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {7CD881BF-C2C2-46CD-AA18-4D4109131F7F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {86360C84-17F5-42A4-823A-B7358632A9E4} - System32\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com)
    Task: {8AF228B0-E9FD-4B74-874E-9AA1CD21B431} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {91008A81-3DC7-4FBB-8074-E46F5459CFFA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: {912ED026-729E-4094-823D-CE9CBAE6998A} - System32\Tasks\{FE92EC34-6D25-451E-9F37-6DBED4AC0389} => pcalua.exe -a "C:\Users\Evan\Downloads\AdobeAIRInstaller (1).exe" -d C:\Users\Evan\Downloads
    Task: {91513C28-1031-4AB3-B405-4A943AB31F00} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-02-22] (CyberLink)
    Task: {9E4A9977-5025-478C-A040-96DEE5CF675B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
    Task: {C06F03AB-2332-4923-B32D-70A70B97A539} - System32\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001 => C:\Program Files (x86)\Citrix\GoToMeeting\2377\g2mupdate.exe [2015-02-24] (Citrix Online, a division of Citrix Systems, Inc.)
    Task: {DC6ABDBB-BBB3-41D9-BC24-30387E343587} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-02-22] (CyberLink Corp.)
    Task: {E1FE74A8-2D50-471D-85C4-EC90CC70FC58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-12] (Google Inc.)
    Task: {EBF017A5-5A67-4145-923D-FC91F1B0A178} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: {F77B85E4-87CD-459B-A116-246BA19D328C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
    Task: {FEA98B49-B152-484B-91B6-EB2903806E9B} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-02-22] (Acer Incorporated)
    Task: {FED6DF03-EC25-4615-9A3F-09446BF5F4E9} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2014-05-22] (PC Drivers Headquarters)
    Task: {FFC36402-FC4D-4B72-B39B-B9A3BBCA3386} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] ()
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Driver Support-RTMRules.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\Driver Support-RTMScan.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\Driver Support-RTMUpdater.job => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job => C:\Users\Evan\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4046523146-1281529262-768510782-1001.job => C:\Program Files (x86)\Citrix\GoToMeeting\2377\g2mupdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001Core.job => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4046523146-1281529262-768510782-1001UA.job => C:\Users\Evan\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a39e6601-b5e7-4df7-8b21-269bdcb13c35.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f740b301-be2e-4adf-b5cf-ad7cc5dd55e3.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
     
    ==================== Loaded Modules (whitelisted) ==============
     
    2011-12-06 16:00 - 2011-12-06 16:00 - 00214896 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
    2015-03-04 15:15 - 2011-12-14 18:53 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
    2015-02-11 16:13 - 2015-02-11 16:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
    2011-12-06 16:00 - 2011-12-06 16:00 - 00784240 _____ () C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
    2014-03-13 12:37 - 2014-05-22 20:41 - 00428424 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
    2015-03-04 15:15 - 2011-12-14 18:55 - 08453376 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
    2015-02-11 16:12 - 2015-02-11 16:12 - 05739680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    2015-03-12 17:52 - 2015-03-12 17:52 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031204\algo.dll
    2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
    2011-06-16 23:39 - 2011-06-16 23:39 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
    2011-09-19 02:59 - 2011-09-19 02:59 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
    2011-06-16 23:40 - 2011-06-16 23:40 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
    2013-03-05 20:25 - 2013-03-05 20:25 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll
    2013-09-13 20:43 - 2012-09-18 20:35 - 00017408 _____ () C:\Program Files (x86)\MediaMall\plugins\ParseUtilities.dll
    2011-02-15 13:37 - 2011-02-15 13:37 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
    2011-02-15 13:36 - 2011-02-15 13:36 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
    2011-02-15 13:37 - 2011-02-15 13:37 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
    2015-03-04 15:15 - 2011-12-14 11:22 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
    2011-02-22 12:01 - 2011-02-22 12:01 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
    2015-02-06 19:56 - 2015-02-06 19:56 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
    2015-03-04 15:15 - 2011-12-14 11:43 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00750080 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
    2015-03-12 18:12 - 2015-03-12 18:12 - 00043008 _____ () c:\users\evan\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpldfnhg.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00047616 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\libEGL.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00865280 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
    2015-02-10 16:00 - 2015-02-10 16:00 - 00200704 _____ () C:\Users\Evan\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
    2011-04-18 23:22 - 2010-04-13 11:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
    2015-02-15 15:58 - 2015-02-15 15:58 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
    2015-03-12 06:25 - 2015-03-07 01:12 - 01174856 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
    2015-03-12 06:25 - 2015-03-07 01:12 - 00080200 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\41.0.2272.89\libegl.dll
    2015-03-12 06:25 - 2015-03-07 01:13 - 09279304 _____ () C:\Users\Evan\AppData\Local\Google\Chrome\Application\41.0.2272.89\pdf.dll
     
