My computer has become EXTREMELY SLOW. Takes a long time to open firefox, and sometimes lags during shutdown. Also get a black screen with a mouse for quite some time on bootup. There are some suspicious looking files like Yahoo! Browser Plus. Takes like 30-40 seconds to open Control Panel. This is a Toshiba Windows 7 Laptop. Desktop has a tendency to go unresponsive if I right click...
aswMBR just won't work. Something about rootkit analysis. It's a windows message that comes up telling me that it has stopped working. Won't even work in safe mode.
UPDATE: Apparently, "Windows cannot find the disk or network location where your backups are being saved."
...
What is going on?!?!
Here's the FRST logs:
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014
Ran by Conrad Bowen at 2014-08-13 11:04:29
Running from C:\Users\Conrad Bowen\Documents\1to1Greetings\CmasProofs\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.12.0.958 - Bitdefender)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (x32 Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Canon iPF8000 Print Plug-In for Photoshop CS5 x64 (HKLM-x32\...\{C403A67A-2C78-478C-A88A-BB27FC90B13F}) (Version: 5.00 - Canon)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.3 - Dropbox, Inc.)
Dynamic Auto-Painter x64 PRO version 3.0.2 (HKLM\...\{30994599-9734-455F-B51D-7E5E987AFA2A}_is1) (Version: 3.0.2 - Mediachance.com)
Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Apps Migration For Microsoft Outlook® 2.3.14.36 (HKLM-x32\...\{C46F4ED2-0337-4267-97A1-89735C781E0D}) (Version: 2.3.14.36 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.5.370.990 (HKLM-x32\...\{2E92FFC5-4082-40BF-9CA7-0E5D16C811CE}) (Version: 3.5.370.990 - Google, Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 8.0.13192.945 - Hewlett-Packard)
HP LaserJet Pro MFP M127-M128 Fax (Version: 32.0.36.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 Fax (x32 Version: 32.0.36.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 Fax Driver (Version: 32.0.36.0 - Hewlett-Packard Co.) Hidden
HP LaserJet Pro MFP M127-M128 HP Device Toolbox (x32 Version: 32.0.28.0 - Hewlett-Packard Co.) Hidden
HP LJ M127128 Scan HP Scan (x32 Version: 1.0.302.0 - Hewlett-Packard Co.) Hidden
HP Product FWUpdater (x32 Version: 4.0.0.8582 - Hewlett-Packard Company) Hidden
HP Unified IO (Version: 2.0.0.477 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.477 - HP) Hidden
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM128DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM127_128 (x32 Version: 008.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
imagePROGRAF Status Monitor (HKLM-x32\...\{66392B7C-C522-450D-97B7-B3E41E170C3B}) (Version: 25.10 - Canon)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Personal Folders Backup (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Express Edition (SQLEXPRESS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PDF Pro 10 (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 10.4.0000 - PDF Pro Software)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
QuickBooks (x32 Version: 21.0.4014.904 - Intuit Inc.) Hidden
QuickBooks Pro 2011 (HKLM-x32\...\{11E0AC7D-6822-4F67-865F-EE1C13D28C38}) (Version: 21.0.4014.904 - Intuit Inc.)
QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.07.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.04 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.6.06.64 - TOSHIBA Corporation) Hidden
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.3.64 - TOSHIBA Corporation) Hidden
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Visual C++ 8.0 CRT (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
Visual C++ 8.0 CRT.Policy (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
Visual C++ 8.0 MFC (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
Visual C++ 8.0 MFC.Policy (x86) WinSXS MSM (x32 Version: 8.0.50727.762 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinZip 12.1 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}) (Version: 12.1.8519 - WinZip Computing, S.L. )
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Local\Citrix\GoToMeeting\1312\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4154370108-1394326414-2424723564-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
16-07-2014 19:22:16 Windows Update
23-07-2014 20:35:26 Scheduled Checkpoint
25-07-2014 23:46:29 Windows Update
01-08-2014 20:20:03 Removed GO Contact Sync Mod
02-08-2014 13:19:24 Windows Update
03-08-2014 17:50:12 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2010-10-31 06:26 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0883E6EF-163E-42E5-8247-2F1C7192405C} - System32\Tasks\{57E5DE37-2FE6-4504-A21F-AEC32D06D1C0} => C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\HPScan.exe [2013-05-31] (Hewlett-Packard Co.)
Task: {13F6AA28-AE48-4601-8D68-66DEBC30ABDA} - System32\Tasks\{2445BE4C-1F50-410B-AF68-A057FC5EBB31} => C:\Users\Conrad Bowen\Desktop\winzip121.exe
Task: {1ACC2C94-A80C-49E7-BFDA-38C05FE6F7DB} - System32\Tasks\{E4611E08-D5B5-496C-9544-AD1B7C299FD0} => Firefox.exe
Task: {25C80F8C-D2ED-48E3-B4FA-03DFECE781C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-21] (Google Inc.)
Task: {2CA33F08-846C-44AF-A112-82C25E1ABEED} - System32\Tasks\{75CF7C7B-9F3F-416E-B5B5-9FE1C4F05C4C} => Firefox.exe
Task: {32E94DAA-6847-4B67-BF85-360EE3E7325B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {69881864-55FD-4570-A77F-4D203B0EBA86} - System32\Tasks\{2B21AEF8-ED8D-4C64-81AA-89B9BE7569CE} => C:\Users\Conrad Bowen\Desktop\winzip121.exe
Task: {6CEEE651-460C-45FE-A373-5FE34F815266} - System32\Tasks\{240348F0-D786-4E27-A973-3E98D0FB417E} => Firefox.exe
Task: {8BDADA94-E612-4156-8C6A-C1CE6B2DB6AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {94718C96-CBE4-440A-9357-F4810C4FA8F0} - System32\Tasks\G2MUpdateTask-S-1-5-21-4154370108-1394326414-2424723564-1000 => C:\Users\Conrad Bowen\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E0CFE8BB-DF90-47AB-803D-6949A1B506FD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {E0F931BA-49A8-49E6-B32F-D34F62A0AA21} - System32\Tasks\{7D51BA00-EF02-4CAE-B3B6-213E45E98A05} => Firefox.exe
Task: {E13897A7-C31D-4222-AAC0-FCA019F699CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-09-21] (Google Inc.)
Task: {FA8C5BE1-6DA0-4684-A1EB-681E0136DB4B} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4154370108-1394326414-2424723564-1000.job => C:\Users\Conrad Bowen\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-07-15 15:52 - 2014-06-06 15:11 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2014-07-15 15:52 - 2014-07-11 17:30 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2014-07-15 15:52 - 2012-10-29 15:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2014-07-25 05:43 - 2014-07-25 05:44 - 00780592 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpbr.mdl
2014-07-25 05:43 - 2014-07-25 05:44 - 00568400 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpdsp.mdl
2014-07-25 05:44 - 2014-07-25 05:44 - 02602680 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttpph.mdl
2014-07-25 05:44 - 2014-07-25 05:44 - 01323408 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00047_002\ashttprbl.mdl
2014-07-15 15:52 - 2013-03-25 16:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2014-07-15 15:52 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2014-08-07 10:53 - 2014-08-07 10:53 - 00043008 _____ () c:\Users\Conrad Bowen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmelckt.dll
2013-10-18 17:55 - 2013-10-18 17:55 - 25100288 _____ () C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\libcef.dll
2012-04-18 20:37 - 2011-08-29 15:57 - 01135616 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\TMSlite140.bpl
2012-04-18 20:37 - 2011-08-29 15:57 - 02366464 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\BBlite140.bpl
2012-04-18 20:37 - 2010-11-23 09:46 - 02387456 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\PKIECtrl140.bpl
2012-04-18 20:37 - 2011-07-31 08:45 - 00684032 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\js32.dll
2012-04-18 20:37 - 2011-08-18 16:40 - 00336896 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\visage140.bpl
2012-04-18 20:37 - 2011-08-29 15:57 - 00088576 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\expertpdfcore140.bpl
2012-04-18 20:37 - 2011-08-18 16:40 - 00212992 _____ () C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vsmisc140.bpl
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D346F792
AlternateDataStreams: C:\Users\Conrad Bowen\Downloads\FRST64.exe:BDU
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk => C:\windows\pss\Adobe Gamma Loader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^imagePROGRAF Status Monitor.lnk => C:\windows\pss\imagePROGRAF Status Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk => C:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Conrad Bowen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: (default) =>
MSCONFIG\startupreg: 00TCrdMain => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CnwiDeviceAgent => C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwida.exe
MSCONFIG\startupreg: Heleni Uploader =>
MSCONFIG\startupreg: HotKeysCmds => "C:\windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IgfxTray => "C:\windows\system32\igfxtray.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
MSCONFIG\startupreg: MSC =>
MSCONFIG\startupreg: Persistence => "C:\windows\system32\igfxpers.exe"
MSCONFIG\startupreg: PhotoJoy =>
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SmartAudio =>
MSCONFIG\startupreg: StartNowToolbarHelper =>
MSCONFIG\startupreg: StatusAlerts => "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: TosNC => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
MSCONFIG\startupreg: TosVolRegulator => "C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
MSCONFIG\startupreg: TPwrMain => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: Windows Mobile Device Center => "%windir%\WindowsMobile\wmdc.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/13/2014 10:02:31 AM) (Source: System Restore) (EventID: 8211) (User: )
Description: The scheduled restore point could not be created. Additional information: (0x81000101).
Error: (08/13/2014 10:02:31 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Description = Scheduled Checkpoint; Error = 0x81000101).
Error: (08/04/2014 04:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
Error: (08/02/2014 02:22:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: spoolsv.exe, version: 6.1.7601.17777, time stamp: 0x4f35fc1d
Faulting module name: hpzjcd01.dll_unloaded, version: 0.0.0.0, time stamp: 0x515df290
Exception code: 0xc0000005
Fault offset: 0x0000000180019f9b
Faulting process id: 0x668
Faulting application start time: 0xspoolsv.exe0
Faulting application path: spoolsv.exe1
Faulting module path: spoolsv.exe2
Report Id: spoolsv.exe3
Error: (07/31/2014 07:14:15 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/31/2014 07:14:15 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/31/2014 07:14:15 AM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/29/2014 00:17:35 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/29/2014 00:17:35 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
Error: (07/29/2014 00:17:35 PM) (Source: QuickBooks) (EventID: 4) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle
System errors:
=============
Error: (08/07/2014 00:09:41 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{42E3E135-8341-4569-B362-A380A0DF4BF5}.
The backup browser is stopping.
Error: (08/07/2014 08:53:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service.
Error: (08/06/2014 06:28:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the netprofm service.
Error: (08/05/2014 04:43:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (08/04/2014 02:00:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (08/03/2014 11:45:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (08/02/2014 02:22:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (08/02/2014 08:04:16 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (08/02/2014 07:14:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Bitdefender Virus Shield service hung on starting.
Error: (07/29/2014 07:07:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
Microsoft Office Sessions:
=========================
Error: (12/12/2013 11:13:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 36 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/19/2013 03:31:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14797 seconds with 4320 seconds of active time. This session ended with a crash.
Error: (09/20/2013 05:12:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14538 seconds with 600 seconds of active time. This session ended with a crash.
Error: (08/09/2013 11:13:54 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 55787 seconds with 5940 seconds of active time. This session ended with a crash.
Error: (05/09/2013 04:42:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/24/2013 05:04:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/14/2012 10:37:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1316 seconds with 780 seconds of active time. This session ended with a crash.
Error: (09/21/2012 08:20:24 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13794 seconds with 2340 seconds of active time. This session ended with a crash.
Error: (07/09/2012 08:09:05 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 153 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/15/2012 05:17:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 59 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-02-27 14:06:51.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 14:06:51.331
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 14:06:49.128
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 14:06:48.967
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 14:06:42.031
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 14:06:41.375
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP25.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Celeron® CPU 900 @ 2.20GHz
Percentage of memory in use: 58%
Total physical RAM: 1915.98 MB
Available physical RAM: 799.52 MB
Total Pagefile: 3831.95 MB
Available Pagefile: 1172.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (TI105847W0F) (Fixed) (Total:222.47 GB) (Free:141.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 249AAA6F)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=222 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9 GB) - (Type=17)
==================== End Of Log ============================
FRST:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by Conrad Bowen (administrator) on CBSLAPTOP on 13-08-2014 10:58:20
Running from C:\Users\Conrad Bowen\Documents\1to1Greetings\CmasProofs\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(CANON INC) C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(CANON INC.) C:\Windows\System32\cnwiols6.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Intuit) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
(Dropbox, Inc.) C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwtxapps.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Visagesoft) C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vspdfprsrv.exe
(Hewlett Packard) C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\odscanui.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1569536 2014-07-29] (Bitdefender)
HKLM-x32\...\Run: [vspdfprsrv.exe] => C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vspdfprsrv.exe [4566016 2011-08-29] (Visagesoft)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-04-03] (Google Inc.)
HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\...\Run: [Bitdefender Wallet Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [814064 2014-07-29] (Bitdefender)
HKU\S-1-5-21-4154370108-1394326414-2424723564-1000\...\MountPoints2: {0811df36-2892-11e0-8890-00266c5a3206} - E:\LaunchU3.exe -a
Startup: C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: __SafeBox1 -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox2 -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox3 -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers: __SafeBox4 -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll (Bitdefender)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Conrad Bowen\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {0E5BE163-B4B7-4606-86A4-9A275814FF82} URL = http://www.google.co...ng}&rlz=1I7TSNA
SearchScopes: HKLM-x32 - {8EACC4AA-8F68-495E-873C-25480C25810A} URL = http://www.google.co...ng}&rlz=1I7TSNA
SearchScopes: HKCU - {0E5BE163-B4B7-4606-86A4-9A275814FF82} URL =
SearchScopes: HKCU - {393FDADD-FD5E-4C78-B0EC-99AB99C5B656} URL = http://us.yhs4.searc...669,0,FF27,7635
SearchScopes: HKCU - {8B972E91-7C10-456B-9466-AB766B66DD94} URL = http://search.condui...6314519233&UM=2
SearchScopes: HKCU - {8EACC4AA-8F68-495E-873C-25480C25810A} URL = http://www.google.co...ng}&rlz=1I7TSNA
SearchScopes: HKCU - {E10195EF-867C-49D7-BCA5-77419340AE66} URL = http://www.google.co...1I7TSNA_enUS398
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll (Bitdefender)
Toolbar: HKLM-x32 - No Name - !{2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM-x32 - No Name - !{EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll (Bitdefender)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - No File
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - No File
Handler-x32: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Conrad Bowen\AppData\Roaming\Mozilla\Firefox\Profiles\nhg2jzjt.default-1400084744074
FF Homepage: https://www.memotoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Conrad Bowen\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Conrad Bowen\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2014-07-15]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2014-07-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
Chrome:
=======
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\CONRAD~1\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-06]
CHR HKCU\...\Chrome\Extension: [dkjaldeegndmngnahlmdbfnejdobkmil] - C:\Users\Conrad Bowen\AppData\Local\CRE\dkjaldeegndmngnahlmdbfnejdobkmil.crx [2013-08-07]
CHR HKLM-x32\...\Chrome\Extension: [dkjaldeegndmngnahlmdbfnejdobkmil] - C:\Users\Conrad Bowen\AppData\Local\CRE\dkjaldeegndmngnahlmdbfnejdobkmil.crx [2013-08-07]
CHR HKLM-x32\...\Chrome\Extension: [fdjkhamgopgokjmllcmpkiijndjeidcl] - C:\Users\Conrad Bowen\AppData\Local\Temp\twsfiles\trustedshopper.crx [2013-08-07]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2011-06-23] () [File not signed]
S4 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [77632 2014-06-06] (Bitdefender)
R2 Canon imagePROGRAF Status Monitor; C:\Program Files\Canon\imagePROGRAFStatusMonitor\cnwisam.exe [739672 2011-11-18] (CANON INC)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-02-25] (Freemake) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 iPFDeviceAgentService; C:\windows\system32\cnwiols6.exe [210944 2008-12-08] (CANON INC.) [File not signed]
R3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
R2 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2014-02-03] (Intuit) [File not signed]
S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed]
R2 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2011-06-30] (Intuit Inc.) [File not signed]
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-06-12] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1513952 2014-07-29] (Bitdefender)
S3 Adpst_im; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [893440 2013-12-02] (BitDefender)
R3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [635392 2013-12-02] (BitDefender)
R1 BdfNdisf; c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf6.sys [93600 2013-11-13] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107080 2012-10-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
S3 BDSandBox; C:\windows\system32\drivers\bdsandbox.sys [82824 2013-11-04] (BitDefender SRL)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [76944 2012-04-17] (BitDefender)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-02-26] ()
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [389240 2013-08-07] (BitDefender S.R.L.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 10:57 - 2014-08-13 10:58 - 00000000 ____D () C:\FRST
2014-08-13 10:54 - 2014-08-13 10:54 - 02100224 _____ (Farbar) C:\Users\Conrad Bowen\Downloads\FRST64.exe
2014-08-13 10:45 - 2014-08-13 10:55 - 00000000 ___RD () C:\Users\Public\Desktop\PC Repair Tools
2014-08-07 09:28 - 2014-08-07 10:48 - 00000000 ____D () C:\AdwCleaner
2014-08-03 11:50 - 2014-05-14 10:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-03 11:50 - 2014-05-14 10:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-03 11:50 - 2014-05-14 10:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-03 11:50 - 2014-05-14 10:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-02 15:01 - 2014-08-02 15:03 - 00000000 ____D () C:\Users\Conrad Bowen\Documents\FamHistPhotos
2014-08-02 12:44 - 2014-08-02 12:45 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Local\{1D023D19-8966-4978-9A51-68329401A473}
2014-08-02 07:20 - 2014-05-14 10:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-02 07:20 - 2014-05-14 10:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-02 07:20 - 2014-05-14 10:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-02 07:20 - 2014-05-14 10:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-02 07:20 - 2014-05-14 10:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-02 07:20 - 2014-05-14 10:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-02 07:20 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-02 07:20 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-02 07:20 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-02 07:20 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-07-31 11:51 - 2014-07-31 11:57 - 00000000 _____ () C:\Users\Conrad Bowen\Documents\HPLJM127_128_Fax_Port
2014-07-29 14:10 - 2014-07-29 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 07:58 - 2014-07-23 07:59 - 15344640 _____ () C:\Users\Conrad Bowen\Desktop\B+2013-12 (Portable).QBM
2014-07-22 16:18 - 2014-07-22 16:18 - 00000000 ____H () C:\Users\Conrad Bowen\Documents\Default.rdp
2014-07-18 14:16 - 2014-07-18 14:16 - 00021348 _____ () C:\Users\Conrad Bowen\Downloads\Magna-3243ThomasBrookWy.htm
2014-07-18 14:16 - 2014-07-18 14:16 - 00000000 ____D () C:\Users\Conrad Bowen\Downloads\Magna-3243ThomasBrookWy_files
2014-07-17 22:02 - 2014-07-17 22:02 - 00021963 _____ () C:\Users\Conrad Bowen\Downloads\Utah Legal Notices _.htm
2014-07-17 22:02 - 2014-07-17 22:02 - 00000000 ____D () C:\Users\Conrad Bowen\Downloads\Utah Legal Notices __files
2014-07-16 06:34 - 2014-07-16 06:34 - 00000439 _____ () C:\Users\Conrad Bowen\AppData\Roaminguser_gensett.xml
2014-07-16 06:32 - 2014-07-16 06:32 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2014-07-15 16:23 - 2014-07-15 16:23 - 00074512 _____ (BitDefender SRL) C:\windows\system32\bdsandboxuiskin32.dll
2014-07-15 15:57 - 2014-07-15 15:57 - 00642321 _____ () C:\ProgramData\1405460457.bdinstall.bin
2014-07-15 15:54 - 2014-07-15 15:54 - 00000684 ____H () C:\bdr-cf01
2014-07-15 15:53 - 2014-07-15 16:10 - 00000000 ____D () C:\ProgramData\BDLogging
2014-07-15 15:53 - 2014-07-15 15:53 - 00002137 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-07-15 15:53 - 2014-07-15 15:53 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-07-15 15:53 - 2014-07-15 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-07-15 15:52 - 2013-12-02 12:58 - 00635392 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys
2014-07-15 15:52 - 2013-12-02 12:56 - 00893440 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys
2014-07-15 15:52 - 2013-11-13 16:41 - 00093600 _____ (BitDefender LLC) C:\windows\system32\Drivers\BdfNdisf6.sys
2014-07-15 15:52 - 2013-11-04 16:47 - 00082824 _____ (BitDefender SRL) C:\windows\system32\Drivers\bdsandbox.sys
2014-07-15 15:52 - 2013-11-04 16:47 - 00074512 _____ (BitDefender SRL) C:\windows\SysWOW64\bdsandboxuiskin32.dll
2014-07-15 15:52 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys
2014-07-15 15:52 - 2012-04-17 14:34 - 00076944 _____ (BitDefender) C:\windows\system32\Drivers\bdvedisk.sys
2014-07-15 15:52 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll
2014-07-15 15:50 - 2014-07-15 16:12 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\Bitdefender
2014-07-15 15:50 - 2014-07-15 15:54 - 00253404 ____H () C:\bdr-ld01
2014-07-15 15:50 - 2014-07-15 15:54 - 00009216 ____H () C:\bdr-ld01.mbr
2014-07-15 15:50 - 2014-07-04 17:49 - 49563064 ____H () C:\bdr-im01.gz
2014-07-15 15:50 - 2013-08-13 13:38 - 03271472 ____H () C:\bdr-bz01
2014-07-15 15:41 - 2014-07-15 15:55 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-07-15 15:41 - 2014-07-15 15:50 - 00000000 ____D () C:\Program Files\Bitdefender
2014-07-15 15:41 - 2013-11-04 16:47 - 00084848 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUISkin.dll
2014-07-15 15:41 - 2013-11-04 16:46 - 00034384 _____ (BitDefender SRL) C:\windows\system32\BDSandBoxUH.dll
2014-07-15 15:41 - 2013-08-23 13:48 - 00150256 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys
2014-07-15 15:41 - 2013-08-07 13:46 - 00389240 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys
2014-07-15 15:40 - 2014-07-15 15:40 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\QuickScan
2014-07-15 15:26 - 2014-08-07 10:50 - 00053510 _____ () C:\windows\PFRO.log
2014-07-15 15:23 - 2014-07-15 15:41 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-07-15 15:22 - 2014-07-15 15:23 - 06770080 _____ () C:\Users\Conrad Bowen\Downloads\bitdefender_tsecurity.exe
2014-07-15 14:47 - 2014-08-05 16:52 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 14:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-15 14:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-15 14:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-15 14:45 - 2014-07-15 14:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Conrad Bowen\Downloads\mbam-setup-2.0.2.1012.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-13 11:02 - 2013-10-10 19:57 - 01216892 _____ () C:\windows\WindowsUpdate.log
2014-08-13 10:58 - 2014-08-13 10:57 - 00000000 ____D () C:\FRST
2014-08-13 10:55 - 2014-08-13 10:45 - 00000000 ___RD () C:\Users\Public\Desktop\PC Repair Tools
2014-08-13 10:54 - 2014-08-13 10:54 - 02100224 _____ (Farbar) C:\Users\Conrad Bowen\Downloads\FRST64.exe
2014-08-13 10:49 - 2012-04-13 19:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-13 10:42 - 2014-02-27 15:05 - 00000604 _____ () C:\windows\Tasks\G2MUpdateTask-S-1-5-21-4154370108-1394326414-2424723564-1000.job
2014-08-13 10:40 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\NDF
2014-08-13 10:29 - 2010-09-21 16:29 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-13 09:37 - 2010-09-21 16:29 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-13 09:22 - 2009-07-13 23:13 - 00926884 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-07 11:02 - 2009-07-13 22:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-07 11:02 - 2009-07-13 22:45 - 00015792 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-07 10:53 - 2014-06-05 20:21 - 00000000 ___RD () C:\Users\Conrad Bowen\Dropbox
2014-08-07 10:53 - 2014-06-05 20:17 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\Dropbox
2014-08-07 10:51 - 2014-05-30 09:21 - 00005701 _____ () C:\windows\setupact.log
2014-08-07 10:51 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-07 10:50 - 2014-07-15 15:26 - 00053510 _____ () C:\windows\PFRO.log
2014-08-07 10:48 - 2014-08-07 09:28 - 00000000 ____D () C:\AdwCleaner
2014-08-05 19:17 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-08-05 16:52 - 2014-07-15 14:47 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 12:34 - 2014-01-26 10:40 - 00000000 ____D () C:\Users\Conrad Bowen\Documents\Primary
2014-08-02 15:03 - 2014-08-02 15:01 - 00000000 ____D () C:\Users\Conrad Bowen\Documents\FamHistPhotos
2014-08-02 12:45 - 2014-08-02 12:44 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Local\{1D023D19-8966-4978-9A51-68329401A473}
2014-08-02 12:44 - 2010-10-27 08:17 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Local\Windows Live
2014-08-01 20:01 - 2011-05-27 09:20 - 00000000 ____D () C:\Users\Public\Documents\Intuit
2014-08-01 14:02 - 2014-03-27 19:33 - 00271360 _____ () C:\Users\Conrad Bowen\Documents\Outlook backup.pst
2014-08-01 13:07 - 2010-10-12 21:15 - 00000000 ____D () C:\windows\Minidump
2014-07-31 14:38 - 2010-09-22 06:52 - 00000000 ____D () C:\Users\Conrad Bowen\Documents\USR
2014-07-31 11:57 - 2014-07-31 11:51 - 00000000 _____ () C:\Users\Conrad Bowen\Documents\HPLJM127_128_Fax_Port
2014-07-31 11:51 - 2014-05-19 16:35 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Local\HP
2014-07-30 20:56 - 2012-04-24 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-29 14:10 - 2014-07-29 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-27 09:48 - 2012-05-11 17:17 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 09:48 - 2012-05-11 17:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 17:49 - 2012-05-11 17:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 16:58 - 2014-06-05 20:19 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-23 07:59 - 2014-07-23 07:58 - 15344640 _____ () C:\Users\Conrad Bowen\Desktop\B+2013-12 (Portable).QBM
2014-07-22 16:18 - 2014-07-22 16:18 - 00000000 ____H () C:\Users\Conrad Bowen\Documents\Default.rdp
2014-07-22 12:10 - 2011-10-07 14:32 - 00000000 ____D () C:\Users\Conrad Bowen\Documents\Bergenthal
2014-07-18 14:16 - 2014-07-18 14:16 - 00021348 _____ () C:\Users\Conrad Bowen\Downloads\Magna-3243ThomasBrookWy.htm
2014-07-18 14:16 - 2014-07-18 14:16 - 00000000 ____D () C:\Users\Conrad Bowen\Downloads\Magna-3243ThomasBrookWy_files
2014-07-17 22:02 - 2014-07-17 22:02 - 00021963 _____ () C:\Users\Conrad Bowen\Downloads\Utah Legal Notices _.htm
2014-07-17 22:02 - 2014-07-17 22:02 - 00000000 ____D () C:\Users\Conrad Bowen\Downloads\Utah Legal Notices __files
2014-07-16 14:49 - 2009-07-13 23:32 - 00000000 ____D () C:\windows\Offline Web Pages
2014-07-16 06:34 - 2014-07-16 06:34 - 00000439 _____ () C:\Users\Conrad Bowen\AppData\Roaminguser_gensett.xml
2014-07-16 06:32 - 2014-07-16 06:32 - 00000385 _____ () C:\windows\system32\user_gensett.xml
2014-07-15 16:23 - 2014-07-15 16:23 - 00074512 _____ (BitDefender SRL) C:\windows\system32\bdsandboxuiskin32.dll
2014-07-15 16:12 - 2014-07-15 15:50 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\Bitdefender
2014-07-15 16:10 - 2014-07-15 15:53 - 00000000 ____D () C:\ProgramData\BDLogging
2014-07-15 15:57 - 2014-07-15 15:57 - 00642321 _____ () C:\ProgramData\1405460457.bdinstall.bin
2014-07-15 15:55 - 2014-07-15 15:41 - 00000000 ____D () C:\ProgramData\Bitdefender
2014-07-15 15:54 - 2014-07-15 15:54 - 00000684 ____H () C:\bdr-cf01
2014-07-15 15:54 - 2014-07-15 15:50 - 00253404 ____H () C:\bdr-ld01
2014-07-15 15:54 - 2014-07-15 15:50 - 00009216 ____H () C:\bdr-ld01.mbr
2014-07-15 15:53 - 2014-07-15 15:53 - 00002137 _____ () C:\Users\Public\Desktop\Bitdefender Total Security 2015.lnk
2014-07-15 15:53 - 2014-07-15 15:53 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2014-07-15 15:53 - 2014-07-15 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
2014-07-15 15:50 - 2014-07-15 15:41 - 00000000 ____D () C:\Program Files\Bitdefender
2014-07-15 15:41 - 2014-07-15 15:23 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender
2014-07-15 15:40 - 2014-07-15 15:40 - 00000000 ____D () C:\Users\Conrad Bowen\AppData\Roaming\QuickScan
2014-07-15 15:37 - 2011-02-02 11:24 - 00001945 _____ () C:\windows\epplauncher.mif
2014-07-15 15:23 - 2014-07-15 15:22 - 06770080 _____ () C:\Users\Conrad Bowen\Downloads\bitdefender_tsecurity.exe
2014-07-15 15:05 - 2010-09-21 14:26 - 00000000 ____D () C:\Users\Conrad Bowen
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-15 14:46 - 2014-07-15 14:46 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-15 14:45 - 2014-07-15 14:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Conrad Bowen\Downloads\mbam-setup-2.0.2.1012.exe
Some content of TEMP:
====================
C:\Users\Conrad Bowen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmelckt.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-07 08:55
==================== End Of Log ============================
Thank you guys for your time, you really make a difference!
Edited by Spencer4134, 13 August 2014 - 12:21 PM.