Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help with virus, malware, reg errors [Solved]

Started by Jeremy7777 , Feb 21 2015 01:25 PM
Virus malware registry errors duplicate file overall help

  • This topic is locked This topic is locked

#1
Jeremy7777
Posted 21 February 2015 - 01:25 PM

Jeremy7777

    Member

  • Member
  • PipPip
  • 73 posts
I'm very inexperienced with computer issues and desperately need advice with common issues that I don't understand. I can't offord paid virus/malware programs and need my pc to performs best as possible. Thank you for any help
  • 0

Advertisements

#2
Nevan
Posted 21 February 2015 - 02:12 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts

Hello, Jeremy7777. Welcome to Geeks to Go! My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:

  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.

Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

Let's get started :)
 

 

Could you please tell me what problems you currently have with your computer?

 

Also, I'd like to have a look at your system. Please, do the following:

FRST Scan

Download Farbar Recovery Scan Tool and save it to your Desktop. There are two different versions:

  • Click here to download the 32-bit version.
  • Click here to download the 64-bit version.

If you don't know which version you should use, download one of them and check if it's working or not. If it doesn't, download the second one. Once you have the right one, perform the instructions below.

  • Right click FRST.exe (or FRST64.exe) and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.

 
Things that should appear in your next post:

  • FRST.txt log content
  • Addition.txt log content
  • Answer to my question

  • 0

#3
Jeremy7777
Posted 21 February 2015 - 02:22 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-02-2015
Ran by Bridget (administrator) on BRIDGET-PC on 21-02-2015 14:18:17
Running from C:\Users\Bridget\Downloads
Loaded Profiles: Bridget (Available profiles: Bridget)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Mixesoft Project) C:\Users\Bridget\AppData\Local\Mixesoft\AppNHost\appnhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2328944 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [appnhost] => C:\Users\Bridget\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Mixesoft Project)
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\MountPoints2: {38078d4b-a1e0-11dd-a8e4-88ae1d490acc} - E:\Autorun.exe
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\MountPoints2: {40721f25-9dcd-11dd-8a6f-88ae1d490acc} - E:\MotorolaDeviceManagerSetup.exe -a
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....=TSND&bmod=TSND
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://start.toshiba.com/g/
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://Vosteran.com/...r=541885164&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://Vosteran.com/...r=541885164&ir=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://Vosteran.com/...=1003046661&ir=
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM-x32 -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://www.google.co...ng}&rlz=1I7TSND
SearchScopes: HKU\.DEFAULT -> DefaultScope {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = 
SearchScopes: HKU\.DEFAULT -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> C21C9A5F607F44EF983234E68BA51160 URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {DDBDAE81-DBB4-4B12-8428-676DF905086C} URL = http://www.google.co...ng}&rlz=1I7TSND
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: No Name -> {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.bing.com/search
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safesearch.xml
FF Extension: LastPass - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\[email protected] [2015-02-16]
FF Extension: AdBlock for Firefox - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\[email protected] [2015-02-13]
FF Extension: Perfect Redirector - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\{4B797F68-9C25-4926-8959-728E54D7B699}.xpi [2015-02-13]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
FF HKLM-x32\...\Firefox\Extensions: [{635abd67-4fe9-1b23-4f01-e679fa7484c1}] - error\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
 
Chrome: 
=======
CHR Profile: C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-20]
CHR Extension: (Google Docs) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-07-04]
CHR Extension: (Google Drive) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-20]
CHR Extension: (YouTube) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-04]
CHR Extension: (3D Graffiti) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabfebkdmghefegjmochekfnmiikkko [2015-02-20]
CHR Extension: (Google Search) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-04]
CHR Extension: (GIMP on rollApp) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2015-02-20]
CHR Extension: (Google Sheets) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-20]
CHR Extension: (PicMonkey) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2015-02-20]
CHR Extension: (Click&Clean) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2015-02-20]
CHR Extension: (AdBlock) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-20]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2015-02-20]
CHR Extension: (No History) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljamgkbcojbnmcaonjokopmcblmmpfch [2015-02-20]
CHR Extension: (Google Wallet) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-17]
CHR Extension: (Instagram for Chrome) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\opnbmdkdflhjiclaoiiifmheknpccalb [2015-02-20]
CHR Extension: (Click&Clean App) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-02-20]
CHR Extension: (Gmail) - C:\Users\Bridget\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-04]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Bridget\AppData\Local\speedial.crx [2008-05-22]
CHR HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Bridget\AppData\Local\speedial.crx [2008-05-22]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Bridget\AppData\Local\speedial.crx [2008-05-22]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-02-13]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-01-07] (Adobe Systems Incorporated)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [126904 2010-05-22] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S4 70e6ca8c; "C:\windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
S4 IePluginServices; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2008-07-07] (The OpenVPN Project)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-01] (HTC, Corporation) [File not signed]
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\ENG64.SYS [117808 2010-05-28] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20100528.021\EX64.SYS [1773104 2010-05-28] (Symantec Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
U5 regi; C:\Windows\System32\Drivers\regi.sys [14112 2007-04-17] (InterVideo)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
S1 SRTSP; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSP64.SYS [701800 2010-05-23] (Symantec Corporation) [File not signed]
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1200000.080\SRTSPX64.SYS [38248 2010-05-23] (Symantec Corporation) [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-12-11] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-21 14:18 - 2015-02-21 14:19 - 00023656 ____C () C:\Users\Bridget\Downloads\FRST.txt
2015-02-21 14:17 - 2015-02-21 14:18 - 00000000 ___DC () C:\FRST
2015-02-21 14:17 - 2015-02-21 14:17 - 02086912 ____C (Farbar) C:\Users\Bridget\Downloads\FRST64.exe
2015-02-21 13:37 - 2015-02-21 13:29 - 02992292 ____C () C:\Users\Bridget\Documents\performace.html
2015-02-21 13:36 - 2015-02-21 13:36 - 00000000 ___DC () C:\Users\Bridget\Documents\2015 performance monitor results
2015-02-21 03:07 - 2015-02-21 03:07 - 00804985 ____C () C:\Users\Bridget\Downloads\RegpairSetup.exe
2015-02-21 02:54 - 2015-02-21 02:54 - 00000340 ____C () C:\Users\Bridget\Downloads\ClickClean-v8.4-Options.json
2015-02-20 15:51 - 2015-02-20 15:51 - 02925856 ____C (BoostSoftware Inc. ) C:\Users\Bridget\Downloads\PCHealthBoost-Setup.exe
2015-02-20 11:15 - 2015-02-20 11:15 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Mixesoft
2015-02-20 11:14 - 2015-02-20 11:14 - 00282624 ____C () C:\Users\Bridget\Downloads\appnhost.msi
2015-02-20 10:12 - 2015-02-20 10:16 - 00016088 ____C () C:\Users\Bridget\Downloads\software_removal_tool.log
2015-02-20 10:03 - 2015-02-20 10:10 - 00002230 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-20 10:03 - 2015-02-20 10:03 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 10:02 - 2015-02-21 14:07 - 00000900 ____C () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-20 10:02 - 2015-02-21 12:00 - 00000896 ____C () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-20 10:02 - 2015-02-20 10:02 - 00880208 ____C (Google Inc.) C:\Users\Bridget\Downloads\ChromeSetup.exe
2015-02-20 10:02 - 2015-02-20 10:02 - 00003896 ____C () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-20 10:02 - 2015-02-20 10:02 - 00003644 ____C () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-19 19:23 - 2015-02-19 19:23 - 02077392 ____C (Microsoft Corporation) C:\Users\Bridget\Downloads\IE11-Windows6.1.exe
2015-02-18 22:33 - 2015-02-18 22:34 - 00000000 ___DC () C:\Program Files (x86)\QuickTime
2015-02-18 22:33 - 2015-02-18 22:33 - 00001816 ____C () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-02-18 22:33 - 2015-02-18 22:33 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-02-18 22:22 - 2015-02-18 22:24 - 42096984 ____C (Apple Inc.) C:\Users\Bridget\Downloads\QuickTimeInstaller(1).exe
2015-02-18 14:37 - 2015-02-18 14:37 - 00001051 ____C () C:\Users\Bridget\Desktop\Adobe Photoshop CC 2014.lnk
2015-02-18 03:29 - 2015-02-18 03:29 - 00000000 ___DC () C:\Users\Bridget\Documents\Adobe
2015-02-18 03:27 - 2015-02-18 03:27 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\PDAppFlex
2015-02-14 23:27 - 2015-02-14 23:27 - 00000000 ___DC () C:\Users\Bridget\Desktop\original wedding library copy from minichip
2015-02-14 23:14 - 2015-02-14 23:14 - 00001284 ____C () C:\Users\Bridget\Desktop\Adobe Creative Cloud.lnk
2015-02-14 23:11 - 2015-02-14 23:13 - 00000000 ___DC () C:\Users\Bridget\Desktop\Jeremy Bridget wedding full
2015-02-13 21:18 - 2015-02-13 21:18 - 00000000 ___DC () C:\Users\Bridget\Documents\test resorces monitering
2015-02-13 17:33 - 2015-02-13 17:33 - 00003510 _____ () C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-Bridget-PC-Bridget
2015-02-13 17:19 - 2015-02-13 17:19 - 00001051 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk
2015-02-13 12:58 - 2015-02-13 14:08 - 00000000 __RDC () C:\Users\Bridget\Dropbox
2015-02-13 12:44 - 2015-02-14 23:11 - 00000000 ___DC () C:\Users\Bridget\Desktop\jeremy
2015-02-13 12:40 - 2015-02-13 12:40 - 00000000 ___DC () C:\Users\Bridget\Desktop\ellis fam pics
2015-02-13 12:38 - 2015-02-13 12:38 - 00000000 ___DC () C:\Users\Bridget\Desktop\bridgets pics
2015-02-13 12:16 - 2015-02-13 14:10 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Dropbox
2015-02-13 12:16 - 2015-02-13 12:16 - 00355464 ____C (Dropbox, Inc.) C:\Users\Bridget\Downloads\DropboxInstaller.exe
2015-02-13 09:29 - 2015-02-13 09:29 - 00001284 ____C () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-02-13 01:48 - 2015-02-13 02:28 - 00000000 ___DC () C:\Users\Bridget\Downloads\AVPN
2015-02-12 23:29 - 2015-02-12 23:29 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Toshiba Corporation
2015-02-12 21:48 - 2015-02-12 21:49 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\MigWiz
2015-02-12 19:58 - 2015-02-12 19:58 - 00000000 ___DC () C:\Program Files\Bonjour
2015-02-12 19:58 - 2015-02-12 19:58 - 00000000 ___DC () C:\Program Files (x86)\Bonjour
2015-02-12 19:27 - 2015-02-12 19:27 - 71647536 ____C (Apple Inc.) C:\Users\Bridget\Downloads\icloudsetup.exe
2015-02-12 16:49 - 2015-01-22 22:42 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-02-12 16:49 - 2015-01-22 22:41 - 06041600 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-02-12 16:49 - 2015-01-22 21:43 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-02-12 16:49 - 2015-01-22 21:17 - 04300800 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-02-11 20:57 - 2015-02-11 20:57 - 00000000 ___DC () C:\Users\Bridget\ipad upload pic backup files 2,11,2015
2015-02-11 17:20 - 2015-01-13 23:47 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-02-11 17:20 - 2015-01-13 23:09 - 00342712 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-02-11 17:20 - 2015-01-11 21:05 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-02-11 17:20 - 2015-01-11 21:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-02-11 17:20 - 2015-01-11 20:48 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-02-11 17:20 - 2015-01-11 20:39 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-02-11 17:20 - 2015-01-11 20:34 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-02-11 17:20 - 2015-01-11 20:25 - 19740160 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-02-11 17:20 - 2015-01-11 20:21 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-02-11 17:20 - 2015-01-11 20:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-02-11 17:20 - 2015-01-11 20:07 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-02-11 17:20 - 2015-01-11 20:07 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-02-11 17:20 - 2015-01-11 20:05 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-02-11 17:20 - 2015-01-11 20:02 - 02277888 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-02-11 17:20 - 2015-01-11 19:59 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-02-11 17:20 - 2015-01-11 19:48 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-02-11 17:20 - 2015-01-11 19:40 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-11 17:20 - 2015-01-11 19:35 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-02-11 17:20 - 2015-01-11 19:33 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-02-11 17:20 - 2015-01-11 19:23 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-02-11 17:20 - 2015-01-11 19:23 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-02-11 17:20 - 2015-01-11 19:14 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-02-11 17:20 - 2015-01-11 18:56 - 01307136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-02-11 17:20 - 2015-01-11 18:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-02-11 17:19 - 2015-01-11 21:09 - 25056256 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-02-11 17:19 - 2015-01-11 20:49 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-02-11 17:19 - 2015-01-11 20:48 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-02-11 17:19 - 2015-01-11 20:48 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-02-11 17:19 - 2015-01-11 20:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-02-11 17:19 - 2015-01-11 20:40 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-02-11 17:19 - 2015-01-11 20:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-02-11 17:19 - 2015-01-11 20:34 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-02-11 17:19 - 2015-01-11 20:25 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-02-11 17:19 - 2015-01-11 20:21 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-02-11 17:19 - 2015-01-11 20:08 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-02-11 17:19 - 2015-01-11 20:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-02-11 17:19 - 2015-01-11 20:07 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-02-11 17:19 - 2015-01-11 20:04 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-02-11 17:19 - 2015-01-11 20:00 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-02-11 17:19 - 2015-01-11 19:57 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-02-11 17:19 - 2015-01-11 19:55 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-02-11 17:19 - 2015-01-11 19:48 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-02-11 17:19 - 2015-01-11 19:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-02-11 17:19 - 2015-01-11 19:46 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-02-11 17:19 - 2015-01-11 19:45 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-02-11 17:19 - 2015-01-11 19:43 - 14401024 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-02-11 17:19 - 2015-01-11 19:36 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-02-11 17:19 - 2015-01-11 19:27 - 02358272 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-02-11 17:19 - 2015-01-11 19:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-02-11 17:19 - 2015-01-11 19:14 - 12829184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-02-11 17:19 - 2015-01-11 19:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-02-11 17:19 - 2015-01-11 19:00 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-02-11 17:19 - 2015-01-10 00:48 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-02-11 17:19 - 2015-01-10 00:27 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 17:18 - 2015-02-03 21:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 17:18 - 2015-02-03 21:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 17:18 - 2015-01-27 17:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 17:17 - 2015-01-15 02:14 - 00155072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-02-11 17:17 - 2015-01-15 02:14 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-02-11 17:17 - 2015-01-15 02:09 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-02-11 17:17 - 2015-01-15 02:09 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-02-11 17:17 - 2015-01-15 02:09 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-02-11 17:17 - 2015-01-15 02:08 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-02-11 17:17 - 2015-01-15 02:06 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-02-11 17:17 - 2015-01-15 02:06 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-02-11 17:17 - 2015-01-15 02:04 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-02-11 17:17 - 2015-01-15 01:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-02-11 17:17 - 2015-01-15 01:42 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-02-11 17:17 - 2015-01-15 01:41 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-02-11 17:17 - 2015-01-15 01:39 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-02-11 17:17 - 2015-01-15 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-02-11 17:17 - 2015-01-15 01:37 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-02-11 17:17 - 2015-01-14 22:22 - 00458824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-02-11 17:17 - 2015-01-12 21:10 - 01424384 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-02-11 17:17 - 2015-01-12 20:49 - 01230336 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-02-11 17:17 - 2014-12-11 23:31 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-02-11 17:17 - 2014-12-11 23:07 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-02-11 17:17 - 2014-11-25 21:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 17:17 - 2014-11-25 21:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 17:17 - 2014-07-06 20:07 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-02-11 17:17 - 2014-07-06 20:06 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-02-11 17:17 - 2014-07-06 19:40 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-02-11 17:17 - 2014-07-06 19:40 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-02-11 17:16 - 2015-01-14 00:09 - 05554112 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-02-11 17:16 - 2015-01-14 00:05 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-02-11 17:16 - 2015-01-14 00:05 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-02-11 17:16 - 2015-01-14 00:04 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-02-11 17:16 - 2015-01-13 23:44 - 03972544 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-02-11 17:16 - 2015-01-13 23:44 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-02-11 17:16 - 2015-01-13 23:41 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-02-11 17:16 - 2015-01-08 20:03 - 03201536 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-02-11 17:16 - 2014-12-07 21:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 17:16 - 2014-12-07 20:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-05 20:23 - 2015-02-05 20:23 - 00000197 ____C () C:\windows\system32\2015-02-06-02-23-21.079-AvastVBoxSVC.exe-1508.log
2015-02-05 19:58 - 2015-02-05 19:58 - 00000197 ____C () C:\windows\system32\2015-02-06-01-58-03.078-AvastVBoxSVC.exe-4936.log
2015-01-29 11:57 - 2015-01-29 11:57 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2015-01-29 10:52 - 2015-01-29 10:52 - 00000197 ____C () C:\windows\system32\2015-01-29-16-52-31.005-AvastVBoxSVC.exe-3748.log
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-21 14:18 - 2009-07-13 22:45 - 00019248 ___HC () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-21 14:18 - 2009-07-13 22:45 - 00019248 ___HC () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-21 14:13 - 2012-04-18 07:54 - 00000830 ____C () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-02-21 13:51 - 2010-09-06 19:30 - 01511271 ____C () C:\windows\WindowsUpdate.log
2015-02-21 12:13 - 2014-11-23 00:58 - 00000000 ___DC () C:\Program Files\Adobe
2015-02-21 12:04 - 2013-03-14 16:53 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-21 12:01 - 2013-10-03 14:14 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Adobe
2015-02-21 12:00 - 2009-07-13 23:08 - 00000006 ___HC () C:\windows\Tasks\SA.DAT
2015-02-21 12:00 - 2008-07-02 23:40 - 00000438 ____C () C:\windows\system32\Drivers\etc\hosts.ics
2015-02-21 12:00 - 2008-05-22 19:55 - 00117623 ____C () C:\windows\setupact.log
2015-02-21 03:08 - 2014-11-06 23:37 - 00007628 ____C () C:\Users\Bridget\AppData\Local\Resmon.ResmonCfg
2015-02-20 10:15 - 2008-05-22 19:55 - 00992022 ____C () C:\windows\PFRO.log
2015-02-20 10:14 - 2008-07-02 13:57 - 00000000 ___DC () C:\ProgramData\IePluginServices
2015-02-20 10:03 - 2010-07-22 18:58 - 00000000 ___DC () C:\Program Files (x86)\Google
2015-02-19 19:23 - 2008-05-22 07:25 - 00047417 ____C () C:\windows\IE11_main.log
2015-02-19 00:40 - 2012-06-07 11:59 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\SoftGrid Client
2015-02-18 13:06 - 2009-07-13 23:13 - 00783464 ____C () C:\windows\system32\PerfStringBackup.INI
2015-02-18 05:45 - 2008-06-13 04:45 - 00000288 ____C () C:\windows\Tasks\RegClean Pro_UPDATES.job
2015-02-18 03:29 - 2011-02-25 19:41 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Adobe
2015-02-18 03:10 - 2014-11-23 00:52 - 00000000 ___DC () C:\Program Files\Common Files\Adobe
2015-02-18 03:08 - 2014-11-15 02:41 - 00000000 ___DC () C:\Users\Bridget\Creative Cloud Files
2015-02-18 03:06 - 2010-09-06 19:52 - 00000000 ___DC () C:\ProgramData\Adobe
2015-02-13 21:30 - 2009-07-13 23:08 - 00032606 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-02-13 17:33 - 2014-11-23 20:21 - 00000000 ___DC () C:\ProgramData\regid.1986-12.com.adobe
2015-02-13 17:30 - 2010-09-06 19:52 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2015-02-13 14:28 - 2011-02-25 19:24 - 00000000 ___DC () C:\Users\Bridget
2015-02-13 12:49 - 2011-02-25 20:46 - 00000000 ___DC () C:\Users\Bridget\AppData\Local\Google
2015-02-13 12:43 - 2013-10-08 20:53 - 00000000 ___DC () C:\Users\Bridget\Desktop\Daytonas pics
2015-02-13 12:40 - 2012-08-27 09:52 - 00000000 ___DC () C:\Users\Bridget\Desktop\lil wayne
2015-02-13 09:29 - 2014-11-12 17:01 - 00000000 ___DC () C:\ProgramData\Package Cache
2015-02-13 03:37 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2015-02-12 23:46 - 2010-07-22 18:50 - 00000000 __HDC () C:\Program Files (x86)\InstallShield Installation Information
2015-02-12 23:45 - 2010-07-22 18:57 - 00000000 ___DC () C:\ProgramData\Toshiba
2015-02-12 23:45 - 2010-07-22 18:50 - 00000000 ___DC () C:\Program Files\TOSHIBA
2015-02-12 23:41 - 2010-07-22 18:50 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-02-12 19:58 - 2012-09-09 10:52 - 00000000 ___DC () C:\ProgramData\Apple
2015-02-12 18:29 - 2008-05-22 19:50 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-02-12 18:28 - 2008-05-22 08:05 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall
2015-02-12 16:39 - 2009-07-13 22:45 - 00278856 ____C () C:\windows\system32\FNTCACHE.DAT
2015-02-12 16:37 - 2014-12-10 03:27 - 00000000 ___DC () C:\windows\system32\appraiser
2015-02-12 16:37 - 2014-11-08 03:04 - 00000000 __SDC () C:\windows\system32\CompatTel
2015-02-11 23:47 - 2013-09-16 15:36 - 00000000 ___DC () C:\windows\system32\MRT
2015-02-11 23:40 - 2011-04-08 15:54 - 116773704 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-02-05 22:53 - 2011-09-26 23:05 - 00000000 ___DC () C:\ProgramData\Skype
2015-02-05 22:50 - 2014-11-06 22:20 - 00000000 ___DC () C:\Users\Bridget\AppData\Roaming\JAM Software
2015-02-05 22:47 - 2013-02-13 15:18 - 00000000 _SHDC () C:\AI_RecycleBin
2015-02-05 21:58 - 2011-03-21 11:16 - 00000000 ___DC () C:\ProgramData\AVAST Software
2015-02-05 21:09 - 2014-11-13 02:39 - 00000000 ___DC () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-02-05 21:09 - 2013-06-24 19:14 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2015-02-05 21:07 - 2013-06-24 19:14 - 00000000 ___DC () C:\Program Files\iPod
2015-02-05 20:52 - 2012-06-07 11:58 - 00776078 ____C () C:\windows\SysWOW64\PerfStringBackup.INI
2015-02-05 20:29 - 2009-07-13 23:32 - 00000000 __RDC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-05 20:18 - 2014-12-31 22:57 - 00000000 ___DC () C:\Program Files (x86)\AVG
2015-02-05 20:18 - 2014-12-31 22:52 - 00000000 ___DC () C:\ProgramData\MFAData
2015-02-05 20:18 - 2014-11-09 09:08 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-05 19:56 - 2012-04-18 07:54 - 00701616 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-05 19:56 - 2012-04-18 07:54 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-05 19:56 - 2011-07-06 08:21 - 00071344 ____C (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-11-07 12:56 - 2014-11-07 14:10 - 10137600 ____C () C:\Program Files (x86)\GUTA62E.tmp
2014-12-01 01:30 - 2014-12-01 01:30 - 0000049 ____C () C:\Users\Bridget\AppData\Roaming\mbam.context.scan
2014-12-21 19:29 - 2014-12-26 00:29 - 0000128 ____C () C:\Users\Bridget\AppData\Roaming\WB.CFG
2014-12-26 00:29 - 2014-12-26 00:29 - 0234679 ____C () C:\Users\Bridget\AppData\Local\dsi1.dat
2014-12-26 00:29 - 2014-12-26 00:29 - 0161916 ____C () C:\Users\Bridget\AppData\Local\dsi2.dat
2008-01-01 00:31 - 2008-01-01 00:31 - 0000889 ____C () C:\Users\Bridget\AppData\Local\recently-used.xbel
2014-11-06 23:37 - 2015-02-21 03:08 - 0007628 ____C () C:\Users\Bridget\AppData\Local\Resmon.ResmonCfg
2008-05-22 08:05 - 2008-05-22 08:05 - 0358193 ____C () C:\Users\Bridget\AppData\Local\speedial.crx
2014-12-10 18:14 - 2014-12-11 22:56 - 0000952 __SHC () C:\ProgramData\KGyGaAvL.sys
 
Some content of TEMP:
====================
C:\Users\Bridget\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx8gn6s.dll
C:\Users\Bridget\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Bridget\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Bridget\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Bridget\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Bridget\AppData\Local\Temp\SDShelEx-x64.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-13 03:30
 
==================== End Of Log ============================

  • 0

#4
Jeremy7777
Posted 21 February 2015 - 02:22 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-02-2015
Ran by Bridget at 2015-02-21 14:19:41
Running from C:\Users\Bridget\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Disabled - Up to date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.9.0.465 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AppNHost 1.0.5.1 (HKLM-x32\...\{A8CB86C7-CD4C-4C4F-AF6A-33D1CAC63562}) (Version: 1.0.5.1 - Mixesoft Project)
ATI Catalyst Install Manager (HKLM\...\{5792CD64-61B4-C448-0D22-3C51DD73AB2A}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (x32 Version: 2010.0315.1050.17562 - ATI) Hidden
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.349 - Corel Inc.)
DownloadX ActiveX Download Control 1.6.8 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version:  - DownloadXCtrl.com)
Elite Unzip (HKLM-x32\...\Mindspark Elite Unzip) (Version: 1.1.8161.280 - Mindspark Interactive Network) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Java™ 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{2BF35D84-6377-4F70-9F39-97CF67E67FFF}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.0.0.128 - Symantec Corporation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Strongvault Online Backup (HKLM-x32\...\{692EF506-1E15-4473-A829-ED951D6C49DB}) (Version: 2.0.0 - Strongvault) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.2.0 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
Toshiba Book Place (HKLM-x32\...\{BB51B753-9A0C-4D1D-B3EF-A1B936F55796}) (Version: 2.0.3977.0 - K-NFB Reading Technology, Inc.)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 2.1.5889 - K-NFB Reading Technology, Inc.)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.24 - Toshiba)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Bridget\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
 
==================== Restore Points  =========================
 
10-12-2014 02:07:50 Installed Realtek WLAN Driver
10-12-2014 02:11:30 Removed TOSHIBA Assist
10-12-2014 02:13:42 Configured TOSHIBA Bulletin Board
10-12-2014 02:18:52 Removed TOSHIBA Flash Cards Support Utility
10-12-2014 02:20:26 Configured TOSHIBA HDD/SSD Alert
10-12-2014 03:00:18 Windows Update
11-12-2014 22:54:16 Removed DriverUpdate
12-12-2014 03:00:15 Windows Update
18-12-2014 18:49:37 Windows Update
18-12-2014 21:39:37 Windows Update
19-12-2014 13:35:46 avast! antivirus system restore point
21-12-2014 19:47:11 Installed iTunes
26-12-2014 00:29:58 Windows Update
26-12-2014 00:33:34 Removed GeekBuddy.
30-12-2014 22:41:53 Windows Update
31-12-2014 22:22:36 Installed Microsoft Fix it 50123
31-12-2014 22:56:35 Installed AVG 2015
31-12-2014 22:57:26 Installed AVG 2015
01-01-2015 00:48:01 Installed AVG PC TuneUp 2015
04-01-2015 15:53:58 Removed Apple Application Support
04-01-2015 15:56:39 Removed Apple Mobile Device Support
17-01-2015 15:44:39 Scheduled Checkpoint
18-01-2015 02:59:21 Windows Update
05-02-2015 19:59:36 Removed AVG PC TuneUp 2015
05-02-2015 20:02:03 Removed AVG PC TuneUp 2015 (en-US)
05-02-2015 20:07:15 Removed Visual Studio 2012 x86 Redistributables
05-02-2015 20:09:12 Removed Visual Studio 2012 x64 Redistributables
05-02-2015 20:13:14 Removed AVG 2015
05-02-2015 20:15:27 Removed AVG 2015
05-02-2015 20:27:59 Windows Modules Installer
05-02-2015 20:46:13 Windows Update
05-02-2015 21:05:36 Removed iTunes
05-02-2015 21:55:10 avast! antivirus system restore point
05-02-2015 22:48:38 Removed Bonjour
05-02-2015 22:50:30 Removed Skype™ 6.11
05-02-2015 22:52:55 Removed Skype™ 6.11
05-02-2015 22:54:37 Removed Quickbooks Financial Center
05-02-2015 23:10:54 Removed Windows Live Sign-in Assistant
11-02-2015 17:16:34 Windows Update
11-02-2015 23:38:49 Windows Update
12-02-2015 19:58:57 Installed iCloud
12-02-2015 21:48:16 Windows Backup
12-02-2015 23:41:22 Removed TOSHIBA Media Controller
12-02-2015 23:44:42 Configured TOSHIBA Face Recognition
12-02-2015 23:46:43 Removed TOSHIBA Web Camera Application
13-02-2015 03:00:28 Windows Update
13-02-2015 09:24:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
13-02-2015 09:25:01 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
13-02-2015 09:26:21 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
13-02-2015 09:27:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
13-02-2015 12:48:35 Removed Google Drive
13-02-2015 17:08:47 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
13-02-2015 17:10:07 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-02-2015 04:31:59 Windows Update
17-02-2015 04:44:48 Windows Defender Checkpoint
18-02-2015 22:31:16 Installed QuickTime 7
20-02-2015 10:12:43 Software Removal Tool
20-02-2015 11:14:40 Installed AppNHost 1.0.5.1
21-02-2015 12:10:28 Removed Adobe Photoshop Lightroom 5.7.1 64-bit.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2014-12-26 00:38 - 00000869 ____C C:\windows\system32\Drivers\etc\hosts
127.0.0.1 d3oxij66pru1i3.cloudfront.net
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {03AABE41-F279-4120-8147-CC5FBD23EF8F} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {1B2BAE5D-34F5-4040-BD75-3313A4E04D4D} - System32\Tasks\Optimum_Daily => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTION
Task: {2C87FAC2-2012-4DA9-AEFE-D0ACCE886825} - System32\Tasks\{686B9446-0632-43EF-848D-7C8C4FAFECF8} => C:\Program Files (x86)\Modio\Modio.exe
Task: {3098C22B-08A6-44C3-834A-9E4704A2F0F4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-20] (Google Inc.)
Task: {37AEAB9D-62A4-421E-AB22-F79285654A19} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {437A75DC-BECB-4129-B0C0-D7DA476F8A5A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {4CE75FC7-E81C-4822-9EDF-4C724A5B20AF} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {54656568-EAA1-4440-A7CB-1FD5AB38AF2D} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {592BC124-C01D-45EC-9D35-E25F60B87436} - System32\Tasks\AdobeAAMUpdater-1.0-Bridget-PC-Bridget => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {8264D18A-71D1-4341-9749-FF6A99962032} - System32\Tasks\{09504B40-0564-49A7-AF52-B9A4A5327A78} => Firefox.exe http://ui.skype.com/...e=tsProgressBar
Task: {86A76A15-CCE4-4BCB-BB4D-525AC17BAD75} - System32\Tasks\{3644A2E3-C346-4E05-938C-576B626DE708} => pcalua.exe -a "C:\Users\Bridget\Downloads\oPryzeLP_setup (1).exe" -d C:\Users\Bridget\Downloads
Task: {8F2B0D3C-F0E3-4462-8211-50D7BC9C2F09} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {92216D2F-9C5C-4776-B581-FF9C1152D18F} - System32\Tasks\{D68EBFB4-1F88-45BE-8BD7-74E03705D8DE} => pcalua.exe -a C:\Users\Bridget\Downloads\dxwebsetup(2).exe -d C:\Users\Bridget\Downloads
Task: {94295C61-2DEF-43FB-B78A-2CB3AB8D904E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {95F9ABFD-ED30-4566-97BE-98FD9C1E4C78} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {A4544390-F79D-4C85-91AE-AE98207ADAAC} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {C91DF1F1-7DD7-463B-9006-3684E0FB9BE3} - System32\Tasks\{61493062-FC9F-47FD-B49C-029F4BCA6B18} => pcalua.exe -a C:\Users\Bridget\Downloads\dxwebsetup(1).exe -d C:\Users\Bridget\Downloads
Task: {D32BF5E7-4DE2-4126-AC16-57DF6C89D4F5} - System32\Tasks\avastBCLRestartS-1-5-21-1494171341-1486453739-2533022584-1001 => Firefox.exe 
Task: {DD7BF3C8-F8A6-4DDF-BD21-F4CF75E76958} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {EE773809-3814-4654-B152-CCD5E7B52C61} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {F8D40135-8C44-4D8D-A2CB-ABEFF2076062} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {FE06104E-6CFE-4591-A300-77E2E03C0F94} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-20] (Google Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) ==============
 
2014-12-19 15:57 - 2014-12-19 15:57 - 01039008 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2009-10-13 11:00 - 2009-10-13 11:00 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-06 19:31 - 2010-09-06 19:31 - 00270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-19 15:57 - 2014-12-19 15:57 - 05979808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-01-07 21:27 - 2015-01-07 21:27 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00746160 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2015-01-07 21:27 - 2015-01-07 21:27 - 00136368 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libegl.dll
2015-02-20 10:03 - 2015-02-17 16:44 - 01117512 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-20 10:03 - 2015-02-17 16:44 - 00211272 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-20 10:03 - 2015-02-17 16:44 - 09171272 ____C () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:770B11C9
AlternateDataStreams: C:\ProgramData\TEMP:ABE30DDB
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bridget\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IceDragonUpdater => 2
MSCONFIG\Services: IePluginServices => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: pcregservice => 2
MSCONFIG\Services: SearchProtectionService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TosCoSrv => 2
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: wbsvc => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
MSCONFIG\startupreg: iLivid => "C:\Users\Bridget\AppData\Local\iLivid\iLivid.exe" -autorun
MSCONFIG\startupreg: KeNotify => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SMessaging => C:\Users\Bridget\AppData\Local\Strongvault Online Backup\SMessaging.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1494171341-1486453739-2533022584-500 - Administrator - Disabled)
Bridget (S-1-5-21-1494171341-1486453739-2533022584-1001 - Administrator - Enabled) => C:\Users\Bridget
Guest (S-1-5-21-1494171341-1486453739-2533022584-501 - Administrator - Disabled)
HomeGroupUser$ (S-1-5-21-1494171341-1486453739-2533022584-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/21/2015 00:26:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/20/2015 02:11:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/19/2015 11:11:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1".Error in manifest or policy file "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" on line WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/18/2015 10:31:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary F06DEFF2-5B9C-490D-910F-35D3A9119622.
 
System Error:
The system cannot find the file specified.
.
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21926237
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21926237
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12543
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12543
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (02/21/2015 00:00:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SRTSP
 
Error: (02/21/2015 00:00:17 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (02/21/2015 11:59:58 AM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.
 
Error: (02/21/2015 11:59:58 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
 
Error: (02/21/2015 03:16:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SRTSP
 
Error: (02/21/2015 03:16:34 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (02/21/2015 03:16:16 AM) (Source: SRTSP) (EventID: 5) (User: )
Description: Error loading Symantec real time Anti-Virus driver.
 
Error: (02/21/2015 03:16:16 AM) (Source: SRTSP) (EventID: 4) (User: )
Description: Error loading virus definitions.
 
Error: (02/20/2015 10:15:49 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
SRTSP
 
Error: (02/20/2015 10:15:24 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
 
Microsoft Office Sessions:
=========================
Error: (02/21/2015 00:26:59 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 
Error: (02/20/2015 02:11:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 
Error: (02/19/2015 11:11:31 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 
Error: (02/18/2015 10:31:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary F06DEFF2-5B9C-490D-910F-35D3A9119622.
 
System Error:
The system cannot find the file specified.
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21926237
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21926237
 
Error: (02/18/2015 01:04:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12543
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12543
 
Error: (02/18/2015 06:58:53 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II P340 Dual-Core Processor
Percentage of memory in use: 53%
Total physical RAM: 3835.68 MB
Available physical RAM: 1801.75 MB
Total Pagefile: 7669.55 MB
Available Pagefile: 5451.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (TI105955W0C) (Fixed) (Total:285.75 GB) (Free:87.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: FF592F49)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=10.9 GB) - (Type=17)
 
==================== End Of Log ============================

  • 0

#5
Jeremy7777
Posted 21 February 2015 - 02:25 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

honestly im not even sure how to describe isssues, i have used reg cleaners and pc boost and later learned reg errors may not be an issue. ive also noticed files in my pc that are listed as potential virus and malware


  • 0

#6
Jeremy7777
Posted 21 February 2015 - 02:27 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

internet explorer dosnt work either 


  • 0

#7
Nevan
Posted 21 February 2015 - 04:08 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Jeremy7777.

We need to do another check. Please, perform the following instructions.

CKScanner
  • Download CKScanner and save it to your Desktop.
  • Right click CKScanner.exe and select Run as administrator.
  • Give permission if necessary, and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved. Please run the program once only.
  • Double-click the CKFiles.txt on your desktop and copy/paste the content in your next reply.

  • 0

#8
Jeremy7777
Posted 21 February 2015 - 04:22 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\program files\gimp 2\share\gimp\2.0\patterns\cracked.pat
scanner sequence 3.NA.11.HBAPB0
 ----- EOF ----- 

  • 0

#9
Jeremy7777
Posted 21 February 2015 - 04:30 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

I guess my default save location is my "download" file, when I send the file to the desk top do I delete the file from the downloads list, it says I'm creating a short cut to the desk top..again i apologize for my lack of common computer sense. if possible, give instructions on the correct way to move the files from my "downloads" to my desktop,  and how to change the save location for future downloads for you.. thanks 


  • 0

#10
Nevan
Posted 22 February 2015 - 02:42 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, Jeremy7777.

To properly move a file from one location to Desktop, click that file once, click CTRL+X combination on your keyboard, then move to Desktop and click CTRL+V.

About the download locations, it varies depending on the browser that you're using:
Internet Explorer: Click the 5Y2IijN.png button at the upper-right corner of the browser, select View downloads, then at the new window click Options, click Browse, select Desktop and click Select Folder.
Mozilla Firefox: Click the 2014-01-10-13-08-08-f52b8c.png button at the upper-right corner of the browser, click Options, select General tab, click Browse, select Desktop and click Select Folder.
Google Chrome: Click the 2014-01-10-13-08-08-f52b8c.png button at the upper-right corner of the browser, click Settings, click Show advanced settings..., scroll down until you find the Downloads section, select Desktop and click OK.

Please, perform the following instructions and tell me if your computer is running better after that.
 
Step #1
Uninstalling programs

Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove the following programs:
  • Elite Unzip
  • Strongvault Online Backup
 
Step #2
FRST Fix

Remember to move your FRST64.exe to Desktop.
  • Download attached fixlist.txt file to your desktop.
    Attached File  fixlist.txt   7.9KB   299 downloads
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Right click FRST64.exe on your desktop and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Press the Fix button just once and wait.
    NOTE: It's important that both FRST64.exe and fixlist.txt are in the same location or the fix will not work.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished, FRST will generate a log on the desktop (Fixlog.txt). Select all (CTRL+A) the content of the log, copy it (CTRL+C) and paste (CTRL+V) it into your next reply.
 
Things that should appear in your next post:
  • Fixlog.txt log content
  • Please tell me if you still have any problems with your computer

  • 0

Advertisements

#11
Jeremy7777
Posted 22 February 2015 - 02:59 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

i uninstalled elite unzip but received this message when attempting to uninstall strong vault...there is a problem with this windows installer pacckage a program required for the instal to complete could not be run. contact your support personnel or package vendor. ill wait for instructions before completing the next step.


  • 0

#12
Nevan
Posted 22 February 2015 - 03:19 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Just move forward to step #2.
  • 0

#13
Jeremy7777
Posted 22 February 2015 - 03:44 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-02-2015
Ran by Bridget at 2015-02-22 15:23:21 Run:1
Running from C:\Users\Bridget\Desktop
Loaded Profiles: Bridget (Available profiles: Bridget)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
C:\Program Files (x86)\Lavasoft\Web Companion
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\MountPoints2: {38078d4b-a1e0-11dd-a8e4-88ae1d490acc} - E:\Autorun.exe
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\...\MountPoints2: {40721f25-9dcd-11dd-8a6f-88ae1d490acc} - E:\MotorolaDeviceManagerSetup.exe -a
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
C:\PROGRA~2\SupTab
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
SearchScopes: HKLM -> DefaultScope {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://Vosteran.com/...r=541885164&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKLM -> {D19EE6DA-2378-4E89-A48A-509CB5EB910D} URL = http://Vosteran.com/...r=541885164&ir=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://Vosteran.com/...=1003046661&ir=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\.DEFAULT -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> C21C9A5F607F44EF983234E68BA51160 URL = 
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = http://www.default-s...p={searchTerms}
SearchScopes: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = 
BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} ->  No File
BHO-x32: No Name -> {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} ->  No File
BHO-x32: No Name -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKU\S-1-5-21-1494171341-1486453739-2533022584-1001 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safesearch.xml
FF Extension: Perfect Redirector - C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\{4B797F68-9C25-4926-8959-728E54D7B699}.xpi [2015-02-13]
FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox
C:\Program Files (x86)\RelevantKnowledge
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Bridget\AppData\Local\speedial.crx [2008-05-22]
CHR HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\Bridget\AppData\Local\speedial.crx [2008-05-22]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [Not Found]
C:\Program Files (x86)\DefaultTab
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-02-13]
C:\Program Files (x86)\Yontoo
S4 70e6ca8c; "C:\windows\system32\rundll32.exe" "c:\progra~2\optimi~1\OptProCrashSvc.dll",ServiceMain
c:\progra~2\optimi~1
S4 IePluginServices; No ImagePath
2015-02-21 03:07 - 2015-02-21 03:07 - 00804985 ____C () C:\Users\Bridget\Downloads\RegpairSetup.exe
2015-02-20 15:51 - 2015-02-20 15:51 - 02925856 ____C (BoostSoftware Inc. ) C:\Users\Bridget\Downloads\PCHealthBoost-Setup.exe
2015-02-18 05:45 - 2008-06-13 04:45 - 00000288 ____C () C:\windows\Tasks\RegClean Pro_UPDATES.job
2015-02-12 18:29 - 2008-05-22 19:50 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-02-05 20:18 - 2014-12-31 22:57 - 00000000 ___DC () C:\Program Files (x86)\AVG
2015-02-05 21:58 - 2011-03-21 11:16 - 00000000 ___DC () C:\ProgramData\AVAST Software
Task: {03AABE41-F279-4120-8147-CC5FBD23EF8F} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {1B2BAE5D-34F5-4040-BD75-3313A4E04D4D} - System32\Tasks\Optimum_Daily => C:\Program Files (x86)\Optimum PC Boost\OptimumPCBoost.exe <==== ATTENTION
C:\Program Files (x86)\Optimum PC Boost
Task: {37AEAB9D-62A4-421E-AB22-F79285654A19} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
C:\Windows\BuzzSocialPointsChecker
Task: {4CE75FC7-E81C-4822-9EDF-4C724A5B20AF} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
C:\Program Files (x86)\Pro PC Cleaner
Task: {54656568-EAA1-4440-A7CB-1FD5AB38AF2D} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
C:\Program Files (x86)\RegClean Pro
Task: {86A76A15-CCE4-4BCB-BB4D-525AC17BAD75} - System32\Tasks\{3644A2E3-C346-4E05-938C-576B626DE708} => pcalua.exe -a "C:\Users\Bridget\Downloads\oPryzeLP_setup (1).exe" -d C:\Users\Bridget\Downloads
Task: {92216D2F-9C5C-4776-B581-FF9C1152D18F} - System32\Tasks\{D68EBFB4-1F88-45BE-8BD7-74E03705D8DE} => pcalua.exe -a C:\Users\Bridget\Downloads\dxwebsetup(2).exe -d C:\Users\Bridget\Downloads
Task: {95F9ABFD-ED30-4566-97BE-98FD9C1E4C78} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
C:\Program Files (x86)\Advanced System Protector
Task: {C91DF1F1-7DD7-463B-9006-3684E0FB9BE3} - System32\Tasks\{61493062-FC9F-47FD-B49C-029F4BCA6B18} => pcalua.exe -a C:\Users\Bridget\Downloads\dxwebsetup(1).exe -d C:\Users\Bridget\Downloads
Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
C:\Program Files (x86)\RegClean Pro
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:770B11C9
AlternateDataStreams: C:\ProgramData\TEMP:ABE30DDB
Hosts:
EmptyTemp:
CMD: bitsadmin /reset /allusers
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state off
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F
Reg: Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
Reg: Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F
*****************
 
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Web Companion => value deleted successfully.
"C:\Program Files (x86)\Lavasoft\Web Companion" => File/Directory not found.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideSCAHealth => value deleted successfully.
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38078d4b-a1e0-11dd-a8e4-88ae1d490acc}" => Key deleted successfully.
HKCR\CLSID\{38078d4b-a1e0-11dd-a8e4-88ae1d490acc} => Key not found. 
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{40721f25-9dcd-11dd-8a6f-88ae1d490acc}" => Key deleted successfully.
HKCR\CLSID\{40721f25-9dcd-11dd-8a6f-88ae1d490acc} => Key not found. 
"C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value Data removed successfully.
"C:\PROGRA~2\SupTab" => File/Directory not found.
"C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value Data removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => Key deleted successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Key not found. 
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D19EE6DA-2378-4E89-A48A-509CB5EB910D}" => Key deleted successfully.
HKCR\CLSID\{D19EE6DA-2378-4E89-A48A-509CB5EB910D} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found. 
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\C21C9A5F607F44EF983234E68BA51160" => Key deleted successfully.
HKCR\CLSID\C21C9A5F607F44EF983234E68BA51160 => Key not found. 
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} => Key not found. 
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} => Key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{b278d9f8-0fa9-465e-9938-0c392605d8e3} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{b278d9f8-0fa9-465e-9938-0c392605d8e3} => Key not found. 
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found. 
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => value deleted successfully.
HKCR\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} => Key not found. 
HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} => value deleted successfully.
HKCR\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} => Key not found. 
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml => Moved successfully.
C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safesearch.xml => Moved successfully.
C:\Users\Bridget\AppData\Roaming\Mozilla\Firefox\Profiles\avb5pwdi.default\Extensions\{4B797F68-9C25-4926-8959-728E54D7B699}.xpi => Moved successfully.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{C7AE725D-FA5C-4027-BB4C-787EF9F8248A} => value deleted successfully.
"C:\Program Files (x86)\RelevantKnowledge" => File/Directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa" => Key deleted successfully.
C:\Users\Bridget\AppData\Local\speedial.crx => Moved successfully.
"HKU\S-1-5-21-1494171341-1486453739-2533022584-1001\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa" => Key deleted successfully.
"C:\Users\Bridget\AppData\Local\speedial.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc" => Key deleted successfully.
"C:\Program Files (x86)\DefaultTab" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc" => Key deleted successfully.
C:\Program Files (x86)\Yontoo\YontooLayers.crx => Moved successfully.
C:\Program Files (x86)\Yontoo => Moved successfully.
70e6ca8c => Service deleted successfully.
"c:\progra~2\optimi~1" => File/Directory not found.
IePluginServices => Service deleted successfully.
"C:\Users\Bridget\Downloads\RegpairSetup.exe" => File/Directory not found.
"C:\Users\Bridget\Downloads\PCHealthBoost-Setup.exe" => File/Directory not found.
C:\windows\Tasks\RegClean Pro_UPDATES.job => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 => Moved successfully.
C:\Program Files (x86)\AVG => Moved successfully.
C:\ProgramData\AVAST Software => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{03AABE41-F279-4120-8147-CC5FBD23EF8F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03AABE41-F279-4120-8147-CC5FBD23EF8F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B2BAE5D-34F5-4040-BD75-3313A4E04D4D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B2BAE5D-34F5-4040-BD75-3313A4E04D4D}" => Key deleted successfully.
C:\Windows\System32\Tasks\Optimum_Daily => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimum_Daily" => Key deleted successfully.
"C:\Program Files (x86)\Optimum PC Boost" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37AEAB9D-62A4-421E-AB22-F79285654A19}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37AEAB9D-62A4-421E-AB22-F79285654A19}" => Key deleted successfully.
C:\Windows\System32\Tasks\BuzzSocialPoints_DNS_Checker => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BuzzSocialPoints_DNS_Checker" => Key deleted successfully.
C:\Windows\BuzzSocialPointsChecker => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4CE75FC7-E81C-4822-9EDF-4C724A5B20AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CE75FC7-E81C-4822-9EDF-4C724A5B20AF}" => Key deleted successfully.
C:\Windows\System32\Tasks\ProPCCleaner_Start => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start" => Key deleted successfully.
"C:\Program Files (x86)\Pro PC Cleaner" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{54656568-EAA1-4440-A7CB-1FD5AB38AF2D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{54656568-EAA1-4440-A7CB-1FD5AB38AF2D}" => Key deleted successfully.
C:\Windows\System32\Tasks\RegClean Pro_UPDATES => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES" => Key deleted successfully.
"C:\Program Files (x86)\RegClean Pro" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86A76A15-CCE4-4BCB-BB4D-525AC17BAD75}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86A76A15-CCE4-4BCB-BB4D-525AC17BAD75}" => Key deleted successfully.
C:\Windows\System32\Tasks\{3644A2E3-C346-4E05-938C-576B626DE708} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3644A2E3-C346-4E05-938C-576B626DE708}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92216D2F-9C5C-4776-B581-FF9C1152D18F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92216D2F-9C5C-4776-B581-FF9C1152D18F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{D68EBFB4-1F88-45BE-8BD7-74E03705D8DE} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D68EBFB4-1F88-45BE-8BD7-74E03705D8DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{95F9ABFD-ED30-4566-97BE-98FD9C1E4C78}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95F9ABFD-ED30-4566-97BE-98FD9C1E4C78}" => Key deleted successfully.
C:\Windows\System32\Tasks\Advanced System Protector_startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System Protector_startup" => Key deleted successfully.
"C:\Program Files (x86)\Advanced System Protector" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C91DF1F1-7DD7-463B-9006-3684E0FB9BE3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C91DF1F1-7DD7-463B-9006-3684E0FB9BE3}" => Key deleted successfully.
C:\Windows\System32\Tasks\{61493062-FC9F-47FD-B49C-029F4BCA6B18} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{61493062-FC9F-47FD-B49C-029F4BCA6B18}" => Key deleted successfully.
C:\windows\Tasks\RegClean Pro_UPDATES.job not found.
"C:\Program Files (x86)\RegClean Pro" => File/Directory not found.
C:\ProgramData\TEMP => ":373E1720" ADS removed successfully.
C:\ProgramData\TEMP => ":770B11C9" ADS removed successfully.
C:\ProgramData\TEMP => ":ABE30DDB" ADS removed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
{F1239E9C-E3D6-46B7-BF19-DF5E2DC4DA95} canceled.
{865E309C-E319-4401-99CB-1C5F73B972E3} canceled.
{7C5C51F2-82ED-4A6E-9A67-9EA4969AED26} canceled.
{72242D71-DC33-4596-8EC9-4E8A0E7E9A61} canceled.
4 out of 4 jobs canceled.
 
========= End of CMD: =========
 
 
=========  netsh advfirewall reset =========
 
Ok.
 
 
========= End of CMD: =========
 
 
=========  netsh advfirewall set allprofiles state off =========
 
Ok.
 
 
========= End of CMD: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========
 
ERROR: The system was unable to find the specified registry key or value.
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartupApproved" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Delete "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= Reg Add "HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg" /F =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
EmptyTemp: => Removed 2.1 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 15:25:24 ====

  • 0

#14
Nevan
Posted 22 February 2015 - 04:22 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
So, how's your computer running now? Any difference?

Do you see something that bothers you?

We're not done yet, I'd just like to know as it'll make our work easier.
  • 0

#15
Jeremy7777
Posted 22 February 2015 - 04:24 PM

Jeremy7777

    Member

  • Topic Starter
  • Member
  • PipPip
  • 73 posts

seems to be more responsive, no error messages or anything noticeably wrong, 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Virus, malware, registry errors, duplicate file, overall help

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP