Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Bonita (administrator) on BONITAZ on 09-07-2015 18:18:26
Running from C:\Users\Bonita\Desktop
Loaded Profiles: Bonita (Available Profiles: Bonita)
Platform: Windows 8.1 Connected (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-04-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.10.398\ASUSWSLoader.exe [63296 2014-08-19] ()
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [821704 2015-07-01] (Webroot)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [110144 2013-03-06] (CyberLink)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Run: [GoogleChromeAutoLaunch_C1F0630278634D9E0A674F48DC2F8F7B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-06] (Google Inc.)
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot FF RunOnce.lnk [2014-09-03]
ShortcutTarget: Install Webroot FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install Webroot IE RunOnce.lnk [2014-09-03]
ShortcutTarget: Install Webroot IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-09-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Bonita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Canon IJ Status Monitor Canon MX410 series Printer WS.lnk [2015-01-11]
ShortcutTarget: Canon IJ Status Monitor Canon MX410 series Printer WS.lnk -> C:\Users\Bonita\CNMSSC~1.DLL,SMStarterEntryPoint WSD-82e91302-91ec-4416-b296-48176ccb038e.006d;Canon MX410 series Printer WS;cnmss Canon MX410 series Printer WS (Local).dll;Canon IJ Status Monitor Canon MX410 series Printer WS.lnk (No File)
Startup: C:\Users\Bonita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-13]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.10.398\ASUSWSShellExt64.dll [2013-06-25] (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/?pc=ASJB
HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com/?pc=ASJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2014-09-03] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2015-02-26] (Webroot)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2014-09-03] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-02-26] (Webroot)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2014-09-03] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2014-09-03] (Webroot)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{2F45CD0F-6621-49A2-8915-1B0EC7F481C5}: [DhcpNameServer] 192.168.0.1 205.171.3.25
Tcpip\..\Interfaces\{4E4143F3-1911-48A1-AC18-1731C02B2CB8}: [DhcpNameServer] 192.168.0.1 205.171.3.25

FireFox:
========
FF ProfilePath: C:\Users\Bonita\AppData\Roaming\Mozilla\Firefox\Profiles\gda487rv.default
FF DefaultSearchEngine: Google
FF DefaultSearchEngine.US: Google
FF Homepage: https://www.google.com/search?q=www.google.com&ie=utf-8&oe=utf-8
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-09-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll [2015-07-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1718654459-3381655386-3027345597-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bonita\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-02-26] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2015-02-26] (Coupons, Inc.)
FF Extension: Google Scholar Button - C:\Users\Bonita\AppData\Roaming\Mozilla\Firefox\Profiles\gda487rv.default\Extensions\button@scholar.google.com.xpi [2015-05-28]
FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-09-03]
FF HKU\S-1-5-21-1718654459-3381655386-3027345597-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome: 
=======
CHR Profile: C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-04]
CHR Extension: (Google Docs) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-04]
CHR Extension: (Google Drive) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-04]
CHR Extension: (Google Search) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-04]
CHR Extension: (Google Sheets) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-04]
CHR Extension: (No Name) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-07-06]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-09-04]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Hangouts) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-09-06]
CHR Extension: (Google Wallet) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-04]
CHR Extension: (Webroot Password Manager) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2014-09-04]
CHR Extension: (Gmail) - C:\Users\Bonita\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-04]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.40.crx [2014-09-03]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-24] (ASUS Cloud Corporation) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-07-08] (WildTangent)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
S2 MBAMService; C:\Users\Bonita\Desktop\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [821704 2015-07-01] (Webroot)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUS Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-05] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-27] (Intel Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [116224 2015-07-01] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [41040 2015-02-26] (Webroot)
U0 msahci; system32\drivers\msahci.sys

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 23:54 - 2015-07-06 23:54 - 00000804 _____ C:\Users\Bonita\Desktop\SecurityCheck - Shortcut.lnk
2015-07-06 23:48 - 2015-07-06 23:48 - 00852662 _____ C:\Users\Bonita\Downloads\SecurityCheck.exe
2015-07-06 23:47 - 2015-07-06 23:47 - 00010660 _____ C:\Users\Bonita\Desktop\ESET.txt
2015-07-06 22:21 - 2015-07-06 22:21 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-06 22:13 - 2015-07-06 22:13 - 00001046 _____ C:\Users\Bonita\Desktop\MBAM.txt.txt
2015-07-06 21:26 - 2015-07-06 21:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-06 21:26 - 2015-07-06 21:26 - 00000792 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-06 21:26 - 2015-07-06 21:26 - 00000000 ____D C:\Users\Bonita\Desktop\Malwarebytes Anti-Malware
2015-07-06 21:26 - 2015-07-06 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-06 21:26 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-06 21:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-06 21:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-06 21:21 - 2015-07-06 21:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Bonita\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-07-05 13:58 - 2015-07-05 13:58 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Bonita\Desktop\tdsskiller.exe
2015-07-05 13:45 - 2015-07-09 12:58 - 00000093 _____ C:\Users\Bonita\AppData\Roaming\sp_data.sys
2015-07-05 12:15 - 2015-07-05 13:42 - 00000000 ____D C:\AdwCleaner
2015-07-05 11:13 - 2015-07-05 15:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-05 11:05 - 2015-07-05 11:06 - 02953798 _____ (Malwarebytes Corporation) C:\Users\Bonita\Desktop\JRT.exe
2015-07-05 11:02 - 2015-07-05 11:02 - 02244096 _____ C:\Users\Bonita\Desktop\AdwCleaner.exe
2015-07-04 11:38 - 2015-07-04 11:38 - 00000207 _____ C:\Windows\tweaking.com-regbackup-BONITAZ-Windows-8.1-Connected-(64-bit).dat
2015-07-04 11:38 - 2015-07-04 11:38 - 00000000 ____D C:\RegBackup
2015-07-02 13:33 - 2015-07-06 21:00 - 00029306 _____ C:\Users\Bonita\Desktop\Addition.txt
2015-07-02 13:31 - 2015-07-09 18:19 - 00025342 _____ C:\Users\Bonita\Desktop\FRST.txt
2015-07-01 14:40 - 2015-07-01 14:41 - 02112512 _____ (Farbar) C:\Users\Bonita\Desktop\FRST64.exe
2015-06-29 11:35 - 2015-06-29 11:36 - 00032969 _____ C:\Users\Bonita\Downloads\Addition.txt
2015-06-29 11:34 - 2015-06-29 11:36 - 00046907 _____ C:\Users\Bonita\Downloads\FRST.txt
2015-06-29 11:32 - 2015-07-09 18:18 - 00000000 ____D C:\FRST
2015-06-29 11:29 - 2015-06-29 11:31 - 02112512 _____ (Farbar) C:\Users\Bonita\Downloads\FRST64.exe
2015-06-25 19:18 - 2015-06-25 19:18 - 00000000 ____D C:\ProgramData\HP
2015-06-22 13:27 - 2015-06-22 13:27 - 506428136 _____ C:\Windows\MEMORY.DMP
2015-06-22 13:27 - 2015-06-22 13:27 - 00283968 _____ C:\Windows\Minidump\062215-31281-01.dmp
2015-06-22 13:27 - 2015-06-22 13:27 - 00000000 ____D C:\Windows\Minidump
2015-06-21 13:22 - 2015-06-21 13:22 - 00002208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Digital Editions 4.0.lnk
2015-06-21 13:22 - 2015-06-21 13:22 - 00002196 _____ C:\Users\Public\Desktop\Adobe Digital Editions 4.0.lnk
2015-06-21 13:22 - 2015-06-21 13:22 - 00000000 ____D C:\Users\Bonita\AppData\Local\Adobe_Systems_Incorporate
2015-06-21 13:22 - 2015-06-21 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-06-21 13:21 - 2015-06-21 13:24 - 00000000 ____D C:\Users\Bonita\Documents\My Digital Editions
2015-06-11 13:42 - 2015-07-09 12:00 - 00003474 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2015-06-09 11:24 - 2015-05-25 06:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-09 11:24 - 2015-05-25 06:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-09 11:24 - 2015-05-22 06:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-09 11:24 - 2015-05-21 06:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-09 11:24 - 2015-04-16 15:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-09 11:24 - 2015-04-08 15:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-09 11:24 - 2015-04-08 15:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-09 11:24 - 2015-04-01 15:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-09 11:24 - 2015-04-01 15:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-09 11:24 - 2015-03-19 20:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-09 11:24 - 2015-03-19 20:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-09 11:24 - 2015-03-19 19:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-09 11:24 - 2015-03-19 19:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-09 11:24 - 2015-03-01 18:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-09 11:24 - 2015-03-01 18:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-09 11:21 - 2015-05-27 07:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 11:21 - 2015-05-27 07:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 11:21 - 2015-05-22 20:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 11:21 - 2015-05-22 20:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 11:21 - 2015-05-22 20:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 11:21 - 2015-05-22 20:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 11:21 - 2015-05-22 20:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 11:21 - 2015-05-22 19:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 11:21 - 2015-05-22 19:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 11:21 - 2015-05-22 19:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 11:21 - 2015-05-22 19:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 11:21 - 2015-05-22 19:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 11:21 - 2015-05-22 19:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 11:21 - 2015-05-22 19:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 11:21 - 2015-05-22 19:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 11:21 - 2015-05-22 19:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 11:21 - 2015-05-22 19:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 11:21 - 2015-05-22 19:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 11:21 - 2015-05-22 19:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 11:21 - 2015-05-22 19:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 11:21 - 2015-05-22 12:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 11:21 - 2015-05-22 12:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 11:21 - 2015-05-22 12:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 11:21 - 2015-05-22 11:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 11:21 - 2015-05-22 11:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 11:21 - 2015-05-22 11:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 11:21 - 2015-05-22 11:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 11:21 - 2015-05-22 11:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 11:21 - 2015-05-22 11:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 11:21 - 2015-05-22 11:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 11:21 - 2015-05-22 11:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 11:21 - 2015-05-22 11:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 11:21 - 2015-05-22 11:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 11:21 - 2015-05-22 11:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 11:21 - 2015-05-22 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 11:21 - 2015-05-22 10:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 11:21 - 2015-05-22 10:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 11:21 - 2015-05-22 10:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 11:21 - 2015-05-22 10:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 11:21 - 2015-05-22 10:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 11:21 - 2015-04-24 19:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 11:21 - 2015-04-24 19:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 11:21 - 2015-04-15 23:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-09 11:21 - 2015-04-13 15:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-09 11:21 - 2015-04-13 15:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-09 11:21 - 2015-04-09 17:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-09 11:21 - 2015-04-09 17:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-09 11:21 - 2015-03-31 21:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-09 11:21 - 2015-03-31 21:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-09 11:21 - 2015-03-31 21:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-09 11:21 - 2015-03-31 21:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-09 11:21 - 2015-03-31 20:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-09 11:21 - 2015-03-31 20:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-09 11:21 - 2015-03-31 20:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-09 11:21 - 2015-03-31 19:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-09 11:21 - 2015-03-31 19:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-09 11:21 - 2015-03-31 19:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-09 11:21 - 2015-03-31 19:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-09 11:21 - 2015-03-31 19:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-09 11:21 - 2015-03-31 19:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-09 11:19 - 2015-05-21 09:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-09 11:09 - 2015-07-08 18:03 - 00000000 ____D C:\Users\Bonita\AppData\Local\CrashDumps

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-09 18:13 - 2015-05-31 16:50 - 00000680 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1718654459-3381655386-3027345597-1001.job
2015-07-09 18:02 - 2014-09-04 18:33 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 18:02 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-09 17:47 - 2015-01-24 12:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-09 17:43 - 2014-06-12 11:18 - 01334213 _____ C:\Windows\WindowsUpdate.log
2015-07-09 17:39 - 2014-09-03 03:13 - 00000000 ____D C:\Users\Bonita
2015-07-09 17:27 - 2015-02-26 09:51 - 00000584 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1718654459-3381655386-3027345597-1001.job
2015-07-09 13:14 - 2014-09-03 03:19 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1718654459-3381655386-3027345597-1001
2015-07-09 12:58 - 2014-10-30 11:27 - 00000761 _____ C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk
2015-07-09 12:58 - 2014-09-04 18:33 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 12:58 - 2014-09-03 03:19 - 00000000 __RDO C:\Users\Bonita\OneDrive
2015-07-09 12:58 - 2013-08-22 07:46 - 00146900 _____ C:\Windows\setupact.log
2015-07-09 12:58 - 2013-08-22 07:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 12:57 - 2013-08-22 06:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-09 12:15 - 2014-09-03 04:07 - 00000000 ____D C:\ProgramData\WRData
2015-07-09 12:13 - 2014-09-13 12:55 - 01014784 ___SH C:\Users\Bonita\Desktop\Thumbs.db
2015-07-09 12:12 - 2015-01-24 12:52 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-09 12:12 - 2014-03-18 02:39 - 00034474 _____ C:\Windows\PFRO.log
2015-07-09 12:11 - 2013-08-22 08:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-09 12:00 - 2015-05-14 17:57 - 00003464 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2015-07-08 16:04 - 2014-04-18 15:52 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-07-08 11:10 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-08 10:47 - 2015-01-24 12:52 - 00003856 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-08 10:47 - 2015-01-24 12:52 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-08 10:03 - 2014-09-04 18:38 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-06 23:53 - 2015-01-23 14:34 - 00126976 ___SH C:\Users\Bonita\Downloads\Thumbs.db
2015-07-06 14:24 - 2015-04-17 10:30 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-06 14:24 - 2015-04-17 10:30 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 15:20 - 2015-02-06 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-01 14:31 - 2014-09-03 04:07 - 00166128 _____ (Webroot) C:\Windows\SysWOW64\WRusr.dll
2015-07-01 14:31 - 2014-09-03 04:07 - 00116224 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-01 14:31 - 2014-09-03 04:07 - 00103816 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-06-29 18:38 - 2015-03-15 09:02 - 00000000 ____D C:\Users\Bonita\Documents\Legal
2015-06-29 12:38 - 2015-05-31 16:50 - 00003680 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1718654459-3381655386-3027345597-1001
2015-06-29 12:38 - 2015-02-26 09:51 - 00003584 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1718654459-3381655386-3027345597-1001
2015-06-29 11:32 - 2014-09-03 03:14 - 00000000 ____D C:\Users\Bonita\AppData\Local\VirtualStore
2015-06-28 13:46 - 2014-10-09 08:04 - 00000000 ____D C:\Users\Bonita\Downloads\CanonAPChkTool_win210en
2015-06-27 17:11 - 2014-09-03 03:13 - 00000000 ____D C:\Users\Bonita\AppData\Local\Packages
2015-06-27 10:22 - 2014-09-03 14:38 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-25 19:20 - 2014-03-18 02:47 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 09:58 - 2015-01-01 20:06 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-21 13:24 - 2014-09-03 03:14 - 00000000 ____D C:\Users\Bonita\AppData\Roaming\Adobe
2015-06-21 13:21 - 2014-09-03 16:23 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-19 14:00 - 2014-09-03 16:26 - 00000000 ____D C:\Users\Bonita\Documents\USC
2015-06-14 23:30 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\rescache
2015-06-14 19:22 - 2014-04-18 15:52 - 00000000 ____D C:\ProgramData\WildTangent
2015-06-14 19:16 - 2015-02-11 16:14 - 00000000 ____D C:\Users\Bonita\Documents\Recipes
2015-06-12 13:57 - 2013-08-22 07:44 - 00371720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 13:52 - 2015-04-17 10:26 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-12 13:52 - 2015-03-11 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-12 13:52 - 2013-08-22 08:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-12 13:52 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-09 11:49 - 2014-09-04 10:59 - 00000000 ____D C:\Windows\system32\MRT
2015-06-09 11:39 - 2014-09-04 10:59 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-07-05 13:45 - 2015-07-09 12:58 - 0000093 _____ () C:\Users\Bonita\AppData\Roaming\sp_data.sys
2015-04-13 10:01 - 2015-04-13 10:01 - 0007616 _____ () C:\Users\Bonita\AppData\Local\Resmon.ResmonCfg
2014-09-03 20:37 - 2014-09-03 20:40 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2014-09-03 20:36 - 2014-09-03 20:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Files to move or delete:
====================
C:\Users\Bonita\cnmss Canon MX410 series Printer WS (Local).dll


Some files in TEMP:
====================
C:\Users\Bonita\AppData\Local\Temp\Quarantine.exe
C:\Users\Bonita\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-09 12:34

==================== End of log ============================