    ==================== Alternate Data Streams (whitelisted) =========
     
    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
     
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34
     
    ==================== Safe Mode (whitelisted) ===================
     
    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
     
    ==================== EXE Association (whitelisted) ===============
     
    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-4046523146-1281529262-768510782-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-4046523146-1281529262-768510782-500 - Administrator - Disabled)
    Evan (S-1-5-21-4046523146-1281529262-768510782-1001 - Administrator - Enabled) => C:\Users\Evan
    Guest (S-1-5-21-4046523146-1281529262-768510782-501 - Administrator - Disabled) => C:\Users\Guest
    HomeGroupUser$ (S-1-5-21-4046523146-1281529262-768510782-1002 - Administrator - Enabled)
     
    ==================== Faulty Device Manager Devices =============
     
    Could not list Devices. Check "winmgmt" service or repair WMI.
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (03/12/2015 06:13:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
     
    Error: (03/12/2015 06:13:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
     
    Error: (03/12/2015 06:12:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA 'Win32_Process'0x80041010
     
    Error: (03/12/2015 06:10:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
     
    Error: (03/12/2015 06:10:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
     
    Error: (03/11/2015 01:41:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
     
    Error: (03/11/2015 01:41:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
     
    Error: (03/11/2015 01:37:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA 'Win32_Process'0x80041010
     
    Error: (03/11/2015 01:37:02 PM) (Source: SecurityCenter) (EventID: 3) (User: )
    Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
     
    Error: (03/10/2015 09:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: PmmUpdate.exe, version: 1.1.36.0, time stamp: 0x4c932097
    Faulting module name: netprofm.dll_unloaded, version: 0.0.0.0, time stamp: 0x4a5bda75
    Exception code: 0xc0000005
    Fault offset: 0x71342505
    Faulting process id: 0x1e9c
    Faulting application start time: 0xPmmUpdate.exe0
    Faulting application path: PmmUpdate.exe1
    Faulting module path: PmmUpdate.exe2
    Report Id: PmmUpdate.exe3
     
     
    System errors:
    =============
    Error: (03/12/2015 06:25:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:21 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:21 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/12/2015 06:25:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Peer Name Resolution Protocol service terminated with the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:03 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
    Error: (03/12/2015 06:25:03 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/12/2015 06:25:03 PM) (Source: PNRPSvc) (EventID: 102) (User: )
    Description: 0x80630801
     
    Error: (03/12/2015 06:24:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: 
    %%-2140993535
     
     
    Microsoft Office Sessions:
    =========================
    Error: (03/12/2015 06:13:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F20300004D070000
     
    Error: (03/12/2015 06:13:24 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
     
    Error: (03/12/2015 06:12:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA 'Win32_Process'0x80041010
     
    Error: (03/12/2015 06:10:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F20300004D070000
     
    Error: (03/12/2015 06:10:36 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
     
    Error: (03/11/2015 01:41:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
    Description: WmiApRplWmiApRpl8F20300004D070000
     
    Error: (03/11/2015 01:41:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
    Description: Performance1637070000000000000000000009030000
     
    Error: (03/11/2015 01:37:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: //./ROOT/CIMV2SELECT * FROM __InstanceCreationEvent WITHIN 5 WHERE TargetInstance ISA 'Win32_Process'0x80041010
     
    Error: (03/11/2015 01:37:02 PM) (Source: SecurityCenter) (EventID: 3) (User: )
    Description: 
     
    Error: (03/10/2015 09:40:23 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: PmmUpdate.exe1.1.36.04c932097netprofm.dll_unloaded0.0.0.04a5bda75c0000005713425051e9c01d05b3300e81a09C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exenetprofm.dllf6d768aa-c797-11e4-a19c-b870f4dd281e
     
     
    CodeIntegrity Errors:
    ===================================
      Date: 2012-11-19 10:23:42.536
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
      Date: 2012-11-19 10:23:42.458
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Pentium® CPU P6200 @ 2.13GHz
    Percentage of memory in use: 60%
    Total physical RAM: 3766.7 MB
    Available physical RAM: 1495.09 MB
    Total Pagefile: 7531.59 MB
    Available Pagefile: 4975.65 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB
     
    ==================== Drives ================================
     
    Drive c: (Acer) (Fixed) (Total:449.66 GB) (Free:352.09 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 22F65FB9)
    Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=449.7 GB) - (Type=07 NTFS)
     
    ==================== End Of Log ============================

    Edited by realapp, 12 March 2015 - 05:39 PM.

    • 0

    #15
    RKinner
    Posted 12 March 2015 - 06:03 PM

    RKinner

      Malware Expert

    • Expert
    • 24,625 posts
    • MVP
    Download and save the AVG removal tool
     
    Right click on the downloaded file and Run As Admin.
     
    Are you using MyWinLocker Suite?  Lots of errors.  I would uninstall it and and then if you use it download a new copy and reinstall it.

    MyWinLocker Suite is typically pre-installed with Acer computers.
    Some users and experts alike have reported that this program is considered bloatware or bundleware. Such software is optional and can be safely removed if you do not utilize the features of the progam.
    • It is usually licensed for use only on the Acer PC on which it was pre-installed.
    • It is often time or functionally (lite version) limited for Acer computers.
    • If you do not use this program you might consider remvoing it as it often consumes system resources, even if not actively being run, adversely affecting system responsiveness.
     

     

     

     
     
    Is it running any better?

    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP