1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

What can I delete in the registry?

Discussion in 'Windows 7' started by Maria AV, Sep 13, 2013.

  1. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    So my laptop hasn't been on its best behavior lately. As in, I can barely load it up and shutting it down or putting it to sleep always makes it freeze.

    Anyways, I went back to a past restore point and it seems to be faring better but some things are still off. I'd like it if someone can help me clean up my registry. I don't know if that has anything to do with it (I'm pretty much a beginner in this kind of thing).

    I ran the registry cleaner through CCleaner. I'm not sure if that's a good one to use, but I read it's more gentle or at least not too thorough like others. I don't want to accidentally delete something vital.

    Anyways, before I write a whole essay on my ramblings, here is a (long) image of the "problems".


    Also, if I should provide any other information, please tell me. registryimage.png
     
    Maria AV, Sep 13, 2013
    #1
  3. DSTM (Dougie)

    DSTM (Dougie) Registered Members

    Joined:
    May 3, 2009
    Messages:
    8,270
    Location:
    SYDNEY AUSTRALIA
    Operating System:
    Windows 7
    Hi Maria. Welcome to Computer Help Forums.
    CHF does not recommend the use of registry cleaners.
    Delete anything you shouldn't and your computer can cease to function causing an OS reinstall.
    There are no Save or undo functions in the registry.
    I would be looking at other issues which may be causing your issues.
    If your not highly experienced with the registry then best to keep out.
     
    DSTM (Dougie), Sep 13, 2013
    #2
  4. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    Yeah, I'm not experienced. Not at all. I'm just worried there's a corrupt file...or something which is causing my computer to go haywire on me. But alright, thank you for the response. :D
     
    Maria AV, Sep 13, 2013
    #3
  5. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    This sounds more than some corrupt registry files.
    The registry is very resilient and it would take a hell of a lot to start causing problems.
    The cause is more likely to be Conflicting Programs, Adware, Malware, an over abundance of 'Temp' files or a number of other things.

    We could give you a good idea of any of these problems by simply running the program below:
    You don't say if your system is a 32bit or a 64bit system......

    Note:
    There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type.

    If you are unsure what you're system bit type is..... click Here for help.

    For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop.

    For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop.

    • Double-click the downloaded icon to run the tool.

      [​IMG]
    • When the tool opens click Yes to disclaimer.

      [​IMG]
    • Press Scan button.

      [​IMG]
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also.
     
    starbuck, Sep 13, 2013
    #4
  6. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    Thank you for replying. I would have done this step yesterday, but my internet gets cut off sometimes so I only got on now.
    Anyways, the logs are very long, so here goes.
    (Also, I'm running a 64 bit system)

    FRST.txt
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04
    Ran by Maria (administrator) on MARIA-PC on 14-09-2013 11:43:54
    Running from C:\Users\Maria\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
    (Microsoft Corporation) C:\windows\system32\WLANExt.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
    (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
    () C:\Program Files (x86)\RocketDock\RocketDock.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    (Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
    () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
    (Bao_Nguyen) C:\Program Files (x86)\Switcher\Switcher.exe
    (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
    (Logitech Inc.) C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (cyberlink) C:\Program Files (x86)\CyberLink\Shared Files\brs.exe
    (Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BluetoothHeadsetProxy.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    () C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
    (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11786344 2011-03-28] (Realtek Semiconductor)
    HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
    HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2712360 2011-03-20] (Synaptics Incorporated)
    HKLM\...\Run: [OnekeyStudio] - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789920 2011-07-23] (Lenovo)
    HKLM\...\Run: [Lenovo EE Boot Optimizer] - C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2011-07-23] (Lenovo)
    HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-07-23] (Lenovo (Beijing) Limited)
    HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-07-23] (Lenovo(beijing) Limited)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKCU\...\Run: [Google Update] - C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-04] (Google Inc.)
    HKCU\...\Run: [AdobeBridge] - [x]
    HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
    HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
    HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-13] ()
    HKCU\...\Run: [FreeCT] - C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe [2107304 2012-12-17] (Comfort Software Group)
    HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3549528 2013-09-14] (Electronic Arts)
    HKCU\...\Run: [Switcher] - C:\Program Files (x86)\Switcher\Switcher.exe [425984 2007-10-28] (Bao_Nguyen)
    HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
    HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-16] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink Corp.)
    HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-08-24] (cyberlink)
    HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2011-01-28] (CyberLink)
    HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [228448 2011-01-28] (CyberLink Corp.)
    HKLM-x32\...\Run: [VeriFaceManager] - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-07-23] (Lenovo)
    HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
    HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
    AppInit_DLLs: C:\windows\system32\nvinitx.dll [266448 2013-06-21] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll [214448 2013-06-21] (NVIDIA Corporation)
    Startup: C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/
    SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
    BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
    Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - No File
    Handler-x32: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\ic8kvho4.default
    FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Maria\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Maria\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
    FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn\
    FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\
    FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn\

    Chrome:
    =======
    CHR HomePage: hxxp://lenovo.msn.com/
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Shockwave Flash) - C:\Users\Maria\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll No File
    CHR Plugin: (Shockwave Flash) - C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\gcswf32.dll No File
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
    CHR Plugin: (Norton Confidential) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll No File
    CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Plugin: (Google Update) - C:\Users\Maria\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
    CHR Extension: (Duolingo) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl\1.0.10_0
    CHR Extension: (Purple flowers(Non-Aero)) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\apifmdobolibbidmcdlofnnenabonodd\1.0.0.2_0
    CHR Extension: (Search by Image (by Google)) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm\1.5.0_0
    CHR Extension: (High Contrast) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph\0.5_0
    CHR Extension: (Click&Clean) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\8.3_0
    CHR Extension: (AdBlock) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0
    CHR Extension: (Don't Starve) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0
    CHR Extension: (Looper for YouTube) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\iggpfpnahkgpnindfkdncknoldgnccdg\4.9.5_0
    CHR Extension: (Coupons at Checkout) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegphgaihkjoophpabchkmpaknehfamb\1.3.1_0
    CHR Extension: (Google Mail Checker) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0
    CHR Extension: (Norton Identity Protection) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0
    CHR Extension: (Chrome In-App Payments service) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
    CHR Extension: (Click&Clean App) - C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp\8.0_0
    CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx

    ==================== Services (Whitelisted) =================

    R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953632 2010-12-14] (Broadcom Corporation.)
    S2 CLKMSVC10_3A60B698; C:\Program Files (x86)\Lenovo\PowerDVD10\NavFilter\kmsvc.exe [240112 2010-10-13] (CyberLink)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
    R2 N360; C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
    R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service 1.0\Oasis2Service.exe [46080 2010-12-22] ()

    ==================== Drivers (Whitelisted) ====================

    R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-03] (Symantec Corporation)
    R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130903.002\BHDrvx64.sys [1525336 2013-09-03] (Symantec Corporation)
    R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
    R3 DelayMan; C:\Windows\System32\DRIVERS\delayman.sys [20064 2011-07-23] (Ensurebit Inc.)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-09-12] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130912.001_fb1\IDSvia64.sys [520280 2013-09-12] (Symantec Corporation)
    R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130912.001_fb1\IDSvia64.sys [520280 2013-09-12] (Symantec Corporation)
    R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130913.004\ENG64.SYS [126040 2013-09-12] (Symantec Corporation)
    R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130913.004\ENG64.SYS [126040 2013-09-12] (Symantec Corporation)
    R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130913.004\EX64.SYS [2099288 2013-09-12] (Symantec Corporation)
    R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130913.004\EX64.SYS [2099288 2013-09-12] (Symantec Corporation)
    S3 qcusbser; C:\Windows\System32\DRIVERS\qcusbser.sys [118016 2010-08-27] (TCT International Mobile Ltd)
    R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8199016 2011-03-23] (Realtek Semiconductor Corp.)
    R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
    R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-27] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
    R1 winioex; C:\Windows\System32\drivers\winioex.sys [15456 2011-07-23] (Ensurebit Inc.)
    U3 BcmSqlStartupSvc;
    U2 CLKMSVC10_C3B3B687;
    U2 DriverService;
    U2 iATAgentService;
    U2 idealife Update Service;
    U3 IGRS;
    U2 IviRegMgr;
    U2 PCCarerService;
    U2 ReadyComm.DirectRouter;
    U2 RichVideo;
    U2 RtLedService;
    U2 SeaPort;
    U2 SoftwareService;
    U3 SQLWriter;

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-09-14 11:43 - 2013-09-14 11:43 - 00000000 ____D C:\FRST
    2013-09-14 11:42 - 2013-09-14 11:42 - 01950312 _____ (Farbar) C:\Users\Maria\Desktop\FRST64.exe
    2013-09-14 11:32 - 2013-09-14 11:32 - 00000056 _____ C:\windows\setupact.log
    2013-09-14 11:32 - 2013-09-14 11:32 - 00000000 _____ C:\windows\setuperr.log
    2013-09-13 15:13 - 2013-09-13 15:27 - 00000000 ____D C:\Users\Maria\Desktop\moer
    2013-09-13 11:33 - 2013-09-13 11:33 - 09430408 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2013-09-13 10:17 - 2013-09-13 10:17 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2013-09-13 09:46 - 2013-09-13 09:46 - 00002696 _____ C:\{A76AF373-9DE8-4475-8D7D-D81974452EED}
    2013-09-05 17:03 - 2013-09-05 17:03 - 00208109 _____ C:\Users\Maria\Downloads\action_photoshop_by_angelikazbojenska-d5dwqi3.zip
    2013-09-05 16:55 - 2013-09-05 16:55 - 00524416 _____ C:\Users\Maria\Downloads\phoshop_action_28_by_igotthelook-d384qt8.zip
    2013-09-04 16:52 - 2013-09-04 16:52 - 00000056 _____ C:\{465FB3C9-CB56-4B31-BDF7-6A892A566E71}
    2013-09-03 11:22 - 2010-07-27 18:32 - 15171597 _____ C:\Users\Maria\Downloads\UnderseaHD.wmv
    2013-09-03 11:22 - 2009-03-15 01:49 - 05220243 _____ C:\Users\Maria\Downloads\Form React.wmv
    2013-09-03 11:21 - 2009-03-15 20:52 - 02627121 _____ C:\Users\Maria\Downloads\Bokeh.wmv
    2013-09-03 11:11 - 2013-09-03 11:11 - 15158188 _____ C:\Users\Maria\Downloads\dreamscene_undersea_HD1080p_by_Ezio17.rar
    2013-09-03 11:09 - 2013-09-03 11:09 - 05189429 _____ C:\Users\Maria\Downloads\Form_React_Dreamscene_by_filipe_ps.rar
    2013-09-03 11:08 - 2013-09-03 11:08 - 02602316 _____ C:\Users\Maria\Downloads\Bokeh_Dreamscene_by_filipe_ps.rar
    2013-09-03 11:05 - 2013-09-03 11:06 - 10301700 _____ C:\Users\Maria\Downloads\Matrix2.wmv
    2013-09-03 11:04 - 2013-09-03 11:05 - 25192873 _____ C:\Users\Maria\Downloads\Matrix.wmv
    2013-09-03 11:04 - 2013-09-03 11:04 - 06752872 _____ C:\Users\Maria\Downloads\iDream.wmv
    2013-09-03 11:03 - 2013-09-03 11:03 - 00431456 _____ C:\Users\Maria\Downloads\W7DSA.zip
    2013-09-02 14:07 - 2013-09-02 14:07 - 00000000 ____D C:\Users\Maria\AppData\Local\NVIDIA
    2013-08-28 14:17 - 2013-08-28 14:17 - 00000000 ____D C:\Users\Maria\AppData\Roaming\NVIDIA
    2013-08-24 13:44 - 2013-09-13 10:02 - 00000000 ____D C:\Users\Maria\AppData\Roaming\TagScanner
    2013-08-24 13:43 - 2013-09-13 10:02 - 00000000 ____D C:\Program Files (x86)\TagScanner
    2013-08-24 10:48 - 2013-09-12 15:12 - 00000000 ____D C:\windows\system32\MRT
    2013-08-24 10:40 - 2013-08-24 10:40 - 00000000 ____D C:\windows\SysWOW64\NV
    2013-08-24 10:40 - 2013-08-24 10:40 - 00000000 ____D C:\windows\system32\NV
    2013-08-24 10:38 - 2013-08-24 10:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2013-08-24 10:36 - 2013-08-24 10:36 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
    2013-08-24 10:36 - 2012-09-13 15:57 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Macromedia
    2013-08-24 10:36 - 2012-08-21 10:46 - 00000000 ____D C:\Users\UpdatusUser\AppData\Local\Microsoft Help
    2013-08-24 10:36 - 2011-07-23 02:04 - 00002104 _____ C:\Users\UpdatusUser\Desktop\OneKey Recovery.lnk
    2013-08-24 10:36 - 2011-07-23 02:04 - 00000000 ____D C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
    2013-08-24 10:36 - 2011-07-23 01:49 - 00001140 _____ C:\Users\UpdatusUser\Desktop\Cyberlink Power2Go.lnk
    2013-08-24 10:36 - 2010-12-18 22:31 - 00000189 _____ C:\Users\UpdatusUser\Desktop\Lenovo Telephony Start Now.url
    2013-08-24 10:36 - 2009-07-13 21:54 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2013-08-24 10:36 - 2009-07-13 21:49 - 00000000 ___RD C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2013-08-24 10:35 - 2013-06-21 03:23 - 06496544 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 03514656 _____ (NVIDIA Corporation) C:\windows\system32\nvsvc64.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 02555680 _____ (NVIDIA Corporation) C:\windows\system32\nvsvcr.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 01025312 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshext.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 00884512 _____ (NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
    2013-08-24 10:35 - 2013-06-21 03:23 - 00237856 _____ (NVIDIA Corporation) C:\windows\system32\nvmctray.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 00067072 _____ (NVIDIA Corporation) C:\windows\system32\nv3dappshextr.dll
    2013-08-24 10:35 - 2013-06-21 03:23 - 00063776 _____ (NVIDIA Corporation) C:\windows\system32\nvshext.dll
    2013-08-24 10:35 - 2013-06-19 21:17 - 03253909 _____ C:\windows\system32\nvcoproc.bin
    2013-08-24 10:34 - 2013-08-24 10:38 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2013-08-24 10:34 - 2013-06-21 05:06 - 00061216 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
    2013-08-24 10:34 - 2013-06-21 05:06 - 00053024 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
    2013-08-24 10:28 - 2013-08-24 10:28 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
    2013-08-24 10:26 - 2013-08-24 10:28 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-08-24 10:26 - 2013-08-24 10:28 - 00000000 ____D C:\Program Files\iTunes
    2013-08-24 10:26 - 2013-08-24 10:28 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files\iPod
    2013-08-24 10:25 - 2013-06-21 05:06 - 27781920 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 21102368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 15920536 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 15144928 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 13411896 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvwgf2um.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 12427240 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvd3dum.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 11235104 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
    2013-08-24 10:25 - 2013-06-21 05:06 - 09239344 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 07687592 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 07641832 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 06324360 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02953504 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02936208 _____ (NVIDIA Corporation) C:\windows\system32\nvapi64.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02777888 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02597856 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02363680 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 02002720 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 01832224 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6432049.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 01511712 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6432049.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 01059560 _____ (NVIDIA Corporation) C:\windows\system32\nvumdshimx.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00925648 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvumdshim.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00572704 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00570656 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00467232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00465184 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00266448 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00218592 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00214448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00181488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
    2013-08-24 10:25 - 2013-06-21 05:06 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
    2013-08-24 10:25 - 2013-06-21 05:06 - 00021578 _____ C:\windows\system32\nvinfo.pb
    2013-08-24 10:18 - 2013-08-24 10:20 - 233871960 _____ (NVIDIA Corporation) C:\Users\Maria\Downloads\320.49-notebook-win8-win7-64bit-international-whql.exe
    2013-08-24 10:15 - 2013-08-24 10:15 - 00001805 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
    2013-08-24 10:14 - 2013-08-24 10:15 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-08-23 00:13 - 2013-08-23 00:14 - 00000000 ____D C:\29ead02a1b90fba64cb2
    2013-08-16 20:50 - 2013-08-16 20:50 - 00002904 _____ C:\{A0B94271-6957-43FE-8268-24D14233B104}

    ==================== One Month Modified Files and Folders =======

    2013-09-14 11:44 - 2013-03-13 19:32 - 00000000 ____D C:\Users\Maria\AppData\Local\PMB Files
    2013-09-14 11:43 - 2013-09-14 11:43 - 00000000 ____D C:\FRST
    2013-09-14 11:42 - 2013-09-14 11:42 - 01950312 _____ (Farbar) C:\Users\Maria\Desktop\FRST64.exe
    2013-09-14 11:42 - 2012-08-05 00:44 - 00000000 ____D C:\Users\Maria\AppData\Local\Adobe
    2013-09-14 11:41 - 2012-08-04 19:29 - 00000908 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002UA.job
    2013-09-14 11:41 - 2009-07-13 21:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-09-14 11:41 - 2009-07-13 21:45 - 00021280 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-09-14 11:39 - 2011-07-23 01:02 - 01459447 _____ C:\windows\WindowsUpdate.log
    2013-09-14 11:34 - 2012-08-07 17:27 - 00000000 ____D C:\Program Files (x86)\Origin
    2013-09-14 11:34 - 2012-08-05 23:00 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Skype
    2013-09-14 11:33 - 2012-09-03 11:54 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
    2013-09-14 11:33 - 2011-07-23 02:04 - 00387800 _____ C:\windows\system32\fastboot.set
    2013-09-14 11:33 - 2011-07-23 01:58 - 00000000 ____D C:\ProgramData\VeriFace
    2013-09-14 11:32 - 2013-09-14 11:32 - 00000056 _____ C:\windows\setupact.log
    2013-09-14 11:32 - 2013-09-14 11:32 - 00000000 _____ C:\windows\setuperr.log
    2013-09-14 11:32 - 2011-07-23 01:58 - 02055000 _____ C:\FaceProv.log
    2013-09-14 11:32 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
    2013-09-13 16:41 - 2009-07-13 22:13 - 00782010 _____ C:\windows\system32\PerfStringBackup.INI
    2013-09-13 15:27 - 2013-09-13 15:13 - 00000000 ____D C:\Users\Maria\Desktop\moer
    2013-09-13 13:44 - 2013-06-08 13:42 - 00000000 ____D C:\Program Files (x86)\File Type Assistant
    2013-09-13 11:33 - 2013-09-13 11:33 - 09430408 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2013-09-13 11:33 - 2012-09-03 11:54 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2013-09-13 11:33 - 2012-09-03 11:54 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-09-13 11:33 - 2012-09-03 11:54 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-13 10:19 - 2012-08-04 19:55 - 00002368 _____ C:\Users\Maria\Desktop\Google Chrome.lnk
    2013-09-13 10:19 - 2012-08-04 19:55 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2013-09-13 10:17 - 2013-09-13 10:17 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2013-09-13 10:17 - 2013-06-01 12:27 - 00000000 ____D C:\Program Files\CCleaner
    2013-09-13 10:07 - 2012-08-04 18:13 - 00000000 ____D C:\Users\Maria
    2013-09-13 10:03 - 2013-07-21 09:17 - 00000000 ____D C:\Users\Julianna and Mom
    2013-09-13 10:03 - 2013-07-05 08:25 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
    2013-09-13 10:03 - 2013-04-23 07:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
    2013-09-13 10:03 - 2013-04-23 07:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
    2013-09-13 10:03 - 2013-03-13 19:32 - 00000000 ____D C:\ProgramData\PMB Files
    2013-09-13 10:03 - 2012-08-17 09:31 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-09-13 10:03 - 2012-08-04 20:26 - 00000000 ____D C:\Users\Maria\AppData\Roaming\.minecraft
    2013-09-13 10:03 - 2012-08-04 18:19 - 00000000 ____D C:\ProgramData\Norton
    2013-09-13 10:03 - 2011-07-23 01:15 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2013-09-13 10:03 - 2011-07-23 01:15 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2013-09-13 10:03 - 2011-02-22 04:42 - 00000000 ____D C:\Program Files\Windows Journal
    2013-09-13 10:03 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files\Windows Defender
    2013-09-13 10:03 - 2009-07-13 22:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
    2013-09-13 10:03 - 2009-07-13 20:20 - 00000000 ____D C:\windows\system32\NDF
    2013-09-13 10:03 - 2009-07-13 20:20 - 00000000 ____D C:\windows\security
    2013-09-13 10:03 - 2009-07-13 20:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2013-09-13 10:02 - 2013-08-24 13:44 - 00000000 ____D C:\Users\Maria\AppData\Roaming\TagScanner
    2013-09-13 10:02 - 2013-08-24 13:43 - 00000000 ____D C:\Program Files (x86)\TagScanner
    2013-09-13 10:00 - 2011-07-23 01:49 - 00000000 ____D C:\windows\SysWOW64\Macromed
    2013-09-13 10:00 - 2009-07-13 20:20 - 00000000 ____D C:\windows\registration
    2013-09-13 09:56 - 2012-08-04 18:13 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
    2013-09-13 09:54 - 2012-08-17 09:31 - 00000000 __RHD C:\MSOCache
    2013-09-13 09:54 - 2011-07-23 01:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2013-09-13 09:46 - 2013-09-13 09:46 - 00002696 _____ C:\{A76AF373-9DE8-4475-8D7D-D81974452EED}
    2013-09-12 15:12 - 2013-08-24 10:48 - 00000000 ____D C:\windows\system32\MRT
    2013-09-05 17:03 - 2013-09-05 17:03 - 00208109 _____ C:\Users\Maria\Downloads\action_photoshop_by_angelikazbojenska-d5dwqi3.zip
    2013-09-05 16:55 - 2013-09-05 16:55 - 00524416 _____ C:\Users\Maria\Downloads\phoshop_action_28_by_igotthelook-d384qt8.zip
    2013-09-04 18:25 - 2013-06-08 13:42 - 00000000 ____D C:\Users\Maria\AppData\Local\FileTypeAssistant
    2013-09-04 16:52 - 2013-09-04 16:52 - 00000056 _____ C:\{465FB3C9-CB56-4B31-BDF7-6A892A566E71}
    2013-09-03 11:11 - 2013-09-03 11:11 - 15158188 _____ C:\Users\Maria\Downloads\dreamscene_undersea_HD1080p_by_Ezio17.rar
    2013-09-03 11:09 - 2013-09-03 11:09 - 05189429 _____ C:\Users\Maria\Downloads\Form_React_Dreamscene_by_filipe_ps.rar
    2013-09-03 11:08 - 2013-09-03 11:08 - 02602316 _____ C:\Users\Maria\Downloads\Bokeh_Dreamscene_by_filipe_ps.rar
    2013-09-03 11:06 - 2013-09-03 11:05 - 10301700 _____ C:\Users\Maria\Downloads\Matrix2.wmv
    2013-09-03 11:05 - 2013-09-03 11:04 - 25192873 _____ C:\Users\Maria\Downloads\Matrix.wmv
    2013-09-03 11:04 - 2013-09-03 11:04 - 06752872 _____ C:\Users\Maria\Downloads\iDream.wmv
    2013-09-03 11:03 - 2013-09-03 11:03 - 00431456 _____ C:\Users\Maria\Downloads\W7DSA.zip
    2013-09-02 14:07 - 2013-09-02 14:07 - 00000000 ____D C:\Users\Maria\AppData\Local\NVIDIA
    2013-08-29 23:00 - 2013-07-22 08:41 - 00000000 ____D C:\Users\Maria\Desktop\pics
    2013-08-28 14:17 - 2013-08-28 14:17 - 00000000 ____D C:\Users\Maria\AppData\Roaming\NVIDIA
    2013-08-28 14:14 - 2011-02-22 04:19 - 00000000 ____D C:\windows\Panther
    2013-08-24 10:40 - 2013-08-24 10:40 - 00000000 ____D C:\windows\SysWOW64\NV
    2013-08-24 10:40 - 2013-08-24 10:40 - 00000000 ____D C:\windows\system32\NV
    2013-08-24 10:40 - 2011-07-23 01:16 - 00000000 ____D C:\ProgramData\NVIDIA
    2013-08-24 10:38 - 2013-08-24 10:38 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2013-08-24 10:38 - 2013-08-24 10:34 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
    2013-08-24 10:36 - 2013-08-24 10:36 - 00000020 ___SH C:\Users\UpdatusUser\ntuser.ini
    2013-08-24 10:32 - 2012-08-04 18:13 - 00000000 ____D C:\Users\Maria\AppData\Local\VirtualStore
    2013-08-24 10:28 - 2013-08-24 10:28 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
    2013-08-24 10:28 - 2013-08-24 10:26 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
    2013-08-24 10:28 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files\iTunes
    2013-08-24 10:28 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files (x86)\iTunes
    2013-08-24 10:26 - 2013-08-24 10:26 - 00000000 ____D C:\Program Files\iPod
    2013-08-24 10:20 - 2013-08-24 10:18 - 233871960 _____ (NVIDIA Corporation) C:\Users\Maria\Downloads\320.49-notebook-win8-win7-64bit-international-whql.exe
    2013-08-24 10:15 - 2013-08-24 10:15 - 00001805 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
    2013-08-24 10:15 - 2013-08-24 10:14 - 00000000 ____D C:\Program Files (x86)\QuickTime
    2013-08-24 10:08 - 2012-08-04 19:29 - 00000856 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002Core.job
    2013-08-23 00:50 - 2013-01-12 19:27 - 00000000 ____D C:\Users\Maria\AppData\Roaming\uTorrent
    2013-08-23 00:50 - 2012-11-02 16:13 - 00000000 ____D C:\Users\Maria\AppData\Local\CrashDumps
    2013-08-23 00:48 - 2013-07-22 02:00 - 00000000 ____D C:\Program Files (x86)\AIMP2
    2013-08-23 00:48 - 2013-07-05 09:05 - 00000000 ____D C:\Program Files (x86)\Winamp
    2013-08-23 00:15 - 2013-06-26 12:08 - 00774624 _____ C:\windows\SysWOW64\PerfStringBackup.INI
    2013-08-23 00:14 - 2013-08-23 00:13 - 00000000 ____D C:\29ead02a1b90fba64cb2
    2013-08-22 23:37 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
    2013-08-22 23:36 - 2013-06-27 06:55 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Opera
    2013-08-22 23:36 - 2013-06-27 06:55 - 00000000 ____D C:\Users\Maria\AppData\Local\Opera
    2013-08-22 23:36 - 2013-06-27 06:54 - 00000000 ____D C:\Program Files (x86)\Opera
    2013-08-22 23:36 - 2013-06-01 12:30 - 00000000 ____D C:\Users\Maria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Switcher
    2013-08-22 23:36 - 2013-06-01 12:30 - 00000000 ____D C:\Program Files (x86)\Switcher
    2013-08-22 23:36 - 2009-07-13 20:20 - 00000000 ____D C:\windows\AppCompat
    2013-08-22 23:32 - 2012-08-07 17:28 - 00000000 ____D C:\Program Files (x86)\Origin Games
    2013-08-22 16:34 - 2013-07-21 05:07 - 00000000 ____D C:\Users\Maria\Documents\MOM
    2013-08-16 20:50 - 2013-08-16 20:50 - 00002904 _____ C:\{A0B94271-6957-43FE-8268-24D14233B104}
    2013-08-16 18:57 - 2013-08-07 12:21 - 00000000 ____D C:\Program Files (x86)\Citrix
    2013-08-16 18:52 - 2013-02-25 20:30 - 00000000 ____D C:\Users\Maria\Documents\GERMANY

    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-08-13 20:19

    ==================== End Of Log ============================

    And now the Addition.txt

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04
    Ran by Maria at 2013-09-14 11:44:37
    Running from C:\Users\Maria\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Installed Programs =======================

    µTorrent (x32 Version: 3.2.3.28705)
    7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
    Adobe AIR (x32 Version: 3.4.0.2540)
    Adobe Creative Suite 6 Master Collection (x32 Version: 6)
    Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
    Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
    Adobe Help Manager (x32 Version: 4.0.244)
    Adobe Reader X (10.1.8) (x32 Version: 10.1.8)
    Adobe Widget Browser (x32 Version: 2.0 Build 348)
    Adobe Widget Browser (x32 Version: 2.0.348)
    Apple Application Support (x32 Version: 2.3.4)
    Apple Mobile Device Support (Version: 6.1.0.13)
    Apple Software Update (x32 Version: 2.1.3.127)
    Bonjour (Version: 3.0.0.10)
    Broadcom Gigabit NetLink Controller (Version: 14.6.1.4)
    Canon MP280 series MP Drivers
    CCleaner (Version: 4.05)
    CR2 Converter (x32)
    D3DX10 (x32 Version: 15.4.2368.0902)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
    Don't Starve (x32)
    Energy Management (x32 Version: 6.0.2.0)
    File Type Assistant (x32 Version: 2013.4.8.0)
    Free All-In-One Media Player (x32)
    Free Countdown Timer 2.7.2 (x32 Version: 2.7)
    Free RAR Extract Frog (x32 Version: 4.70)
    GameFly (x32 Version: 1.1.960)
    Google Chrome (HKCU Version: 29.0.1547.66)
    Intel PROSet Wireless
    Intel(R) Control Center (x32 Version: 1.2.1.1007)
    Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
    Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
    Intel(R) PROSet/Wireless WiFi Software (Version: 14.0.2000)
    Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
    Intel(R) Wireless Display
    Intel(R) Wireless Display (x32 Version: 2.0.27.0)
    iTunes (Version: 11.0.5.5)
    Java 7 Update 25 (x32 Version: 7.0.250)
    Java Auto Updater (x32 Version: 2.1.9.5)
    JavaFX 2.1.1 (x32 Version: 2.1.1)
    JMicron Flash Media Controller Driver (x32 Version: 1.0.55.0)
    Junk Mail filter update (x32 Version: 15.4.3502.0922)
    Lenovo Bluetooth with Enhanced Data Rate Software (Version: 6.3.0.7400)
    Lenovo DirectShare (x32 Version: 1.0.1.38)
    Lenovo EasyCamera (x32 Version: 6.1.7600.0098)
    Lenovo EE Boot Optimizer (Version: 0.0.1.7)
    Lenovo Games Console (x32 Version: 1.2.6.436)
    Lenovo OneKey Recovery (Version: 7.0.1628)
    Lenovo OneKey Recovery (x32 Version: 7.0.1628)
    Lenovo PowerDVD 10 (x32 Version: 10.0.2318.52)
    Lenovo R.I.C. (Robust Intelligent Companion) (Version: 1.0.10.1220)
    Lenovo Smile Dock (x32 Version: 2.0.251.1)
    Lenovo YouCam (x32 Version: 3.1.3728)
    Logitech Desktop Messenger (x32 Version: 2.54.11)
    Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8)
    Logitech Harmony Remote Software 7 (x32 Version: 7.7.0.0)
    MapleStory (x32)
    Mesh Runtime (x32 Version: 15.4.5722.2)
    mHotspot version 6.3.4.5 (x32 Version: 6.3.4.5)
    Microsoft .NET Framework 4.5 (Version: 4.5.50709)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Office 2010 Service Pack 1 (SP1) (x32)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000)
    Microsoft Silverlight (Version: 5.1.20125.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
    Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
    Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
    Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
    Mozilla Firefox 15.0 (x86 en-US) (x32 Version: 15.0)
    Mozilla Maintenance Service (x32 Version: 15.0)
    MSVCRT (x32 Version: 15.4.2862.0708)
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
    Nexon Game Manager (x32)
    Norton 360 (x32 Version: 20.4.0.40)
    NVIDIA 3D Vision Controller Driver 320.49 (Version: 320.49)
    NVIDIA Control Panel 320.49 (Version: 320.49)
    NVIDIA GeForce Experience 1.5 (Version: 1.5)
    NVIDIA Graphics Driver 320.49 (Version: 320.49)
    NVIDIA Install Application (Version: 2.1002.124.810)
    NVIDIA Optimus 4.11.9 (Version: 4.11.9)
    NVIDIA PhysX (x32 Version: 9.13.0604)
    NVIDIA PhysX System Software 9.13.0604 (Version: 9.13.0604)
    NVIDIA Update 4.11.9 (Version: 4.11.9)
    NVIDIA Update Components (Version: 4.11.9)
    Oasis2Service 1.0 (x32 Version: 1.0.0)
    Onekey Theater (x32 Version: 2.0.2.8)
    ooVoo (x32 Version: 2.2.4.25)
    Opera 12.15 (x32 Version: 12.15.1748)
    Origin (x32 Version: 9.1.15.109)
    Pando Media Booster (x32 Version: 2.6.0.8)
    PDF Settings CS6 (x32 Version: 11.0)
    Picasa 3 (x32 Version: 3.9)
    Power2Go (x32 Version: 5.6.0.7108)
    QuickTime (x32 Version: 7.74.80.86)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6339)
    Remote Control USB Driver (x32 Version: 2.3.2.317)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0)
    RocketDock 1.3.5 (x32)
    Skype™ 6.5 (x32 Version: 6.5.158)
    Splashtop Software Updater (x32 Version: 1.5.6.11)
    Splashtop Streamer (x32 Version: 2.3.0.2)
    SRS Control Panel (Version: 1.11.0200)
    Switcher 2.0.0 (x32 Version: 2.0.0)
    Synaptics Pointing Device Driver (Version: 15.2.16.3)
    The Sims™ 3 (x32 Version: 1.50.56)
    The Sims™ 3 Ambitions (x32 Version: 4.0.87)
    The Sims™ 3 Generations (x32 Version: 8.0.152)
    The Sims™ 3 Late Night (x32 Version: 6.0.81)
    The Sims™ 3 Pets (x32 Version: 10.0.96)
    The Sims™ 3 Seasons (x32 Version: 16.0.136)
    The Sims™ 3 Showtime (x32 Version: 12.0.273)
    The Sims™ 3 Supernatural (x32 Version: 15.0.135)
    The Sims™ 3 University Life (x32 Version: 18.0.126)
    The Sims™ 3 World Adventures (x32 Version: 2.0.86)
    Update for Microsoft Office 2010 (KB2553065) (x32)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2566458) (x32)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
    Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
    Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
    Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
    Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
    Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
    UserGuide (x32 Version: 1.0.0.6)
    VeriFace (x32 Version: 4.0.1.0126)
    Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (Version: 12/02/2010 6.1.0.1)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3508.1109)
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
    Windows Live Installer (x32 Version: 15.4.3502.0922)
    Windows Live Language Selector (Version: 15.4.3508.1109)
    Windows Live Mail (x32 Version: 15.4.3502.0922)
    Windows Live Mesh (x32 Version: 15.4.3502.0922)
    Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
    Windows Live Messenger (x32 Version: 15.4.3502.0922)
    Windows Live MIME IFilter (Version: 15.4.3502.0922)
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
    Windows Live Photo Common (x32 Version: 15.4.3502.0922)
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
    Windows Live Remote Client (Version: 15.4.5722.2)
    Windows Live Remote Client Resources (Version: 15.4.5722.2)
    Windows Live Remote Service (Version: 15.4.5722.2)
    Windows Live Remote Service Resources (Version: 15.4.5722.2)
    Windows Live SOXE (x32 Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
    Windows Live Writer (x32 Version: 15.4.3502.0922)
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
    WinRAR 4.20 (32-bit) (x32 Version: 4.20.0)

    ==================== Restore Points =========================

    24-08-2013 21:28:07 Windows Update
    02-09-2013 22:27:50 Installed The Sims 3
    02-09-2013 22:34:00 Installed TheSims3EP10
    03-09-2013 18:02:42 before dreamscene
    12-09-2013 21:23:51 Restore Operation
    12-09-2013 21:59:37 Windows Update
    13-09-2013 16:51:40 Restore Operation

    ==================== Hosts content: ==========================

    2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {034125D1-59CD-46E3-9C58-A444C54679F8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
    Task: {056EBD7A-A2BF-40C4-BA5B-BAF7D89F0BD3} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3040517138-2664950585-3432869493-1002 => C:\Windows\System32\portabledeviceapi.dll [2010-11-20] (Microsoft Corporation)
    Task: {0866023A-BD01-47EC-BF0B-FD4E0B1EBC4F} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-13] (Adobe Systems Incorporated)
    Task: {1FA503BC-31A1-4B99-B5DA-67BD762D2E79} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files (x86)\File Type Assistant\tsasetup.exe [2013-04-08] ( )
    Task: {2FFB3920-DF77-431F-B772-E1535261B8EE} - System32\Tasks\Lenovo Smile Dock (Maria) => C:\Program Files (x86)\DDNI\Lenovo Smile Dock\CenterStage.exe [2010-12-28] (Digital Delivery Networks, Inc.)
    Task: {343B7B5B-F0E3-4652-86A9-AF7D72A83CEE} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
    Task: {60BED97E-D28D-4FD8-8525-1C30BFEDE20B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002Core => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)
    Task: {7BA8A6BC-C800-4E7C-8EAB-B159DA266EA7} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2013-04-08] (Trusted Software ApS)
    Task: {8419B288-167F-4AC8-A056-2F04AD69DE85} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SymErr.exe [2013-06-03] (Symantec Corporation)
    Task: {8C4A5A78-661C-456A-A9DD-DD97C2E6F3E5} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {95026125-3344-4742-95A7-004B0D27EE58} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
    Task: {9920F3EE-DE49-402E-B016-0CF9F78D0264} - System32\Tasks\AdobeAAMUpdater-1.0-Maria-PC-Maria => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {99EADB4F-684E-42A1-8EB6-3E11051114B2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002UA => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-04] (Google Inc.)
    Task: {AB6A67EC-6F69-471B-A44F-9A1BCBA89E37} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-28] (CyberLink)
    Task: {F66943FF-E2FD-4A29-839D-7657A399029D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
    Task: {FCE55708-6DF4-4EE9-B8B0-682A0754CD5E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\WSCStub.exe [2013-06-03] (Symantec Corporation)
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002Core.job => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3040517138-2664950585-3432869493-1002UA.job => C:\Users\Maria\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-04-23 06:55 - 2012-11-22 20:13 - 00068608 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
    2013-08-24 10:25 - 2013-06-21 05:06 - 00266448 _____ (NVIDIA Corporation) C:\windows\system32\nvinitx.dll
    2010-10-13 07:32 - 2011-07-23 02:07 - 00029088 _____ (TODO: <Company name>) C:\Program Files (x86)\Lenovo\Energy Management\BatteryTestDLL.dll
    2011-02-16 10:56 - 2011-02-16 10:56 - 00202144 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
    2011-02-16 11:01 - 2011-02-16 11:01 - 00156576 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00144368 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvcHst.exe
    2010-11-20 20:24 - 2010-11-20 20:24 - 00464384 _____ (Microsoft Corporation) C:\windows\system32\taskeng.exe
    2009-07-13 16:37 - 2009-07-13 18:39 - 00120320 _____ (Microsoft Corporation) C:\windows\system32\Dwm.exe
    2012-08-05 09:44 - 2011-02-24 23:19 - 02871808 _____ (Microsoft Corporation) C:\windows\Explorer.EXE
    2013-06-27 06:51 - 2013-05-28 19:41 - 02656592 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\buShell.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 01060232 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccL120U.dll
    2013-06-27 06:51 - 2013-05-22 22:25 - 00114056 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\EFACli64.dll
    2011-07-23 01:58 - 2011-07-23 01:58 - 01508192 _____ () C:\windows\system32\IcnOvrly.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00119176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccVrTrst.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00475528 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccSet.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00231304 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\ccIPC.dll
    2013-06-27 06:51 - 2013-05-28 19:41 - 00663888 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\buComm.dll
    2013-06-27 06:51 - 2013-05-28 10:52 - 01728336 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine64\20.4.0.40\BuEng.dll
    2012-09-20 18:23 - 2012-06-09 19:20 - 00196096 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR\rarext64.dll
    2011-07-23 01:24 - 2011-03-28 01:29 - 11786344 _____ (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    2011-07-23 01:24 - 2010-11-03 03:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
    2011-01-05 06:40 - 2011-01-05 06:40 - 01933584 _____ (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    2011-01-05 05:53 - 2011-01-05 05:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
    2011-01-05 06:27 - 2011-01-05 06:27 - 01070080 _____ (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
    2011-01-05 06:28 - 2011-01-05 06:28 - 00817664 _____ (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll
    2011-01-05 06:36 - 2011-01-05 06:36 - 01737728 _____ (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
    2011-01-05 06:28 - 2011-01-05 06:28 - 01044992 _____ (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.DLL
    2011-01-05 06:31 - 2011-01-05 06:31 - 01999872 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
    2011-01-05 06:26 - 2011-01-05 06:26 - 00234496 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.dll
    2011-01-05 06:32 - 2011-01-05 06:32 - 01323008 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\MurocApi.dll
    2011-01-05 06:28 - 2011-01-05 06:28 - 00831488 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\IntStngs.dll
    2011-01-05 06:33 - 2011-01-05 06:33 - 00464384 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\PanApi.dll
    2011-01-05 06:26 - 2011-01-05 06:26 - 00176640 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
    2011-01-05 06:26 - 2011-01-05 06:26 - 00846336 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\DbEngine.dll
    2011-01-05 06:47 - 2011-01-05 06:47 - 00094208 _____ (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\LangResources\ENU\PanTrENU.dll
    2011-07-23 01:42 - 2011-03-20 22:40 - 02712360 _____ (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    2011-07-23 01:42 - 2011-03-20 22:40 - 00411432 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
    2011-07-23 01:42 - 2011-03-20 22:40 - 00225576 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
    2011-07-23 01:24 - 2011-03-15 00:32 - 00648808 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
    2011-07-23 01:24 - 2011-03-28 01:39 - 02931816 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkAPO64.dll
    2011-07-23 01:42 - 2011-03-20 22:40 - 00121640 _____ (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    2008-12-19 20:20 - 2011-07-23 02:07 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
    2008-12-19 20:20 - 2011-07-23 02:07 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
    2012-12-14 02:42 - 2012-12-14 02:42 - 00172144 _____ (Intel Corporation) C:\Windows\System32\igfxtray.exe
    2012-12-14 02:42 - 2012-12-14 02:42 - 00286208 _____ (Intel Corporation) C:\windows\system32\igfxrENU.lrc
    2012-12-14 02:42 - 2012-12-14 02:42 - 00399984 _____ (Intel Corporation) C:\Windows\System32\hkcmd.exe
    2012-12-14 02:42 - 2012-12-14 02:42 - 00441968 _____ (Intel Corporation) C:\Windows\System32\igfxpers.exe
    2011-07-23 01:10 - 2011-03-25 17:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2009-07-13 16:47 - 2009-07-13 18:39 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\wbem\unsecapp.exe
    2012-10-01 18:36 - 2007-09-02 13:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
    2013-06-03 16:27 - 2013-06-03 16:27 - 19603048 ____R (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    2013-03-13 19:32 - 2013-03-13 19:32 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    2013-03-17 19:07 - 2012-12-17 18:33 - 02107304 _____ (Comfort Software Group) C:\Program Files (x86)\FreeCountdownTimer\FreeCountdownTimer.exe
    2011-07-23 01:57 - 2011-07-23 01:57 - 00100256 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
    2007-10-28 11:35 - 2007-10-28 11:35 - 00425984 _____ (Bao_Nguyen) C:\Program Files (x86)\Switcher\Switcher.exe
    2010-12-14 11:05 - 2010-12-14 11:05 - 00173856 _____ () C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll
    2012-08-04 19:55 - 2013-09-02 13:35 - 00829392 _____ (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\chrome.exe
    2010-11-16 18:53 - 2010-11-16 18:53 - 00113288 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    2009-07-13 16:41 - 2009-07-13 18:14 - 00044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\RunDll32.exe
    2010-11-20 20:24 - 2010-11-20 20:24 - 01435648 _____ (Microsoft Corporation) C:\windows\System32\Speech\Common\sapi.dll
    2009-07-13 17:35 - 2009-07-13 18:41 - 01065984 _____ (Microsoft Corporation) C:\windows\System32\Speech\Engines\SR\spsreng.dll
    2009-07-13 17:34 - 2009-07-13 18:41 - 00485376 _____ (Microsoft Corporation) C:\windows\System32\Speech\Engines\SR\srloc.dll
    2012-08-04 18:12 - 2012-06-02 15:19 - 00057880 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2012-08-05 09:44 - 2011-05-03 22:19 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
    2013-09-14 11:42 - 2013-09-14 11:42 - 01950312 _____ (Farbar) C:\Users\Maria\Desktop\FRST64.exe
    2013-08-24 10:25 - 2013-06-21 05:06 - 00214448 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvinit.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00705928 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccL120U.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00089480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccVrTrst.dll
    2013-06-27 06:51 - 2013-05-22 22:25 - 00086408 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\EFACli.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00157576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSvc.dll
    2013-06-27 06:51 - 2013-05-20 21:40 - 00410576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\srtsp32.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00159624 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccIPC.dll
    2013-06-27 06:51 - 2013-06-03 21:42 - 00548688 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\NPCTRAY.DLL
    2013-06-27 06:51 - 2013-05-20 21:44 - 00345480 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccSet.dll
    2013-06-27 06:51 - 2013-06-03 21:43 - 00962384 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\uiMain.dll
    2013-06-27 06:51 - 2013-05-28 00:42 - 02430800 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SYMHTMDX.DLL
    2013-06-27 06:51 - 2013-05-29 18:22 - 00320816 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diStRptr.dll
    2013-06-27 06:51 - 2013-05-29 19:13 - 01337136 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\MClnTask.dll
    2013-07-30 10:09 - 2013-06-27 22:17 - 01849168 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\isDataPr.dll
    2013-06-27 06:51 - 2013-05-30 18:48 - 01397584 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\COACTMGR.DLL
    2013-06-27 06:51 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\wincfi39.dll
    2013-06-27 06:51 - 2013-05-30 18:48 - 00551760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coShdObj.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00289160 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccGEvt.dll
    2013-06-27 06:51 - 2013-05-29 19:13 - 01078576 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\DataStor.dll
    2013-06-27 06:51 - 2013-05-29 19:13 - 00965936 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\Comm.dll
    2013-07-30 10:09 - 2013-07-03 14:42 - 00821552 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\naHelper.dll
    2013-06-27 06:51 - 2013-06-03 21:42 - 00548176 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\ASHELPER.DLL
    2013-06-27 06:51 - 2013-05-20 15:50 - 00932176 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\cltPE.dll
    2013-06-27 06:51 - 2013-05-20 15:50 - 01035088 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\cltLMS.dll
    2013-06-27 06:51 - 2013-06-03 21:42 - 00579408 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\ASOEHOOK.DLL
    2013-06-27 06:51 - 2013-05-28 19:41 - 00272208 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\buDataCl.dll
    2013-06-27 06:51 - 2013-05-30 18:46 - 00999760 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coDataPr.dll
    2013-06-27 06:51 - 2013-06-03 21:42 - 00537424 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\AVPAPP32.DLL
    2013-06-27 06:51 - 2013-05-28 19:41 - 00263504 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\BUUIPLG.DLL
    2013-06-27 06:51 - 2013-05-23 19:09 - 00502664 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\AVIfc.dll
    2013-06-27 06:51 - 2013-05-20 21:44 - 00401288 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\ccJobMgr.dll
    2013-06-27 06:51 - 2013-05-20 15:50 - 02651472 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\CLTALDIS.DLL
    2013-06-27 06:51 - 2013-06-03 21:42 - 00528208 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\FWSESAL.DLL
    2013-06-27 06:51 - 2013-05-20 15:50 - 00536912 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\MUI\20.4.0.40\09\01\cltRes.loc
    2013-06-27 06:51 - 2013-06-03 21:42 - 00502608 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\NUEX.DLL
    2013-06-27 06:51 - 2013-06-03 21:43 - 00243024 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\QSPLUGIN.DLL
    2013-06-27 06:51 - 2012-05-15 02:27 - 00588216 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\SDKCMN.DLL
    2013-06-27 06:51 - 2013-06-03 21:43 - 00916304 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\UIALERT.DLL
    2013-06-27 06:51 - 2013-05-29 19:13 - 00028464 ____R (Symantec Corporation) C:\PROGRAM FILES (X86)\NORTON 360\ENGINE\20.4.0.40\USERCTXT.DLL
    2013-06-27 06:51 - 2013-06-03 21:42 - 00145744 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\isPwd.dll
    2013-06-27 06:51 - 2013-05-28 19:41 - 00442192 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\buComm.dll
    2013-06-27 06:51 - 2013-05-28 10:52 - 01439056 ____R (SwapDrive, Inc.) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\BuEng.dll
    2013-06-27 06:51 - 2013-04-23 02:02 - 00115536 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\tuDataPr.dll
    2013-06-27 06:51 - 2013-06-03 21:42 - 00408400 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\AvScnTsk.dll
    2011-02-16 10:51 - 2011-02-16 10:51 - 00161696 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
    2011-02-16 10:53 - 2011-02-16 10:53 - 00133024 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
    2012-10-01 18:36 - 2007-09-02 13:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
    2013-06-03 16:21 - 2013-06-03 16:21 - 00088680 ____R (Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.dll
    2013-03-13 19:32 - 2013-03-13 19:32 - 00228984 _____ (BugSplat, LLC) C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll
    2013-03-17 19:07 - 2012-05-03 16:42 - 00105528 _____ (Un4seen Developments) C:\Program Files (x86)\FreeCountdownTimer\bass.dll
    2013-09-03 22:41 - 2013-09-03 22:41 - 00197560 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130903.002\UMEngx86.dll
    2012-12-22 16:18 - 2012-12-22 16:18 - 02293804 _____ (BackWeb Technologies Inc.) C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\backWeb.dll
    2012-12-22 16:18 - 2012-12-22 16:18 - 00225335 _____ (BackWeb Technologies Inc.) C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\bwsec.dll
    2012-12-22 16:18 - 2012-12-22 16:18 - 00061496 _____ () C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\clntutil.dll
    2012-12-22 16:18 - 2012-12-22 16:18 - 00172032 _____ (BackWeb Technologies Inc.) C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\EN\ClientRc.dll
    2012-12-22 16:18 - 2012-12-22 16:18 - 00159781 _____ (BackWeb Technologies Inc.) C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\8.1.1.50-8876480SL\Program\BWfiles.dll
    2013-09-13 10:18 - 2013-09-02 13:34 - 47074256 _____ (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\chrome.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 09962960 _____ (The ICU Project) C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\icudt.dll
    2013-06-27 08:10 - 2013-06-27 08:10 - 00982352 _____ (Symantec Corporation) C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.0.10_0\npcoplgn.dll
    2010-11-16 18:52 - 2010-11-16 18:52 - 00096904 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
    2011-07-23 01:57 - 2011-07-23 01:57 - 00013664 _____ () C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll
    2012-05-30 20:06 - 2012-05-30 20:06 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
    2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\windows\system32\dnssd.dll
    2013-09-13 10:18 - 2013-09-02 11:46 - 03231688 _____ (Microsoft Corporation) C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\D3DCompiler_46.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 00709584 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 00099792 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\libegl.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 04053456 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\pdf.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 00410576 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 02110928 _____ (Google Inc.) C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\libpeerconnection.dll
    2013-09-13 10:18 - 2013-09-02 13:35 - 01604560 _____ () C:\Users\Maria\AppData\Local\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
    2013-06-27 06:51 - 2013-05-30 18:48 - 01164112 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coUICtlr.dll
    2013-06-27 06:51 - 2013-05-30 18:49 - 00842064 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coWPPlg.dll
    2013-06-27 06:51 - 2013-05-30 18:48 - 00227664 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coSfShre.dll
    2013-06-27 06:51 - 2013-05-30 18:48 - 02573136 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\coIDSafe.dll
    2013-06-27 06:51 - 2012-05-30 07:51 - 00699280 ____R () C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\wincfi39.dll
    2013-06-27 06:51 - 2013-04-23 02:02 - 00059728 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\FFPrefs.dll
    2013-06-27 06:51 - 2013-05-29 18:22 - 00556336 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diMaster.dll
    2013-06-27 06:51 - 2013-05-29 18:22 - 00517424 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\diArkive.dll
    2013-06-27 06:51 - 2013-05-28 00:42 - 03008848 ____R (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\20.4.0.40\SYMHTML.DLL

    ==================== Alternate Data Streams (whitelisted) ==========



    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/14/2013 11:32:32 AM) (Source: ESENT) (User: )
    Description: taskhost (2996) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01000B3.log.

    Error: (09/14/2013 11:32:29 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/13/2013 10:08:10 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/13/2013 09:37:02 AM) (Source: WinMgmt) (User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7020

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6022

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6022

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (09/14/2013 11:32:00 AM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 4:50:23 PM on ‎9/‎13/‎2013 was unexpected.

    Error: (09/13/2013 10:07:57 AM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    BHDrvx64

    Error: (09/13/2013 10:07:35 AM) (Source: Service Control Manager) (User: )
    Description: The Windows Firewall service terminated with service-specific error %%5.

    Error: (09/13/2013 09:36:17 AM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 12:09:56 AM on ‎9/‎13/‎2013 was unexpected.

    Error: (09/12/2013 06:53:22 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 4:59:02 PM on ‎9/‎12/‎2013 was unexpected.

    Error: (09/12/2013 04:29:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800f0816: Update for Windows 7 for x64-based Systems (KB2868116).

    Error: (09/12/2013 04:29:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 for x64-based Systems (KB2876315).

    Error: (09/12/2013 04:29:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800f0816: Security Update for Windows 7 for x64-based Systems (KB2872339).

    Error: (09/12/2013 04:29:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x800f0816: Update for Windows 7 for x64-based Systems (KB2853952).

    Error: (09/12/2013 04:29:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 10 for Windows 7 Service Pack 1 for x64-based Systems (KB2870699).


    Microsoft Office Sessions:
    =========================
    Error: (09/14/2013 11:32:32 AM) (Source: ESENT)(User: )
    Description: taskhost2996WebCacheLocal: C:\Users\Maria\AppData\Local\Microsoft\Windows\WebCache\V01000B3.log-1811

    Error: (09/14/2013 11:32:29 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/13/2013 10:08:10 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/13/2013 09:37:02 AM) (Source: WinMgmt)(User: )
    Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 7020

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 7020

    Error: (09/12/2013 08:07:01 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6022

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6022

    Error: (09/12/2013 08:07:00 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    CodeIntegrity Errors:
    ===================================
    Date: 2013-09-14 11:34:13.062
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-14 11:34:12.504
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-13 10:09:23.594
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-13 10:09:23.186
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-13 09:37:47.669
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-13 09:37:47.185
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-12 18:55:08.708
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-12 18:55:08.497
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-12 16:28:00.943
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

    Date: 2013-09-12 16:28:00.789
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


    ==================== Memory info ===========================

    Percentage of memory in use: 31%
    Total physical RAM: 8135.86 MB
    Available physical RAM: 5577.22 MB
    Total Pagefile: 16269.9 MB
    Available Pagefile: 13520.7 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:654.69 GB) (Free:467.27 GB) NTFS
    Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.23 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 4F249C87)
    Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=655 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=29 GB) - (Type=OF Extended)
    Partition 4: (Not Active) - (Size=15 GB) - (Type=12)

    ==================== End Of Log ============================
     
    Maria AV, Sep 14, 2013
    #5
  7. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Maria

    As this thread isn't in the Malware Removal forum, we'll keep it simple.

    P2P Warning
    Please note that as long as you're using any form of Peer-to-Peer networking ( Frostwire, Limewire, uTorrent etc.) and downloading files from non-documented sources, you can expect infestations of malware to occur.
    Once upon a time, P2P file sharing was fairly safe. That is no longer true.
    P2P programmes form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P programme is not configured correctly you may be sharing more files than you realise. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured programme.

    Many of the programmes come bundled with other unwanted programmes, but even the ones free of any bundled software are not safe to use.
    When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.

    You may decide to continue P2P sharing, but keep in mind that this practice may be the source of future malware infestation.

    --------------------------
    There are 3 things that i would suggest, looking at the report.

    Step 1
    • Click Start >> Computer
    • Right click on your main drive (usually 'C')
    • Select Properties
    • Click on the Tools tab
    • Under Error Checking.. Click Check Now
    • Tick the options that you require ( I recommend that you tick both options )
    • Click Start
    • On the screen that comes up.. Click Yes then OK
    • Now restart your computer.
    Note: Be patient. Analyzing the drive can be a lengthy process


    Step 2
    Please download AdwCleaner by Xplode onto your desktop.
    • Close all open programs and internet browsers.
    • Double click on adwcleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin to scan your computer.
    • After the scan has finished...
    • Click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

    Step 3
    Download TFC by OldTimer to your desktop
    • Please double-click TFC.exe to run it. (Note: If you are running on Vista/Win7, right-click on the file and choose Run As Administrator).
    • It will close all programs when run, so make sure you have saved all your work before you begin.
    • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
    • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

    after completing these steps, let me know if the system runs any better.

    Thanks
     
    starbuck, Sep 15, 2013
    #6
  8. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    I'm finished with step 1 and 2, here is the log:

    # AdwCleaner v3.004 - Report created 16/09/2013 at 12:41:41
    # Updated 15/09/2013 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Maria - MARIA-PC
    # Running from : C:\Users\Maria\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    Service Deleted : SSUService

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\ProgramData\Splashtop
    [!] Folder Deleted : C:\Program Files (x86)\Splashtop
    Folder Deleted : C:\Users\Maria\AppData\Local\Splashtop

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Splashtop Inc.
    Key Deleted : HKLM\Software\Splashtop Inc.
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Splashtop Software Updater

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16611


    -\\ Mozilla Firefox v15.0 (en-US)

    [ File : C:\Users\Maria\AppData\Roaming\Mozilla\Firefox\Profiles\ic8kvho4.default\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\Maria\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [1318 octets] - [16/09/2013 12:40:35]
    AdwCleaner[S0].txt - [1219 octets] - [16/09/2013 12:41:41]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1279 octets] ##########



    Now it's weird that it only picked up splashtop because I have had splashtop for a while and it's something I would use as a companion to an app on the appstore. I'm pretty sure the program itself is harmless as I've never had trouble with it before and I've had it for months. Nevertheless I did remove it anyways, just in case.

    I'm going to do step 3 now.
     
    Maria AV, Sep 16, 2013
    #7
  9. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    Okay, so after doing step 3 and rebooting the computer, I have noticed an improvement in how the computer boots up. Before, it would lag, or take me to an error page and that was my main problem. However, it's still quite slow, at least slow compared to what it used to be. Those long log reports up there have me all confused with their computer jarble, but since you are more knowledgeable within the field, can you tell me whether I have some nasty little tick in my system? That I won't get out by simply running an anti virus program? And even if you can't tell me, should I take my problems over to the malware section? And if I do that, what do I post? "My computer is quite slow these days"?

    Sorry for the mountain of questions but I'm going to study abroad soon and I really need my computer to be ready for it.
     
    Maria AV, Sep 16, 2013
    #8
  10. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Hi Maria,

    The adware removal programs we use are designed to remove known programs that either have a 'tracking' ability or are the type of program that may get installed without your knowledge.

    Is it just slow at booting up or is the system slow in general use?
    Is the internet slow?
    If the problem is slowness at boot up, i suspect it's because of all the startup programs running.

    There is nothing to suggest this in the reports, so far.
    But we would need to run programs that would look deeper to confirm or deny this.

    Let me know about whether the slowness is just at startup or in general and then we can decide from there what the best action is to take.
     
    starbuck, Sep 16, 2013
    #9
  11. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    Well, since I last posted, I have closed my laptop(didn't shut it down, it just went to sleep), and so I opened it up and now it's at a blank black screen. It's not loading in any way and I haven't even gone through the whole windows logo. It's been this way for a few minutes and the laptop itself is making quite a bit of noise so it's trying.

    Should I manually shut it down?
     
    Maria AV, Sep 16, 2013
    #10
  12. Maria AV

    Maria AV Registered Members

    Joined:
    Sep 13, 2013
    Messages:
    13
    Operating System:
    Windows 7
    I had to turn it off. It was starting to overheat. This was one of the problems before too. When I closed the lid of the laptop, getting it back on was a problem. I'd get an error page or I wouldn't get anything at all and it would just be stuck in one place.

    And now that I've tried to turn it on again, it went through the booting up sequence but presented me with a page that said:

    The last attempt to resume the system from it's previous location failed.attempt to resume again?

    And then two choices:
    Continue with system resume
    Or
    Delete restoration data and proceed to system boot menu

    I tried the first one and it went to that blank black screen again.
    So I shut it off and tried the second option and it started normally. Am I killing my laptop by trying all these options?
     
    Maria AV, Sep 16, 2013
    #11
  13. starbuck

    starbuck Rest In Peace Pete Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,830
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    Maybe the laptop needs a good clean out..... dust may have built up inside.
    The booting problem could be down to a hardware problem or even a hard drive problem.
    It's best that one of the other staff, more specialised in this field replies to you.
     
    starbuck, Sep 17, 2013
    #12

Share This Page