Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Browser Redirects and Ads Really Really Annoying [Closed]

Started by Jeris , Mar 16 2015 02:20 PM

  • This topic is locked This topic is locked

#1
Jeris
Posted 16 March 2015 - 02:20 PM

Jeris

    Member

  • Member
  • PipPip
  • 92 posts

i'm an idiot.  I downloaded that search protect pack with reg pro cleaner and all that junk...   Now my comuputer is super slow and my browser keeps redirecting me to ads and its really annoying.  PLEASE HELP ME ahh!

 

Thank you.  

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by New User (administrator) on JERISAMA-PC on 16-03-2015 09:39:34
Running from C:\Users\New User\Downloads\Desktop
Loaded Profiles: New User (Available profiles: New User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\dataup\dataup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
() C:\Windows\rcore.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
() C:\ProgramData\Online\updater.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PCUtilities Software Limited) C:\ProgramData\{9c4d2de5-1c79-57c2-9c4d-d2de51c7b794}\OptimizerProInstaller.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Users\New User\AppData\Local\Temp\20150316\ct.exe
() C:\Program Files (x86)\msrtn32\msrtn32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
() C:\ProgramData\a5srv5task\mcsvc.exe
() C:\Program Files\shopperz\grunt.exe
() C:\Program Files\shopperz\wrex.exe
() C:\Program Files\shopperz\wrex64.exe
() C:\Program Files\shopperz\csrcc.exe
() C:\Program Files\shopperz\nseven.exe
(PastaLeads) C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaleadss.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Piriform Ltd) C:\Program Files\Defraggler\df64.exe
() C:\Program Files (x86)\Mountain Bike\bin\tmp312D.tmp
() C:\Program Files (x86)\Mountain Bike\bin\MountainBike.expext.exe
() C:\Program Files (x86)\Mountain Bike\bin\MountainBike.PurBrowse64.exe
() C:\Program Files (x86)\Mountain Bike\bin\MountainBike.BrowserAdapter64.exe
() C:\Program Files (x86)\Mountain Bike\bin\MountainBike.BrowserAdapter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleChromeDAV.exe
() C:\Program Files (x86)\Mountain Bike\updateMountainBike.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\msrtn32\cdhtr.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
() C:\Program Files (x86)\msrtn32\rthdcpd.exe
() C:\Program Files (x86)\msrtn32\rthdcpd.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\wrex.exe [429944 2015-02-15] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\wrex64.exe [460664 2015-02-15] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [gmsd_us_265] => [X]
HKLM-x32\...\Run: [gmsd_us_275] => [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Google Update] => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-13] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [3EEACF25A3A34117C559996B7D8760AD66AA92BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-06] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Spotify Web Helper] => C:\Users\New User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-02-28] (Spotify Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.56\OptProLauncher.exe [1004584 2015-03-04] (PCUtilities Software Limited)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {cff3b6be-cbaa-11e4-a191-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {fa87911e-63d2-11e1-80d5-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\SysWOW64\GPhotos.scr [4558848 2014-01-06] (Google Inc.)
HKU\S-1-5-18\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\New User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC64Loader.dll [263952 2015-03-04] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\VC32Loader.dll [222480 2015-03-04] (Client Connect LTD)
AppInit_DLLs-x32:  c:/progra~3/{df443~1/192~1.1/dimo.dll => "c:\progra~3\{df443~1\192~1.1\dimo.dll" File Not Found
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerProInstaller.lnk
ShortcutTarget: OptimizerProInstaller.lnk -> C:\ProgramData\{9c4d2de5-1c79-57c2-9c4d-d2de51c7b794}\OptimizerProInstaller.exe (PCUtilities Software Limited)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: dfboottime \??\C:\windows\System32\dfboottime.cfgautocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....oshiba.com&OSP=
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...&D=031615&SSPV=
SearchScopes: HKLM -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserv...s={searchTerms}
SearchScopes: HKU\.DEFAULT -> {D907D19D-6A81-4774-9AFF-C790B0C5C570} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...&D=031615&SSPV=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...&D=031615&SSPV=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/r...r=388742277&ir=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0A525978-B1E2-4998-AE7B-D143EDA5177E} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {5DA706DD-FEC7-485C-836E-0F757801EEB0} URL = http://www.google.co...1I7TSNP_enUS492
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {A48F0BD4-00E1-4568-BFBC-3C85687C2088} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll [2013-01-30] (Ant.com)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Mountain Bike 1.0.0.7 -> {a8b71ba7-8a3a-46b8-b803-b4244d1ea31f} -> C:\Program Files (x86)\Mountain Bike\MountainBikebho.dll [2015-03-16] (Mountain Bike)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll [2013-01-30] (Ant.com)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Winsock: Catalog9 01 C:\windows\SysWOW64\BDL.dll [318808] (OM Inc.)
Winsock: Catalog9 02 C:\windows\SysWOW64\BDL.dll [318808] (OM Inc.)
Winsock: Catalog9 03 C:\windows\SysWOW64\BDL.dll [318808] (OM Inc.)
Winsock: Catalog9 04 C:\windows\SysWOW64\BDL.dll [318808] (OM Inc.)
Winsock: Catalog9 15 C:\windows\SysWOW64\BDL.dll [318808] (OM Inc.)
Tcpip\Parameters: [DhcpNameServer] 24.25.227.55 209.18.47.61 24.25.227.53
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\New User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @sun.com/npsopluginmi;version=1.0 -> C:\Program Files (x86)\OpenOffice.org 3\program No File
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/O1DPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=3 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=9 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\New User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-02-12] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: facebook.com/fbDesktopPlugin -> C:\Users\New User\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://daycalc.appspot.com/09/22/2012", "hxxp://www.gmail.com/", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_35.0.1916.153&apn_uid=72F953BF-113E-46A7-84EE-733BF68F1F49&itbv=12.15.1.20&doi=2014-07-27&psv=&pt=tb", "hxxp://google.com/", "hxxp://www.trovi.com/?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=MA9B1F09D-C72D-4F69-8012-C4E1F6AEF924&SearchSource=55&CUI=&UM=8&UP=SP4ECA6549-E0F1-480A-BD08-30C8C7BC627B&D=031615&SSPV="
CHR DefaultSearchKeyword: Profile 1 -> trovi.search
CHR DefaultSuggestURL: Profile 1 -> http://suggest.secci...x={searchTerms}
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-10]
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Mountain Bike) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkofefjkjpnolljmpfdcjempgdldfpe [2015-03-16]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (Skype Click to Call) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-07]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Advanced Font Settings) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2014-09-29]
CHR Extension: (Adblock Plus) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-15]
CHR Extension: (Surveillance Cam Professional( Security Cam)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpcnbefekficgbfoibedacpkahdfijoe [2015-03-15]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PDFescape Free PDF Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdefoklganepljiopdnglodohlgfikkl [2014-10-03]
CHR Extension: (Camera) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2015-03-15]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (PDFescape) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioombffmiompnnfbajkmmghjaleclnjo [2014-10-03]
CHR Extension: (Google Voice (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2015-03-15]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-03-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Video Chat FlirtyMania) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiaahapngnjijjgplpikimpaepddnfae [2015-03-15]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-03-15]
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [edjionickmdagfblofjmidnkiljiflah] - C:\ProgramData\Coolyou\edjionickmdagfblofjmidnkiljiflah.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 70F4EEDB-1367-4b4f-8247-3133551A7415; C:\Program Files\shopperz\grunt.exe [281976 2015-02-15] ()
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-08-06] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 cehufofi; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp [103424 2015-03-02] () [File not signed]
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2951440 2015-03-04] (Client Connect LTD)
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [1445752 2015-02-15] ()
R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [73728 2014-12-11] () [File not signed] <==== ATTENTION
R2 ff148bd5; c:\Program Files (x86)\Optimizer Pro 3.56\OptProMon.dll [1969704 2015-03-16] ()
R2 HPSLPSVC; C:\Users\New User\AppData\Local\Temp\7zS3B22\hpslpsvc64.dll [1039360 2013-02-05] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Orbiter; C:\Program Files (x86)\ORBTR\orbiter.dll [558544 2015-03-16] (Client Connect LTD)
R2 pastaleadsupd; C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaleadss.exe [1082880 2015-02-16] (PastaLeads) [File not signed]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 rcores; C:\windows\rcore.exe [4686848 2015-02-02] () [File not signed]
R2 shopperz Updater; C:\Program Files\shopperz\nseven.exe [169848 2015-02-15] ()
R2 Update Mountain Bike; C:\Program Files (x86)\Mountain Bike\updateMountainBike.exe [400120 2015-03-16] ()
R2 UpWork; C:\ProgramData\Online\updater.exe [404480 2015-03-02] () [File not signed]
R2 Util Mountain Bike; C:\Program Files (x86)\Mountain Bike\bin\utilMountainBike.exe [400120 2015-03-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\New User\AppData\Local\Temp\20150316\ct.exe [725504 2015-01-20] () [File not signed]
R2 pizegyhy; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [60376 2015-01-06] (Cherimoya Ltd)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [3888 2000-02-23] (Sony Corporation) [File not signed]
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-04] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 PastaLUpdd; C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaldrw.sys [61872 2015-02-16] ()
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R1 {21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64; C:\Windows\System32\drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys [48784 2015-03-16] (StdLib)
S3 androidusb; System32\Drivers\androidusb.sys [X]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [X]
S1 itnfd_1_10_0_9; system32\drivers\itnfd_1_10_0_9.sys [X]
S3 massfilter_hs; \??\C:\windows\system32\drivers\massfilter_hs.sys [X]
R3 SPPD; \??\C:\windows\system32\drivers\SPPD.sys [X]
S3 zghsdiag; system32\DRIVERS\zghsdiag.sys [X]
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]
S3 zghsnmea; system32\DRIVERS\zghsnmea.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-16 09:34 - 2015-03-16 09:40 - 00000000 ____D () C:\FRST
2015-03-16 00:12 - 2015-03-16 02:24 - 00048784 _____ (StdLib) C:\windows\system32\Drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys
2015-03-16 00:10 - 2015-03-16 09:10 - 00000000 ____D () C:\Program Files (x86)\Mountain Bike
2015-03-16 00:09 - 2015-03-16 00:09 - 00003272 _____ () C:\windows\System32\Tasks\Optimizer Pro Schedule
2015-03-16 00:09 - 2015-03-16 00:09 - 00000000 ____D () C:\Users\New User\Documents\Optimizer Pro
2015-03-16 00:09 - 2015-03-16 00:09 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Optimizer Pro
2015-03-16 00:07 - 2015-03-16 00:07 - 00003500 _____ () C:\windows\System32\Tasks\avayvaxxvae
2015-03-16 00:05 - 2015-03-16 00:07 - 00000000 ____D () C:\Users\New User\AppData\Local\avayvaxxvae
2015-03-16 00:05 - 2015-03-16 00:06 - 00000000 ____D () C:\Program Files (x86)\ORBTR
2015-03-16 00:04 - 2015-03-16 00:07 - 00000000 ____D () C:\Users\New User\AppData\Local\SearchProtect
2015-03-16 00:03 - 2015-03-16 00:06 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2015-03-16 00:03 - 2015-03-16 00:03 - 00004322 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313435303130393739352d3455416c555a2a5723416c34
2015-03-16 00:01 - 2015-03-16 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-03-15 23:59 - 2015-03-15 23:59 - 00003626 _____ () C:\windows\System32\Tasks\gtaUpt
2015-03-15 23:58 - 2015-03-16 00:01 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.56
2015-03-15 23:58 - 2015-01-06 12:38 - 00060376 _____ (Cherimoya Ltd) C:\windows\system32\Drivers\cherimoya.sys
2015-03-15 23:57 - 2015-03-15 23:57 - 00001168 _____ () C:\Users\Public\Desktop\Reg Pro Cleaner.lnk
2015-03-15 23:57 - 2015-03-15 23:57 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-03-15 23:57 - 2015-03-15 23:57 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player
2015-03-15 23:57 - 2015-03-15 23:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Pro Cleaner
2015-03-15 23:57 - 2015-03-15 23:57 - 00000000 ____D () C:\Program Files (x86)\Reg Pro Cleaner
2015-03-15 23:57 - 2015-03-15 23:57 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2015-03-15 23:52 - 2015-03-15 23:52 - 00531016 _____ () C:\Users\New User\Downloads\Grindr.exe
2015-03-15 11:36 - 2015-03-15 11:37 - 01283393 _____ () C:\Users\New User\Downloads\kik_it.zip
2015-03-13 17:38 - 2015-03-13 17:38 - 00000000 _____ () C:\windows\SysWOW64\shoAC1A.tmp
2015-03-12 17:06 - 2015-03-12 17:06 - 00000000 ____D () C:\Users\New User\Tracing
2015-03-09 20:28 - 2015-03-15 23:04 - 00004252 _____ () C:\windows\setupact.log
2015-03-09 20:28 - 2015-03-09 20:28 - 00000000 _____ () C:\windows\setuperr.log
2015-03-09 11:18 - 2015-03-09 11:18 - 00000789 _____ () C:\Users\New User\Desktop\JRT.txt
2015-03-09 04:32 - 2015-03-09 04:35 - 24677480 _____ () C:\Users\New User\Downloads\758376.flv
2015-03-09 04:28 - 2015-03-09 04:31 - 33452387 _____ () C:\Users\New User\Downloads\635245.flv
2015-03-09 04:25 - 2015-03-09 04:29 - 54173866 _____ () C:\Users\New User\Downloads\304429.flv
2015-03-09 04:11 - 2015-03-09 04:11 - 00000000 ____D () C:\Users\New User\AppData\Local\BreakingNewsAlert
2015-03-09 04:07 - 2015-03-16 07:28 - 01388737 _____ (Thisisu) C:\Users\New User\Desktop\JRT_NEW.exe
2015-03-03 07:12 - 2015-03-03 07:14 - 05325696 _____ (Piriform Ltd) C:\Users\New User\Downloads\ccsetup503.exe
2015-03-03 06:11 - 2015-03-15 20:07 - 00000000 ____D () C:\Users\New User\Documents\Zoom
2015-03-03 05:55 - 2015-03-03 05:55 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 23:41 - 2015-03-02 23:41 - 00000000 _____ () C:\windows\SysWOW64\shoC90C.tmp
2015-03-02 21:04 - 2015-03-02 21:05 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2015-03-02 18:42 - 2015-03-02 18:42 - 00000000 _____ () C:\windows\SysWOW64\shoBDD5.tmp
2015-03-02 18:12 - 2015-03-08 06:12 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-02 17:40 - 2015-03-03 06:25 - 00000000 ____D () C:\Program Files (x86)\Tuneup computer
2015-03-02 17:40 - 2015-03-02 17:40 - 00003696 _____ () C:\windows\System32\Tasks\boosterpop
2015-03-02 17:40 - 2015-03-02 17:40 - 00003694 _____ () C:\windows\System32\Tasks\IEError
2015-03-02 17:40 - 2015-03-02 17:40 - 00003510 _____ () C:\windows\System32\Tasks\AI_Updater
2015-03-02 17:39 - 2015-03-02 17:39 - 00000000 ____D () C:\Users\New User\AppData\Local\PCTuner
2015-03-02 17:28 - 2015-03-02 17:28 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 00000000 __SHD () C:\Users\New User\AppData\Roaming\AnyProtectEx
2015-03-02 17:17 - 2015-03-02 17:17 - 00000000 ____D () C:\BreakingNewsAlert
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\SysWOW64\BasementDusterOff.ini
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\system32\BasementDusterOff.ini
2015-03-02 17:13 - 2015-02-24 03:51 - 00318808 _____ (OM Inc.) C:\windows\SysWOW64\BDL.dll
2015-03-02 17:09 - 2015-03-09 04:07 - 00000000 ____D () C:\Users\New User\AppData\Local\SmartWeb
2015-03-02 17:09 - 2015-03-02 17:09 - 00004052 _____ () C:\windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-03-02 17:09 - 2015-03-02 17:09 - 00003664 _____ () C:\windows\System32\Tasks\IE_ERR4WDR
2015-03-02 17:09 - 2015-03-02 17:09 - 00003640 _____ () C:\windows\System32\Tasks\HDNINSTSCHD
2015-03-02 17:09 - 2015-03-02 17:09 - 00003506 _____ () C:\windows\System32\Tasks\UPDTEXE4_WDR
2015-03-02 17:08 - 2015-03-03 06:39 - 00000000 ____D () C:\Program Files (x86)\Portable WeatherApp
2015-03-02 16:31 - 2015-03-02 16:31 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425313884-11E1-93C8-047D7B6646C7
2015-03-02 16:12 - 2015-03-02 16:12 - 00003190 _____ () C:\windows\System32\Tasks\DoctorPC_Start
2015-03-02 16:11 - 2015-03-02 16:11 - 00000000 ____D () C:\Users\New User\AppData\Local\Doctor_PC
2015-03-02 16:10 - 2015-03-02 23:50 - 00000000 ____D () C:\Users\New User\Documents\DoctorPC
2015-03-02 16:06 - 2015-03-16 09:14 - 00000000 ____D () C:\Users\New User\AppData\Local\Deployment
2015-03-02 16:05 - 2015-03-15 14:11 - 00000000 ____D () C:\Users\New User\AppData\Roaming\et
2015-03-02 16:05 - 2015-03-02 16:05 - 00000000 ____D () C:\ProgramData\uc
2015-03-02 16:04 - 2015-03-10 18:45 - 00000000 ____D () C:\ProgramData\a5srv5task
2015-03-02 15:55 - 2015-03-09 04:11 - 00000000 ____D () C:\ProgramData\CFvZAfrKU
2015-03-02 15:53 - 2015-03-15 23:57 - 00000990 _____ () C:\Users\New User\Desktop\PepperZip.lnk
2015-03-02 15:53 - 2015-03-02 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 15:17 - 2015-03-02 15:17 - 00274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 00161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-02 15:02 - 2015-03-02 15:03 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7
2015-03-02 15:01 - 2015-03-10 18:46 - 00000000 ____D () C:\ProgramData\d3fdac2f0000255e
2015-03-02 14:36 - 2015-03-16 09:03 - 00000980 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-02 14:36 - 2015-03-15 21:07 - 00000976 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-02 14:36 - 2015-03-02 17:12 - 00003978 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-02 14:36 - 2015-03-02 17:12 - 00003724 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-02 14:32 - 2015-03-15 23:59 - 00000000 ____D () C:\Program Files\shopperz
2015-03-02 14:32 - 2015-03-15 23:57 - 00000045 _____ () C:\user.js
2015-03-02 14:32 - 2015-03-02 15:17 - 00002017 _____ () C:\windows\patsearch.bin
2015-03-02 14:32 - 2015-03-02 14:32 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-03-02 14:30 - 2015-03-02 14:56 - 00000000 ____D () C:\Users\New User\AppData\Local\gmsd_us_265
2015-03-02 14:30 - 2015-03-02 14:30 - 00003782 _____ () C:\windows\System32\Tasks\PostPoneInstall
2015-03-02 14:30 - 2015-03-02 14:30 - 00003170 _____ () C:\windows\System32\Tasks\Run_Bobby_Browser
2015-03-02 14:29 - 2015-03-09 11:13 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-02 14:28 - 2015-03-02 14:28 - 00000000 ____D () C:\Users\New User\AppData\Local\Bluestacks
2015-03-02 14:27 - 2015-03-15 21:11 - 00000000 ____D () C:\Program Files (x86)\msrtn32
2015-03-02 14:26 - 2015-03-15 23:57 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-03-02 14:26 - 2015-03-15 23:57 - 00000000 ____D () C:\Program Files (x86)\GU Player
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{9c4d2de5-1c79-57c2-9c4d-d2de51c7b794}
2015-03-02 14:26 - 2015-03-02 14:48 - 00000000 ____D () C:\Program Files (x86)\Regprocleaner
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Users\New User\AppData\Local\Bypass
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\u2c
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\dataup
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\data_up
2015-03-02 14:25 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\Online
2015-03-02 09:58 - 2015-03-02 09:58 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-02 09:58 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\Program Files\iTunes
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files\iPod
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-02 09:50 - 2015-03-02 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-28 16:12 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Dept of Human Services
2015-02-28 15:56 - 2015-02-28 15:58 - 00000000 ____D () C:\Users\New User\Documents\Employment
2015-02-28 15:54 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Recovery
2015-02-28 09:53 - 2015-03-12 11:53 - 00000000 ____D () C:\Users\New User\AppData\Local\Spotify
2015-02-28 09:53 - 2015-02-28 09:53 - 00001779 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-28 09:52 - 2015-03-15 17:02 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Spotify
2015-02-28 03:17 - 2015-02-28 03:17 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Windows
2015-02-21 16:22 - 2015-02-28 16:21 - 00000000 ____D () C:\Users\New User\Documents\Correspondence
2015-02-17 23:09 - 2015-03-16 09:14 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-02-17 23:09 - 2015-02-17 23:09 - 00003900 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA
2015-02-17 21:24 - 2015-02-17 21:24 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-17 21:24 - 2015-02-17 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-17 21:19 - 2015-02-17 21:19 - 00003184 _____ () C:\windows\System32\Tasks\{2E32A290-388A-42A3-968E-58CBBA498FAB}
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-16 09:25 - 2012-03-01 09:39 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-16 09:10 - 2012-07-10 11:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-16 09:05 - 2009-07-13 19:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-16 09:04 - 2012-03-01 09:10 - 01677198 _____ () C:\windows\WindowsUpdate.log
2015-03-16 09:03 - 2012-08-07 21:10 - 00000940 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-03-16 03:19 - 2009-07-13 16:34 - 00000505 _____ () C:\windows\win.ini
2015-03-16 03:00 - 2014-07-27 18:58 - 00000418 _____ () C:\windows\Tasks\Defraggler Volume C Task.job
2015-03-16 00:25 - 2013-06-18 08:28 - 00000000 ____D () C:\Users\New User\AppData\Roaming\vlc
2015-03-16 00:01 - 2013-04-07 15:13 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Skype
2015-03-15 23:25 - 2012-03-01 09:39 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-15 23:14 - 2012-08-13 11:27 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-15 21:16 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-15 21:16 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-15 21:08 - 2014-09-20 03:27 - 00000000 ___RD () C:\Users\New User\iCloudDrive
2015-03-15 21:08 - 2013-04-09 12:46 - 00000000 ___RD () C:\Users\New User\Dropbox
2015-03-15 21:08 - 2012-11-20 07:46 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Dropbox
2015-03-15 21:06 - 2009-07-13 19:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-15 20:42 - 2013-09-16 18:49 - 05290266 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-15 14:23 - 2012-08-07 21:10 - 00000918 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-15 08:54 - 2013-04-11 23:14 - 00000000 ____D () C:\Users\New User\AppData\Local\Apple
2015-03-13 19:18 - 2014-11-26 15:37 - 00149504 ___SH () C:\Users\New User\Downloads\Thumbs.db
2015-03-12 17:06 - 2012-08-04 01:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-12 17:05 - 2012-08-04 01:59 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 10:07 - 2013-04-07 15:12 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-12 10:04 - 2011-11-02 20:33 - 00000000 ___HD () C:\Users\Public\TEMP
2015-03-10 18:46 - 2012-09-22 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-09 11:00 - 2012-07-20 21:17 - 00000000 ____D () C:\ProgramData\Conexant
2015-03-09 04:15 - 2014-09-29 09:54 - 00002094 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud Print.lnk
2015-03-09 04:15 - 2013-04-07 15:12 - 00002375 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 04:12 - 2014-09-24 21:21 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-09 04:11 - 2014-09-15 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-09 04:09 - 2011-11-02 20:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-03 07:15 - 2012-07-10 11:35 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-03 07:14 - 2012-07-10 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-03 06:51 - 2013-03-30 01:12 - 00000000 ____D () C:\windows\pss
2015-03-03 03:17 - 2010-11-20 17:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-03-02 21:05 - 2014-07-26 20:32 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Zoom
2015-03-02 16:06 - 2014-10-25 23:50 - 00000000 ____D () C:\Users\New User\AppData\Local\Apps\2.0
2015-03-02 15:17 - 2014-06-19 15:14 - 00000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2015-03-02 09:56 - 2013-04-11 23:13 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-28 16:19 - 2014-10-03 15:43 - 00000000 ____D () C:\Users\New User\Documents\George Nakamoto
2015-02-28 16:02 - 2013-09-11 12:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-28 15:48 - 2014-01-27 07:05 - 00000000 ____D () C:\Users\New User\Documents\9 Essays Notes
2015-02-28 07:38 - 2009-07-13 17:20 - 00000000 ____D () C:\windows\system32\NDF
2015-02-27 19:11 - 2012-07-10 11:24 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-27 19:11 - 2012-07-10 11:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-27 19:11 - 2011-11-02 20:12 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-27 18:31 - 2014-08-27 12:15 - 00000000 ____D () C:\Users\New User\AppData\Local\Adobe
2015-02-21 16:17 - 2013-07-06 21:00 - 00000000 ____D () C:\Users\New User\Documents\Other
2015-02-18 00:58 - 2014-09-29 16:03 - 00001199 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2015-02-18 00:58 - 2014-09-29 16:03 - 00001187 _____ () C:\Users\Public\Desktop\paint.net.lnk
2015-02-18 00:58 - 2014-09-29 16:02 - 00000000 ____D () C:\Program Files\paint.net
2015-02-17 23:20 - 2012-03-01 09:39 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-17 23:20 - 2012-03-01 09:39 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-17 23:17 - 2013-04-07 15:12 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Mozilla
2015-02-17 23:09 - 2012-08-13 11:27 - 00003504 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core
2015-02-17 21:23 - 2012-07-10 11:26 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-17 20:50 - 2013-10-07 11:59 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-17 20:50 - 2012-09-24 15:23 - 00272296 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2015-02-17 20:50 - 2012-09-24 15:23 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2015-02-17 20:50 - 2012-09-24 15:23 - 00176552 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
 
==================== Files in the root of some directories =======
 
2013-01-05 14:36 - 2013-01-05 14:35 - 0003584 _____ () C:\Program Files\1033.MST
2013-01-05 14:36 - 2013-01-05 14:35 - 32268288 _____ () C:\Program Files\MOTOROLA MEDIA LINK.msi
2014-06-19 15:14 - 2015-03-02 15:17 - 0000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2014-09-11 20:46 - 2014-09-11 20:46 - 0003584 _____ () C:\Users\New User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 15:17 - 2015-03-02 15:17 - 0274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 0161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-03 05:55 - 2015-03-03 05:55 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2013-04-07 14:41 - 2014-09-29 10:46 - 0007604 _____ () C:\Users\New User\AppData\Local\Resmon.ResmonCfg
2013-09-04 10:54 - 2013-09-04 10:54 - 0000000 _____ () C:\ProgramData\222c213d3c333429442337_c
2012-11-30 07:47 - 2012-11-30 07:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-07 08:49 - 2012-08-07 08:49 - 4608000 _____ () C:\ProgramData\ReadOnlyInstaller.msi
 
Some content of TEMP:
====================
C:\Users\New User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8orsk_.dll
C:\Users\New User\AppData\Local\Temp\optsetup.exe
C:\Users\New User\AppData\Local\Temp\sdf210A.exe
C:\Users\New User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\New User\AppData\Local\Temp\sprz.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-05 00:44
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by New User at 2015-03-16 09:47:39
Running from C:\Users\New User\Downloads\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
Ant.com IE add-on (HKLM-x32\...\{B795F380-D3D6-4EA4-A4BB-27FC2FB0F8B2}) (Version: 2.2.3.1074 - Ant.com)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.179.0 - Microsoft Corporation)
BIOS R0121K5 Update Utility For Windows  XP (HKLM-x32\...\{0B880892-A2A4-4465-8CF4-6A4C081ED738}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.39.50 - Conexant)
Connectivity Fixer (HKLM-x32\...\{53ED0F0C-13C7-4154-9CE8-B0E5FEAB2367}) (Version: 1.1.0 - Badosoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.4 - PC Drivers Headquarters, LP)
Dropbox (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 5.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.2 - FastStone Soft)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
FrostWire 5.3.9 (HKLM-x32\...\FrostWire 5) (Version: 5.3.9.0 - FrostWire Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.89 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GU Player (remove only) (HKLM-x32\...\GU Player) (Version:  - )
Hawaiian Unicode (HKLM\...\{9BB9ACB5-5731-4445-A476-1571FA22A3D2}) (Version: 1.0.3.40 - Hale Kuamoo)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 6.0.12230.783 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{A2E836B3-59A6-486B-82DC-1EA3878BCDEA}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}) (Version: 1.0.16.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Latency Optimizer FREE VERSION (HKLM-x32\...\{2A9767A4-577D-4806-A121-7F0010F6BC60}) (Version: 3.1.20 - Badosoft)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Mountain Bike (HKLM\...\Mountain Bike) (Version: 2015.03.16.090432 - Mountain Bike) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MusicManager) (Version:  - Google, Inc.)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited) <==== ATTENTION
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PastaLeads (HKLM-x32\...\PastaLeads Client) (Version: 1.0.0.26 - PastaLeads)
PepperZip 2.0 (HKLM-x32\...\PepperZip) (Version: 2.0 - PepperWare Co.Ltd.) <==== ATTENTION
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.7600 - DTS, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QWRS 3.1.0 (HKLM-x32\...\QWRS_is1) (Version: 3.1.0 - State of Hawaii, Department of Labor and Industrial Relations, Unemployment Insurance)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Reg Pro Cleaner version 2.0 (HKLM-x32\...\{6406DF9F-E9C8-4C2E-AB48-80352BDF5099}_is1) (Version: 2.0 - Regprocleaner)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.21.200.26 - Client Connect LTD) <==== ATTENTION
shopperz 2.0.0.457 (HKLM\...\{5081D2D4-1637-404c-B74F-50526718257D}_is1) (Version: 2.0.0.457 - shopperz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Speedtest4free (HKLM-x32\...\{E5E6D2B9-D991-4B2A-8294-974181531DCB}) (Version: 1.0.0 - Badosoft)
Spotify (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zoom (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 16:34 - 2015-03-03 06:44 - 00000853 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09EF5443-B72A-42C6-9E7C-BB6DBD58CB6E} - System32\Tasks\{0094CBC2-0CDB-4A3A-9B11-013577E07B63} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {0D76CF1F-6088-4F54-8BBA-6B5F15123A08} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {120E8F47-6EA1-42F2-B0FC-E7279BD0A352} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\New User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {1561AEF0-B84C-4392-A72D-71C923783DDD} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe
Task: {1683D07D-8741-4C81-973D-49B5E1CCDD98} - System32\Tasks\{3458AABF-901C-4040-ABD1-E7DEC89D6FE8} => pcalua.exe -a "C:\Users\New User\Downloads\MML_Installer-v1.5.1915.0.exe" -d "C:\Users\New User\Downloads"
Task: {29C4C180-8D5B-4B94-AD4F-4DF350D934FA} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.56\OptProLauncher.exe [2015-03-04] (PCUtilities Software Limited) <==== ATTENTION
Task: {2BE258F6-9E23-4361-9B14-CA6650E352DC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {3A626E56-2169-4625-BB78-28A6F7A1687A} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe
Task: {443A42DE-D250-4E11-8537-F42EF6835058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {475C3524-9503-4F2E-8C01-9E312EA142A2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4A08DA9A-F9BD-43B6-9B5F-2518B1871680} - System32\Tasks\{F3266061-33DE-4FD6-93EF-6590BC6A7334} => pcalua.exe -a "C:\Users\New User\Downloads\reflash_package.exe" -d "C:\Users\New User\Downloads"
Task: {52BBC3D8-6417-4D04-BA1D-89EBDACF245E} - System32\Tasks\boosterpop => C:\Program Files (x86)\Tuneup computer\Probsalert.exe
Task: {54F10FFC-98C8-45A4-92A6-26FB8C024436} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {6699EB5D-EAB0-496D-9EF4-6E4D7C10A2E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {68BF36F5-36FB-476A-909D-78EB66ACB3BD} - System32\Tasks\{2E32A290-388A-42A3-968E-58CBBA498FAB} => pcalua.exe -a "C:\Users\New User\Downloads\chromeinstall-8u31 (1).exe" -d "C:\Users\New User\Downloads"
Task: {69B4898D-ACC6-4081-8068-CEF48AA1CD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {6A949BFC-BD5E-46C5-9860-C18E1EC6EDED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {715C3153-490E-432B-B639-4D642350E43A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {79B8DB62-0EE0-467F-B4C7-FD1A2CBB9E26} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {7AEC204D-4081-46BF-8FC3-6A3B6BABE9E7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {7F941C9A-E1D7-4C5B-A29D-3BF8D80A2BE3} - System32\Tasks\{660776D4-F64B-4F88-B0D8-F8228795443E} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {8629C88E-B5DC-4AFD-9EC2-045D149CB96C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {87433B36-CFB1-4A7F-9319-E643D8F27125} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {8A3C300F-F9E5-4BCD-96C3-BAAC7149C888} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {92E3745A-8505-4C6A-BB9D-01A1B7BBFA2D} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe
Task: {93BD32F0-BC63-4450-B766-057FA6B3E05F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {94897E48-6CB2-4B82-8482-208BB309C947} - System32\Tasks\PostPoneInstall => C:\Users\NEWUSE~1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {9523D5B9-ABA8-48E0-B692-132A8CF10D46} - System32\Tasks\{B5900387-2532-4B07-B355-EA4C68AE2418} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {A0490198-0766-4E4F-8833-99D46658AC78} - System32\Tasks\gtaUpt => C:\Program Files\shopperz\zaeed.bat [2015-02-15] ()
Task: {A586667C-42CD-4380-B72C-0762F7B69461} - System32\Tasks\{1C07B500-30B6-4F1E-8DBB-EE4100379985} => C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {AC3B2EBB-67FD-445F-98C7-A5652B142BD6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {AE1A73FF-2D15-4FAE-A929-596711B3A0AE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B3DFADE0-6D34-4473-99BA-743441195E6D} - System32\Tasks\Run_Bobby_Browser => C:\Users\New User\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {B732D8B6-6014-436E-A756-EE5A858EF304} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe
Task: {BA443592-EC97-4B7A-B0AA-B0697B601C1A} - System32\Tasks\{6666D30D-CE2C-4C24-ABFD-98E74DAC257D} => pcalua.exe -a "C:\Users\New User\Downloads\PD9812000_Ace_Gingerbread_S_hboot_0.85.0024.exe" -d "C:\Users\New User\Downloads"
Task: {BE2B11A8-25A1-4FB2-BA1A-ABFBC9D67CCF} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {C0921BE9-A5D4-41FF-AB7F-80E63CC2CF6D} - System32\Tasks\{B16438F9-6240-4B60-BE4F-67DF6D31E7DD} => pcalua.exe -a "C:\Users\New User\AppData\Roaming\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {C317D6B8-4F72-4539-B6E9-AFFE96127668} - System32\Tasks\{94363BB8-9C1E-4165-A48D-6DD0C8FD3AEB} => pcalua.exe -a "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers"
Task: {CD6C0667-1205-46E3-B3B1-DDAD3B9B6545} - System32\Tasks\HDNINSTSCHD => C:\windows\PCBHDNW\hdnInstaller.exe
Task: {CEFAD2A2-BDA3-4F35-B8D8-66740547AE55} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313435303130393739352d3455416c555a2a5723416c34 => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0
Task: {CF3FF27F-EB3C-4AAF-9BD4-46657232E44D} - System32\Tasks\avayvaxxvae => C:\Users\New User\AppData\Local\avayvaxxvae\avayvaxxvae.exe [2015-03-04] () <==== ATTENTION
Task: {D5334025-975D-415C-ACE0-4B5266F24207} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {DA8E2620-5154-4BB3-8A67-513CB3AE5722} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {E1DEA0D2-524A-4DA1-9508-2063AFDFBEF8} - System32\Tasks\{5C6FFFA1-D803-4F18-AE74-C44A23E7827E} => pcalua.exe -a "C:\Users\New User\Desktop\RUU_TOTEMC2_UL_JB_45_S_Cingular_US_2.21.502.1_Radio_1.18.40.00.07_10.68.40.33I_release_323768_signed.exe" -d "C:\Users\New User\Desktop"
Task: {E41C9E4D-9183-4774-AF63-E68F96CB8586} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E49B6A6E-9C2A-4463-9C69-A2B50919E7E0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27] (Adobe Systems Incorporated)
Task: {EC3C66FD-2B36-44D3-AEB1-ED6D9CAEE437} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F80CFB63-475F-4D94-8542-594DDAFA6D6D} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe
Task: {FC7642EF-F5BC-4BE9-B733-22ECCEEFA7D3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2011-10-24] (TOSHIBA CORPORATION)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 15:03 - 2015-03-02 15:03 - 00103424 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
2015-03-02 14:26 - 2014-12-11 10:55 - 00073728 _____ () C:\Program Files (x86)\dataup\dataup.exe
2015-03-02 15:03 - 2015-03-02 15:03 - 00108032 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 14:25 - 2015-03-02 14:26 - 00404480 _____ () C:\ProgramData\Online\updater.exe
2015-03-02 14:32 - 2015-02-15 17:02 - 00294264 _____ () C:\Program Files\shopperz\krios64.dll
2014-12-25 01:49 - 2014-12-25 01:49 - 00121344 _____ () C:\Program Files (x86)\PepperZip\shell\PPZShellExtension_x64.dll
2011-08-31 10:13 - 2011-08-31 10:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-20 16:53 - 2015-01-20 16:53 - 00725504 _____ () C:\Users\New User\AppData\Local\Temp\20150316\ct.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 02157056 _____ () C:\Program Files (x86)\msrtn32\msrtn32.exe
2015-03-02 16:04 - 2015-03-02 16:05 - 00360448 _____ () C:\ProgramData\a5srv5task\mcsvc.exe
2015-03-15 23:57 - 2015-02-15 17:02 - 00281976 _____ () C:\Program Files\shopperz\grunt.exe
2015-03-15 23:57 - 2015-02-15 17:02 - 00429944 _____ () C:\Program Files\shopperz\wrex.exe
2015-03-15 23:57 - 2015-02-15 17:02 - 00460664 _____ () C:\Program Files\shopperz\wrex64.exe
2015-03-15 23:58 - 2015-02-15 17:02 - 00620920 _____ () C:\Program Files\shopperz\tsoni64.dll
2015-03-15 23:58 - 2015-02-15 17:02 - 00273272 _____ () C:\Program Files\shopperz\liara64.dll
2015-03-15 23:57 - 2015-02-15 17:02 - 00333176 _____ () C:\Program Files\shopperz\kasumi64.dll
2015-03-15 23:58 - 2015-02-15 17:02 - 01445752 _____ () C:\Program Files\shopperz\csrcc.exe
2015-03-15 23:58 - 2015-02-15 17:02 - 00169848 _____ () C:\Program Files\shopperz\nseven.exe
2015-03-15 23:07 - 2015-03-16 09:09 - 00400120 _____ () C:\Program Files (x86)\Mountain Bike\bin\utilMountainBike.exe
2015-03-16 00:12 - 2015-03-16 02:32 - 00101624 _____ () C:\Program Files (x86)\Mountain Bike\bin\MountainBike.expext.exe
2015-03-16 00:12 - 2015-03-16 02:24 - 00353528 _____ () C:\Program Files (x86)\Mountain Bike\bin\MountainBike.PurBrowse64.exe
2015-03-16 00:13 - 2015-03-15 23:23 - 00123128 _____ () C:\Program Files (x86)\Mountain Bike\bin\MountainBike.BrowserAdapter64.exe
2015-03-16 00:13 - 2015-03-15 23:23 - 00105720 _____ () C:\Program Files (x86)\Mountain Bike\bin\MountainBike.BrowserAdapter.exe
2015-03-16 00:15 - 2015-03-16 09:13 - 00400120 _____ () C:\Program Files (x86)\Mountain Bike\updateMountainBike.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00075776 _____ () C:\Program Files (x86)\msrtn32\cdhtr.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00529920 _____ () C:\Program Files (x86)\msrtn32\rthdcpd.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 02299904 _____ () C:\Program Files (x86)\msrtn32\QxOrm.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00243200 _____ () C:\Program Files (x86)\msrtn32\boost_serialization-vc100-mt-1_54.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00879104 _____ () C:\Program Files (x86)\msrtn32\platforms\qwindows.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00635392 _____ () C:\Program Files (x86)\msrtn32\sqldrivers\qsqlite.dll
2015-03-02 14:32 - 2015-02-15 17:02 - 00288120 _____ () C:\Program Files\shopperz\krios.dll
2015-03-15 23:58 - 2015-02-15 17:02 - 00610680 _____ () C:\Program Files\shopperz\tsoni.dll
2015-03-15 23:58 - 2015-02-15 17:02 - 00238456 _____ () C:\Program Files\shopperz\liara.dll
2015-03-15 23:57 - 2015-02-15 17:02 - 00308600 _____ () C:\Program Files\shopperz\kasumi32.dll
2015-03-16 00:01 - 2015-03-16 00:01 - 01969704 _____ () c:\Program Files (x86)\Optimizer Pro 3.56\OptProMon.dll
2015-03-16 00:12 - 2015-03-16 02:32 - 00081656 _____ () C:\Program Files (x86)\Mountain Bike\bin\MountainBike.expextdll.dll
2015-03-16 00:13 - 2015-03-15 23:23 - 00197368 _____ () C:\Program Files (x86)\Mountain Bike\bin\21c2e5a71a4a4181b493.dll
2015-03-12 17:29 - 2015-03-06 20:12 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libglesv2.dll
2015-03-12 17:29 - 2015-03-06 20:12 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\libegl.dll
2015-03-12 17:29 - 2015-03-06 20:13 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.89\pdf.dll
2015-02-27 18:30 - 2015-02-27 18:31 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00032256 _____ () C:\Program Files (x86)\msrtn32\imageformats\qdds.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qgif.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00027648 _____ () C:\Program Files (x86)\msrtn32\imageformats\qicns.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qico.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00381952 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjp2.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00204800 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjpeg.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00218112 _____ () C:\Program Files (x86)\msrtn32\imageformats\qmng.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00015360 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtga.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00307712 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtiff.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00014848 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwbmp.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00252928 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwebp.dll
2015-03-02 14:27 - 2015-03-02 14:28 - 14586808 _____ () C:\Program Files (x86)\msrtn32\Plugins\NPSWF32_11_5_502_110.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\New User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.25.227.55 - 209.18.47.61
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^SuperOptimizerInstaller.lnk => C:\windows\pss\SuperOptimizerInstaller.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE" -b
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: Connectivity Fixer => "C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe" -m
MSCONFIG\startupreg: Facebook Update => "C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: googletalk => C:\Users\New User\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1355722718\ee\AOLSoftware.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\windows\system32\hkcmd.exe"
MSCONFIG\startupreg: HP Officejet 4620 series (NET) => "C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2BN210G005RT:NW" -scfn "HP Officejet 4620 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Officejet 6500 E710n-z (NET) => "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN0CL114C205JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: MusicManager => "C:\Users\New User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchProtect => C:\Users\New User\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\New User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SRS Premium Sound HD => "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: Zoom => 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3917243199-554470053-2731875590-500 - Administrator - Disabled)
Guest (S-1-5-21-3917243199-554470053-2731875590-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3917243199-554470053-2731875590-1013 - Limited - Enabled)
New User (S-1-5-21-3917243199-554470053-2731875590-1000 - Administrator - Enabled) => C:\Users\New User
 
==================== Faulty Device Manager Devices =============
 
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: itnfd_1_10_0_9
Description: itnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: itnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/16/2015 00:03:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Regprocleaner.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 20ec
 
Start Time: 01d05fcfa7c2df9c
 
Termination Time: 16
 
Application Path: C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe
 
Report Id: 6dab43d2-cbc3-11e4-a191-00038a000015
 
Error: (03/15/2015 09:07:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5242
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5242
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1592
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1592
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/15/2015 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35287
 
Error: (03/15/2015 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35287
 
 
System errors:
=============
Error: (03/16/2015 09:09:18 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Util Mountain Bike service.
 
Error: (03/16/2015 09:03:47 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (03/15/2015 09:37:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (03/15/2015 09:36:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Error: (03/15/2015 09:07:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cherimoya
DMICall
itnfd_1_10_0_9
 
Error: (03/15/2015 09:06:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (03/15/2015 09:05:49 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (03/15/2015 09:05:34 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\DRIVERS\DMICall.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (03/15/2015 09:05:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
Error: (03/15/2015 09:05:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!
 
 
Microsoft Office Sessions:
=========================
Error: (03/16/2015 00:03:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Regprocleaner.exe1.0.0.020ec01d05fcfa7c2df9c16C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe6dab43d2-cbc3-11e4-a191-00038a000015
 
Error: (03/15/2015 09:07:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5242
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5242
 
Error: (03/15/2015 08:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1592
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1592
 
Error: (03/15/2015 08:43:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/15/2015 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 35287
 
Error: (03/15/2015 07:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 35287
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-15 17:48:56.489
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 09:04:16.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 09:04:10.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 09:04:10.150
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 09:04:10.081
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 09:03:34.677
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 08:08:18.732
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 08:04:26.123
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 08:04:13.626
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-29 07:54:28.323
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 72%
Total physical RAM: 4043.86 MB
Available physical RAM: 1123.52 MB
Total Pagefile: 6042.04 MB
Available Pagefile: 2330.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI106320W0D) (Fixed) (Total:449.62 GB) (Free:324.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 7FE1B5BF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=449.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=17)
 
==================== End Of Log ============================

 


  • 0

Advertisements

#2
Nevan
Posted 16 March 2015 - 04:26 PM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello, Jeris. My nickname is Nevan and I will be helping you getting your system back on its electronic feet.

Before we get started, please keep these things in mind:
  • Always read every part of my post carefully. If you don't, you may do something wrong and there could be more problems to solve.
  • If your security programs give you any warnings when using tools I asked you to, don't be afraid. Every tool I provide to you is 100% safe.
  • Only run tools that I ask you to. Some of them can be dangerous to your system as they have much power.
  • You should save or print my instructions. It is possible that we will be using Safe mode, which will cut you off from your internet connection and without access to them, you might be stuck.
  • Malware removal is a complicated process that takes multiple steps to be completed. Don't give up, be patient.
  • The tools we are going to use and your software may cause unwanted interactions. Because of that, I recommend you to make backups of any important files from your machine before proceeding as they might be lost.
  • I recommend you to stay with me until I tell you that we are done. It is important because when your system does not show any bad symptoms anymore it does not mean that it is 100% clean.
  • Your time to reply is limited. If you don't reply within 3 days, your topic will be closed and you will have to request it to be reopened by contacting one of Moderator group members with the link to this topic.
  • Every program I ask you to download should be saved to and run from desktop. If you don't know how to choose the direction of where a download is saved, check this site. You can also just copy these programs to your desktop manually and then run them from there.
  • Remember that the fixes I give you are only for your machine. Using it on other systems may (and probably will) cause problems.
  • Finally, if you have any questions or are unsure about something, just ask. I will not blame you for it. It is better to ask rather than regret it later.
Also, please note that I'm currently in training, so my answers to you will have to be checked first by an experienced helper before I can post them. This can lengthen the time between my answers to you, but in return you will have an extra person reviewing your log.

 
I'm now having a look at the logs you've provided and will return with appropriate instructions once they are approved by my teacher.
  • 1

#3
Nevan
Posted 18 March 2015 - 03:09 AM

Nevan

    Trusted Helper

  • Malware Removal
  • 1,765 posts
Hello again, Jeris.

I'm sorry for the delay.

I'd like you to uninstall some programs and then do a new FRST scan. But first...

P2P Warning

I've noticed that you have or have had a P2P (Peer-to-Peer) file sharing program on your machine:
  • FrostWire 5.3.9
It is important to stay away from them as they are used to share pirated material. The programs themselves can be safe, but majority of the files shared through them is infected.

Some of things to keep in mind when using P2P programs:
  • Your computer is more likely to get infected with malware, which will result in coming back to our or other forums for help.
  • You may have your important data stolen, including passwords, photos or personal information.
  • You help to share pirated material, which may result in arrest, fines, or even jail time for illegal downloads of copyrighted material.
If I still didn't convince you, please read these short reports about how dangerous it can be to use P2P programs:Whether you remove them or not is your decision. Though I strongly recommend you to uninstall your P2P programs as they most likely will cause problems in the future.

If you choose not to remove them, please refrain from using them until we are done on cleaning your computer.

 
Registry cleaner warning
I've noticed that you have registry cleaner programs installed:
  • CCleaner
  • Reg Pro Cleaner version 2.0
Although they may seem to be useful, they use schemes, which aren't accurate, thus can cause more harm than good, including making your system unbootable. Because of that, I recommend you to uninstall them. However, you may want to keep CCleaner, as it has some useful functions. Just refrain from using it's registry cleaning ability.

 
Step #1
Uninstalling programs

Go to Start Menu>Control Panel>Programs>Uninstall a program (or Control Panel>Programs and Features if using icon view) and remove the following programs:
  • 7-zip v9.20
  • Ant.com IE add-on
  • Mountain Bike
  • Optimizer Pro v3.2
  • PastaLeads
  • PepperZip 2.0
  • Reg Pro Cleaner version 2.0
  • Search Protect
  • shopperz 2.0.0.457
  • GU Player
  • McAfee Security Scan Plus
Optional programs to uninstall:
  • FrostWire 5.3.9
 
Step #2
FRST Scan

I've noticed that you ran FRST64.exe from C:\Users\New User\Downloads\Desktop folder. Please move it to your Desktop (C:\Users\New User\Desktop). You can do it by right-clicking FRST64.exe, click Cut, then move to Desktop, right-click any free space and click Paste.
  • Right click FRST64.exe and click Run as administrator. When the tool opens click Yes to disclaimer.
  • Make sure that Addition.txt is checked and press the Scan button.
  • It will produce two logs - one called FRST.txt and another one called Addition.txt in the same directory the tool is run from.
  • Select all (CTRL+A) the content of the logs, copy them (CTRL+C) and paste (CTRL+V) them into your next reply.
 
Things that should appear in your next post:
  • FRST.txt log content
  • Addition.txt log content

  • 0

#4
Bruce1270
Posted 21 March 2015 - 03:03 AM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts

Hi Jeris

 

My name is Bruce1270.

 

Nevan is unavailable at the moment so I will be assisting you with your issue.

 

Have you managed to complete Nevan's instructions in post #3 yet? If you need any assistance let me know.

 

Thanks :)


  • 0

#5
Jeris
Posted 21 March 2015 - 03:22 AM

Jeris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts

thank you bruce I'm sorry i haven't i am working on it tonight.


  • 0

#6
Bruce1270
Posted 21 March 2015 - 09:44 AM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
No worries.
  • 0

#7
Jeris
Posted 21 March 2015 - 11:46 PM

Jeris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by New User (administrator) on JERISAMA-PC on 21-03-2015 19:31:05
Running from C:\Users\New User\Desktop
Loaded Profiles: New User (Available profiles: New User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\dataup\dataup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
() C:\Windows\rcore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
() C:\ProgramData\Online\updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Users\New User\AppData\Local\Temp\20150316\ct.exe
() C:\Program Files (x86)\msrtn32\msrtn32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
() C:\ProgramData\a5srv5task\mcsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
() C:\Program Files\shopperz\grunt.exe
() C:\Program Files\shopperz\wrex.exe
() C:\Program Files\shopperz\wrex64.exe
() C:\Program Files\shopperz\nseven.exe
() C:\Program Files\shopperz\csrcc.exe
(PastaLeads) C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaleadss.exe
() C:\Program Files (x86)\msrtn32\cdhtr.exe
() C:\Program Files (x86)\msrtn32\rthdcpd.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\wrex.exe [430456 2015-03-11] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\wrex64.exe [461176 2015-03-11] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [gmsd_us_265] => [X]
HKLM-x32\...\Run: [gmsd_us_275] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Google Update] => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-13] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [3EEACF25A3A34117C559996B7D8760AD66AA92BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Spotify Web Helper] => C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-18] (Spotify Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Zoom] => [X]
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2548072 2011-12-18] (Hewlett-Packard Co.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Facebook Update] => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-08] (Facebook Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Connectivity Fixer] => C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe [2100896 2013-10-07] (Badosoft)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Spotify] => C:\Users\New User\AppData\Roaming\Spotify\spotify.exe [6611512 2015-03-18] (Spotify Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {cff3b6be-cbaa-11e4-a191-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {fa87911e-63d2-11e1-80d5-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\GPhotos.scr [4558848 2014-01-06] (Google Inc.)
HKU\S-1-5-18\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\New User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs-x32: c:/progra~3/{df443~1/192~1.1/dimo.dll => "c:\progra~3\{df443~1\192~1.1\dimo.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: dfboottime \??\C:\windows\System32\dfboottime.cfgautocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....oshiba.com&OSP=
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://taplika.com/?...r=388742277&ir=
SearchScopes: HKLM -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserv...s={searchTerms}
SearchScopes: HKU\.DEFAULT -> {D907D19D-6A81-4774-9AFF-C790B0C5C570} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/r...r=388742277&ir=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/r...r=388742277&ir=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0A525978-B1E2-4998-AE7B-D143EDA5177E} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {5DA706DD-FEC7-485C-836E-0F757801EEB0} URL = http://www.google.co...1I7TSNP_enUS492
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {A48F0BD4-00E1-4568-BFBC-3C85687C2088} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Mountain Bike 1.0.0.7 -> {a8b71ba7-8a3a-46b8-b803-b4244d1ea31f} -> C:\Program Files (x86)\Mountain Bike\MountainBikebho.dll [2015-03-21] (Mountain Bike)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\New User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @sun.com/npsopluginmi;version=1.0 -> C:\Program Files (x86)\OpenOffice.org 3\program No File
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/O1DPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=3 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=9 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\New User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-02-12] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: facebook.com/fbDesktopPlugin -> C:\Users\New User\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://daycalc.appspot.com/09/22/2012", "hxxp://www.gmail.com/", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_35.0.1916.153&apn_uid=72F953BF-113E-46A7-84EE-733BF68F1F49&itbv=12.15.1.20&doi=2014-07-27&psv=&pt=tb", "hxxp://google.com/", "hxxp://www.trovi.com/?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=MA9B1F09D-C72D-4F69-8012-C4E1F6AEF924&SearchSource=55&CUI=&UM=8&UP=SP4ECA6549-E0F1-480A-BD08-30C8C7BC627B&D=031615&SSPV="
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-10]
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Mountain Bike) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdkofefjkjpnolljmpfdcjempgdldfpe [2015-03-16]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (Skype Click to Call) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-07]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Unfriend Notify for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-03-21]
CHR Extension: (Dislike button for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anjnlnfmhgbmfdemkbknebhfjfahhfki [2015-03-21]
CHR Extension: (Google Drive) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Slinky Elegant) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2015-03-20]
CHR Extension: (Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-03-20]
CHR Extension: (Advanced Font Settings) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2014-09-29]
CHR Extension: (Adblock Plus) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-15]
CHR Extension: (Spotify - Music for every moment) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-03-21]
CHR Extension: (Surveillance Cam Professional( Security Cam)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpcnbefekficgbfoibedacpkahdfijoe [2015-03-15]
CHR Extension: (Gmail™ Notifier) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2015-03-20]
CHR Extension: (Polarr Photo Editor 2.0b) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2015-03-21]
CHR Extension: (Facebook Unseen) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmdhkalcecemojegheiohcghkamlipof [2015-03-21]
CHR Extension: (Name) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjjniaenghhbffhplhdcipdgidbajdp [2015-03-20]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjnpabklnaaifclgealaepelncljadk [2015-03-21]
CHR Extension: (Facebook for Chrome) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-03-21]
CHR Extension: (PDFescape Free PDF Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdefoklganepljiopdnglodohlgfikkl [2014-10-03]
CHR Extension: (Camera) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2015-03-15]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (Photon - Facebook Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihhdcjefkafghalpbdjebmfnjbgfgkpo [2015-03-21]
CHR Extension: (PDFescape) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioombffmiompnnfbajkmmghjaleclnjo [2014-10-03]
CHR Extension: (Facebook Platinum) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfodbocncpdocjdknjadipkgbbagld [2015-03-21]
CHR Extension: (Google Voice (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2015-03-15]
CHR Extension: (PictureMate - View hidden pictures) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-03-21]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-03-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Photo Hack for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfolibbobnddfcjbjnfiikjgdefiejpl [2015-03-21]
CHR Extension: (Facebook Album & Photo Manager) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg [2015-03-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-17]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2015-03-20]
CHR Extension: (Enhancements for Gmail) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn [2015-03-20]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Video Chat FlirtyMania) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiaahapngnjijjgplpikimpaepddnfae [2015-03-15]
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NEWUSE~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-03-17]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [edjionickmdagfblofjmidnkiljiflah] - C:\ProgramData\Coolyou\edjionickmdagfblofjmidnkiljiflah.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 70F4EEDB-1367-4b4f-8247-3133551A7415; C:\Program Files\shopperz\grunt.exe [282488 2015-03-11] ()
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-08-06] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 cehufofi; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp [103424 2015-03-02] () [File not signed]
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [1446264 2015-03-11] ()
R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [73728 2014-12-11] () [File not signed] <==== ATTENTION
R2 HPSLPSVC; C:\Users\New User\AppData\Local\Temp\7zS3B22\hpslpsvc64.dll [1039360 2013-02-05] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pastaleadsupd; C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaleadss.exe [1082880 2015-02-16] (PastaLeads) [File not signed]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 rcores; C:\windows\rcore.exe [4686848 2015-02-02] () [File not signed]
R2 shopperz Updater; C:\Program Files\shopperz\nseven.exe [170360 2015-03-11] ()
R2 UpWork; C:\ProgramData\Online\updater.exe [404480 2015-03-02] () [File not signed]
S2 Util Mountain Bike; C:\Program Files (x86)\Mountain Bike\bin\utilMountainBike.exe [402680 2015-03-21] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 windowsmanagementservice; C:\Users\New User\AppData\Local\Temp\20150316\ct.exe [725504 2015-01-20] () [File not signed]
R2 pizegyhy; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs [X]
S2 Update Mountain Bike; "C:\Program Files (x86)\Mountain Bike\updateMountainBike.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [60376 2015-01-06] (Cherimoya Ltd)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [3888 2000-02-23] (Sony Corporation) [File not signed]
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-04] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 PastaLUpdd; C:\Program Files\Common Files\PastaLeads\PastaLeads Client\pastaldrw.sys [61872 2015-02-16] ()
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R1 {21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64; C:\Windows\System32\drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys [48784 2015-03-16] (StdLib)
S3 androidusb; System32\Drivers\androidusb.sys [X]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [X]
S1 itnfd_1_10_0_9; system32\drivers\itnfd_1_10_0_9.sys [X]
S3 massfilter_hs; \??\C:\windows\system32\drivers\massfilter_hs.sys [X]
S3 zghsdiag; system32\DRIVERS\zghsdiag.sys [X]
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]
S3 zghsnmea; system32\DRIVERS\zghsnmea.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-21 19:31 - 2015-03-21 19:32 - 00043753 _____ () C:\Users\New User\Desktop\FRST.txt
2015-03-21 19:28 - 2015-03-16 20:59 - 01388672 _____ (Thisisu) C:\Users\New User\Desktop\JRT_NEW.exe
2015-03-21 18:08 - 2015-03-21 18:08 - 00004322 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313435303130393739352d3455416c555a2a5723416c34
2015-03-21 18:08 - 2015-03-21 18:08 - 00003626 _____ () C:\windows\System32\Tasks\gtaUpt
2015-03-21 18:08 - 2015-03-21 18:08 - 00001168 _____ () C:\Users\Public\Desktop\Reg Pro Cleaner.lnk
2015-03-21 18:08 - 2015-03-21 18:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Pro Cleaner
2015-03-21 18:08 - 2015-03-21 18:08 - 00000000 ____D () C:\Program Files (x86)\Reg Pro Cleaner
2015-03-21 18:08 - 2015-01-06 12:38 - 00060376 _____ (Cherimoya Ltd) C:\windows\system32\Drivers\cherimoya.sys
2015-03-19 18:23 - 2015-03-19 18:23 - 00000000 ____D () C:\Users\New User\Documents\Microsoft Hardware
2015-03-17 19:32 - 2015-03-19 20:42 - 00000000 ___RD () C:\Users\New User\Google Drive
2015-03-17 10:38 - 2015-03-21 17:46 - 00000570 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-03-17 06:16 - 2015-03-17 06:16 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-03-17 06:15 - 2015-03-17 17:54 - 00015490 _____ () C:\windows\PFRO.log
2015-03-17 06:06 - 2015-03-19 20:57 - 00000000 ____D () C:\ProgramData\2f46f07000001bbd
2015-03-16 09:34 - 2015-03-21 19:31 - 00000000 ____D () C:\FRST
2015-03-16 09:32 - 2015-03-16 09:33 - 02095616 _____ (Farbar) C:\Users\New User\Desktop\FRST64.exe
2015-03-16 00:12 - 2015-03-16 02:24 - 00048784 _____ (StdLib) C:\windows\system32\Drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys
2015-03-16 00:10 - 2015-03-21 18:13 - 00000000 ____D () C:\Program Files (x86)\Mountain Bike
2015-03-15 23:52 - 2015-03-15 23:52 - 00531016 _____ () C:\Users\New User\Downloads\Grindr.exe
2015-03-15 11:36 - 2015-03-15 11:37 - 01283393 _____ () C:\Users\New User\Downloads\kik_it.zip
2015-03-13 17:38 - 2015-03-13 17:38 - 00000000 _____ () C:\windows\SysWOW64\shoAC1A.tmp
2015-03-12 17:06 - 2015-03-12 17:06 - 00000000 ____D () C:\Users\New User\Tracing
2015-03-09 20:28 - 2015-03-19 20:39 - 00007710 _____ () C:\windows\setupact.log
2015-03-09 20:28 - 2015-03-09 20:28 - 00000000 _____ () C:\windows\setuperr.log
2015-03-09 04:32 - 2015-03-09 04:35 - 24677480 _____ () C:\Users\New User\Downloads\758376.flv
2015-03-09 04:28 - 2015-03-09 04:31 - 33452387 _____ () C:\Users\New User\Downloads\635245.flv
2015-03-09 04:25 - 2015-03-09 04:29 - 54173866 _____ () C:\Users\New User\Downloads\304429.flv
2015-03-09 04:11 - 2015-03-09 04:11 - 00000000 ____D () C:\Users\New User\AppData\Local\BreakingNewsAlert
2015-03-03 07:12 - 2015-03-03 07:14 - 05325696 _____ (Piriform Ltd) C:\Users\New User\Downloads\ccsetup503.exe
2015-03-03 06:11 - 2015-03-15 20:07 - 00000000 ____D () C:\Users\New User\Documents\Zoom
2015-03-03 05:55 - 2015-03-03 05:55 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 23:41 - 2015-03-02 23:41 - 00000000 _____ () C:\windows\SysWOW64\shoC90C.tmp
2015-03-02 21:04 - 2015-03-02 21:05 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2015-03-02 18:42 - 2015-03-02 18:42 - 00000000 _____ () C:\windows\SysWOW64\shoBDD5.tmp
2015-03-02 18:12 - 2015-03-08 06:12 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-02 17:40 - 2015-03-03 06:25 - 00000000 ____D () C:\Program Files (x86)\Tuneup computer
2015-03-02 17:40 - 2015-03-02 17:40 - 00003696 _____ () C:\windows\System32\Tasks\boosterpop
2015-03-02 17:40 - 2015-03-02 17:40 - 00003694 _____ () C:\windows\System32\Tasks\IEError
2015-03-02 17:40 - 2015-03-02 17:40 - 00003510 _____ () C:\windows\System32\Tasks\AI_Updater
2015-03-02 17:39 - 2015-03-02 17:39 - 00000000 ____D () C:\Users\New User\AppData\Local\PCTuner
2015-03-02 17:28 - 2015-03-02 17:28 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 00000000 __SHD () C:\Users\New User\AppData\Roaming\AnyProtectEx
2015-03-02 17:17 - 2015-03-02 17:17 - 00000000 ____D () C:\BreakingNewsAlert
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\SysWOW64\BasementDusterOff.ini
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\system32\BasementDusterOff.ini
2015-03-02 17:13 - 2015-02-24 03:51 - 00318808 _____ (OM Inc.) C:\windows\SysWOW64\BDL.dll
2015-03-02 17:09 - 2015-03-09 04:07 - 00000000 ____D () C:\Users\New User\AppData\Local\SmartWeb
2015-03-02 17:09 - 2015-03-02 17:09 - 00004052 _____ () C:\windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-03-02 17:09 - 2015-03-02 17:09 - 00003664 _____ () C:\windows\System32\Tasks\IE_ERR4WDR
2015-03-02 17:09 - 2015-03-02 17:09 - 00003640 _____ () C:\windows\System32\Tasks\HDNINSTSCHD
2015-03-02 17:09 - 2015-03-02 17:09 - 00003506 _____ () C:\windows\System32\Tasks\UPDTEXE4_WDR
2015-03-02 17:08 - 2015-03-03 06:39 - 00000000 ____D () C:\Program Files (x86)\Portable WeatherApp
2015-03-02 16:31 - 2015-03-02 16:31 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425313884-11E1-93C8-047D7B6646C7
2015-03-02 16:12 - 2015-03-02 16:12 - 00003190 _____ () C:\windows\System32\Tasks\DoctorPC_Start
2015-03-02 16:11 - 2015-03-02 16:11 - 00000000 ____D () C:\Users\New User\AppData\Local\Doctor_PC
2015-03-02 16:10 - 2015-03-02 23:50 - 00000000 ____D () C:\Users\New User\Documents\DoctorPC
2015-03-02 16:06 - 2015-03-20 05:08 - 00000000 ____D () C:\Users\New User\AppData\Local\Deployment
2015-03-02 16:05 - 2015-03-15 14:11 - 00000000 ____D () C:\Users\New User\AppData\Roaming\et
2015-03-02 16:05 - 2015-03-02 16:05 - 00000000 ____D () C:\ProgramData\uc
2015-03-02 16:04 - 2015-03-10 18:45 - 00000000 ____D () C:\ProgramData\a5srv5task
2015-03-02 15:55 - 2015-03-09 04:11 - 00000000 ____D () C:\ProgramData\CFvZAfrKU
2015-03-02 15:53 - 2015-03-02 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 15:17 - 2015-03-02 15:17 - 00274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 00161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-02 15:02 - 2015-03-02 15:03 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7
2015-03-02 15:01 - 2015-03-10 18:46 - 00000000 ____D () C:\ProgramData\d3fdac2f0000255e
2015-03-02 14:36 - 2015-03-21 17:17 - 00000980 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-02 14:36 - 2015-03-21 17:17 - 00000976 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-02 14:36 - 2015-03-02 17:12 - 00003978 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-02 14:36 - 2015-03-02 17:12 - 00003724 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-02 14:32 - 2015-03-21 18:08 - 00000045 _____ () C:\user.js
2015-03-02 14:32 - 2015-03-21 18:08 - 00000000 ____D () C:\Program Files\shopperz
2015-03-02 14:32 - 2015-03-02 15:17 - 00002017 _____ () C:\windows\patsearch.bin
2015-03-02 14:32 - 2015-03-02 14:32 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-03-02 14:30 - 2015-03-02 14:56 - 00000000 ____D () C:\Users\New User\AppData\Local\gmsd_us_265
2015-03-02 14:30 - 2015-03-02 14:30 - 00003782 _____ () C:\windows\System32\Tasks\PostPoneInstall
2015-03-02 14:30 - 2015-03-02 14:30 - 00003170 _____ () C:\windows\System32\Tasks\Run_Bobby_Browser
2015-03-02 14:29 - 2015-03-09 11:13 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-02 14:28 - 2015-03-02 14:28 - 00000000 ____D () C:\Users\New User\AppData\Local\Bluestacks
2015-03-02 14:27 - 2015-03-19 20:43 - 00000000 ____D () C:\Program Files (x86)\msrtn32
2015-03-02 14:26 - 2015-03-21 18:08 - 00000000 ____D () C:\Program Files (x86)\GU Player
2015-03-02 14:26 - 2015-03-15 23:57 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{9c4d2de5-1c79-57c2-9c4d-d2de51c7b794}
2015-03-02 14:26 - 2015-03-02 14:48 - 00000000 ____D () C:\Program Files (x86)\Regprocleaner
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Users\New User\AppData\Local\Bypass
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\u2c
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\dataup
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\data_up
2015-03-02 14:25 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\Online
2015-03-02 09:58 - 2015-03-02 09:58 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-02 09:58 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\Program Files\iTunes
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files\iPod
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-02 09:50 - 2015-03-02 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-28 16:12 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Dept of Human Services
2015-02-28 15:56 - 2015-02-28 15:58 - 00000000 ____D () C:\Users\New User\Documents\Employment
2015-02-28 15:54 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Recovery
2015-02-28 09:53 - 2015-03-20 14:53 - 00000000 ____D () C:\Users\New User\AppData\Local\Spotify
2015-02-28 09:53 - 2015-02-28 09:53 - 00001779 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-28 09:52 - 2015-03-20 17:51 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Spotify
2015-02-28 03:17 - 2015-02-28 03:17 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Windows
2015-02-21 16:22 - 2015-02-28 16:21 - 00000000 ____D () C:\Users\New User\Documents\Correspondence
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-21 19:25 - 2012-03-01 09:39 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 19:14 - 2015-02-17 23:09 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-03-21 19:10 - 2012-07-10 11:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-21 18:14 - 2013-04-09 12:46 - 00000000 ___RD () C:\Users\New User\Dropbox
2015-03-21 18:05 - 2013-01-11 20:49 - 00000000 ____D () C:\Program Files (x86)\Ant.com
2015-03-21 17:47 - 2012-03-01 09:10 - 01837615 _____ () C:\windows\WindowsUpdate.log
2015-03-21 17:38 - 2013-06-18 08:28 - 00000000 ____D () C:\Users\New User\AppData\Roaming\vlc
2015-03-21 17:38 - 2013-04-07 15:13 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Skype
2015-03-21 17:23 - 2012-08-07 21:10 - 00000940 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-03-21 14:23 - 2012-08-07 21:10 - 00000918 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-21 04:35 - 2014-07-27 18:58 - 00000418 _____ () C:\windows\Tasks\Defraggler Volume C Task.job
2015-03-20 23:25 - 2012-03-01 09:39 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-20 23:14 - 2012-08-13 11:27 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-20 11:48 - 2014-11-26 15:37 - 00166912 ___SH () C:\Users\New User\Downloads\Thumbs.db
2015-03-20 05:45 - 2009-07-13 19:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-19 20:48 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:48 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-19 20:42 - 2012-11-20 07:46 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Dropbox
2015-03-19 20:40 - 2014-09-20 03:27 - 00000000 ___RD () C:\Users\New User\iCloudDrive
2015-03-19 20:39 - 2009-07-13 19:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-19 20:38 - 2013-09-16 18:49 - 05518566 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-19 18:33 - 2014-09-15 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 17:50 - 2009-07-13 17:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-17 18:19 - 2013-03-30 01:12 - 00000000 ____D () C:\windows\pss
2015-03-17 04:59 - 2009-07-13 16:34 - 00000505 _____ () C:\windows\win.ini
2015-03-17 01:58 - 2014-09-11 20:46 - 00003584 _____ () C:\Users\New User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-17 01:25 - 2014-03-10 00:21 - 00000000 ____D () C:\Users\New User\AppData\Local\Windows Live
2015-03-15 08:54 - 2013-04-11 23:14 - 00000000 ____D () C:\Users\New User\AppData\Local\Apple
2015-03-12 17:06 - 2012-08-04 01:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-12 17:05 - 2012-08-04 01:59 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 10:07 - 2013-04-07 15:12 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-12 10:04 - 2011-11-02 20:33 - 00000000 ___HD () C:\Users\Public\TEMP
2015-03-10 18:46 - 2012-09-22 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-09 11:00 - 2012-07-20 21:17 - 00000000 ____D () C:\ProgramData\Conexant
2015-03-09 04:15 - 2014-09-29 09:54 - 00002094 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud Print.lnk
2015-03-09 04:15 - 2013-04-07 15:12 - 00002375 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 04:12 - 2014-09-24 21:21 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-09 04:09 - 2011-11-02 20:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-03 07:15 - 2012-07-10 11:35 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-03 07:14 - 2012-07-10 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-03 03:17 - 2010-11-20 17:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-03-02 21:05 - 2014-07-26 20:32 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Zoom
2015-03-02 16:06 - 2014-10-25 23:50 - 00000000 ____D () C:\Users\New User\AppData\Local\Apps\2.0
2015-03-02 15:17 - 2014-06-19 15:14 - 00000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2015-03-02 09:56 - 2013-04-11 23:13 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-28 16:19 - 2014-10-03 15:43 - 00000000 ____D () C:\Users\New User\Documents\George Nakamoto
2015-02-28 16:02 - 2013-09-11 12:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-28 15:48 - 2014-01-27 07:05 - 00000000 ____D () C:\Users\New User\Documents\9 Essays Notes
2015-02-27 19:11 - 2012-07-10 11:24 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-27 19:11 - 2012-07-10 11:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-27 19:11 - 2011-11-02 20:12 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-27 18:31 - 2014-08-27 12:15 - 00000000 ____D () C:\Users\New User\AppData\Local\Adobe
2015-02-21 16:17 - 2013-07-06 21:00 - 00000000 ____D () C:\Users\New User\Documents\Other
 
==================== Files in the root of some directories =======
 
2013-01-05 14:36 - 2013-01-05 14:35 - 0003584 _____ () C:\Program Files\1033.MST
2013-01-05 14:36 - 2013-01-05 14:35 - 32268288 _____ () C:\Program Files\MOTOROLA MEDIA LINK.msi
2014-06-19 15:14 - 2015-03-02 15:17 - 0000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2014-09-11 20:46 - 2015-03-17 01:58 - 0003584 _____ () C:\Users\New User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 15:17 - 2015-03-02 15:17 - 0274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 0161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-03 05:55 - 2015-03-03 05:55 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2013-04-07 14:41 - 2014-09-29 10:46 - 0007604 _____ () C:\Users\New User\AppData\Local\Resmon.ResmonCfg
2013-09-04 10:54 - 2013-09-04 10:54 - 0000000 _____ () C:\ProgramData\222c213d3c333429442337_c
2012-11-30 07:47 - 2012-11-30 07:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-07 08:49 - 2012-08-07 08:49 - 4608000 _____ () C:\ProgramData\ReadOnlyInstaller.msi
 
Some content of TEMP:
====================
C:\Users\New User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1rf6yk.dll
C:\Users\New User\AppData\Local\Temp\optsetup.exe
C:\Users\New User\AppData\Local\Temp\radB33F5.tmp.exe
C:\Users\New User\AppData\Local\Temp\sdf210A.exe
C:\Users\New User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\New User\AppData\Local\Temp\sprz.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-05 00:44
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by New User at 2015-03-21 19:35:40
Running from C:\Users\New User\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.179.0 - Microsoft Corporation)
BIOS R0121K5 Update Utility For Windows  XP (HKLM-x32\...\{0B880892-A2A4-4465-8CF4-6A4C081ED738}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.39.50 - Conexant)
Connectivity Fixer (HKLM-x32\...\{53ED0F0C-13C7-4154-9CE8-B0E5FEAB2367}) (Version: 1.1.0 - Badosoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.4 - PC Drivers Headquarters, LP)
Dropbox (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 5.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.2 - FastStone Soft)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hawaiian Unicode (HKLM\...\{9BB9ACB5-5731-4445-A476-1571FA22A3D2}) (Version: 1.0.3.40 - Hale Kuamoo)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 6.0.12230.783 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{A2E836B3-59A6-486B-82DC-1EA3878BCDEA}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}) (Version: 1.0.16.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Latency Optimizer FREE VERSION (HKLM-x32\...\{2A9767A4-577D-4806-A121-7F0010F6BC60}) (Version: 3.1.20 - Badosoft)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Mountain Bike (HKLM\...\Mountain Bike) (Version: 2015.03.22.004828 - Mountain Bike) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MusicManager) (Version:  - Google, Inc.)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PastaLeads (HKLM-x32\...\PastaLeads Client) (Version: 1.0.0.26 - PastaLeads)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.7600 - DTS, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QWRS 3.1.0 (HKLM-x32\...\QWRS_is1) (Version: 3.1.0 - State of Hawaii, Department of Labor and Industrial Relations, Unemployment Insurance)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Reg Pro Cleaner version 2.0 (HKLM-x32\...\{6406DF9F-E9C8-4C2E-AB48-80352BDF5099}_is1) (Version: 2.0 - Regprocleaner)
shopperz 2.0.0.457 (HKLM\...\{5081D2D4-1637-404c-B74F-50526718257D}_is1) (Version: 2.0.0.457 - shopperz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Speedtest4free (HKLM-x32\...\{E5E6D2B9-D991-4B2A-8294-974181531DCB}) (Version: 1.0.0 - Badosoft)
Spotify (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zoom (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 16:34 - 2015-03-03 06:44 - 00000853 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09EF5443-B72A-42C6-9E7C-BB6DBD58CB6E} - System32\Tasks\{0094CBC2-0CDB-4A3A-9B11-013577E07B63} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {0D76CF1F-6088-4F54-8BBA-6B5F15123A08} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {120E8F47-6EA1-42F2-B0FC-E7279BD0A352} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\New User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {1561AEF0-B84C-4392-A72D-71C923783DDD} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe
Task: {1683D07D-8741-4C81-973D-49B5E1CCDD98} - System32\Tasks\{3458AABF-901C-4040-ABD1-E7DEC89D6FE8} => pcalua.exe -a "C:\Users\New User\Downloads\MML_Installer-v1.5.1915.0.exe" -d "C:\Users\New User\Downloads"
Task: {2BE258F6-9E23-4361-9B14-CA6650E352DC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {3A626E56-2169-4625-BB78-28A6F7A1687A} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe
Task: {443A42DE-D250-4E11-8537-F42EF6835058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {475C3524-9503-4F2E-8C01-9E312EA142A2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4A08DA9A-F9BD-43B6-9B5F-2518B1871680} - System32\Tasks\{F3266061-33DE-4FD6-93EF-6590BC6A7334} => pcalua.exe -a "C:\Users\New User\Downloads\reflash_package.exe" -d "C:\Users\New User\Downloads"
Task: {52BBC3D8-6417-4D04-BA1D-89EBDACF245E} - System32\Tasks\boosterpop => C:\Program Files (x86)\Tuneup computer\Probsalert.exe
Task: {54F10FFC-98C8-45A4-92A6-26FB8C024436} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {5978764C-9848-4243-BE7F-F426014126A3} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313435303130393739352d3455416c555a2a5723416c34 => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0
Task: {6699EB5D-EAB0-496D-9EF4-6E4D7C10A2E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {68BF36F5-36FB-476A-909D-78EB66ACB3BD} - System32\Tasks\{2E32A290-388A-42A3-968E-58CBBA498FAB} => pcalua.exe -a "C:\Users\New User\Downloads\chromeinstall-8u31 (1).exe" -d "C:\Users\New User\Downloads"
Task: {69B4898D-ACC6-4081-8068-CEF48AA1CD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {6A949BFC-BD5E-46C5-9860-C18E1EC6EDED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {715C3153-490E-432B-B639-4D642350E43A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {79B8DB62-0EE0-467F-B4C7-FD1A2CBB9E26} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {7AEC204D-4081-46BF-8FC3-6A3B6BABE9E7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {7F941C9A-E1D7-4C5B-A29D-3BF8D80A2BE3} - System32\Tasks\{660776D4-F64B-4F88-B0D8-F8228795443E} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {8629C88E-B5DC-4AFD-9EC2-045D149CB96C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {87433B36-CFB1-4A7F-9319-E643D8F27125} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {8A3C300F-F9E5-4BCD-96C3-BAAC7149C888} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {92E3745A-8505-4C6A-BB9D-01A1B7BBFA2D} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe
Task: {93BD32F0-BC63-4450-B766-057FA6B3E05F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {94897E48-6CB2-4B82-8482-208BB309C947} - System32\Tasks\PostPoneInstall => C:\Users\NEWUSE~1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {9523D5B9-ABA8-48E0-B692-132A8CF10D46} - System32\Tasks\{B5900387-2532-4B07-B355-EA4C68AE2418} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {A586667C-42CD-4380-B72C-0762F7B69461} - System32\Tasks\{1C07B500-30B6-4F1E-8DBB-EE4100379985} => C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {AC3B2EBB-67FD-445F-98C7-A5652B142BD6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {AE1A73FF-2D15-4FAE-A929-596711B3A0AE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B3DFADE0-6D34-4473-99BA-743441195E6D} - System32\Tasks\Run_Bobby_Browser => C:\Users\New User\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {B732D8B6-6014-436E-A756-EE5A858EF304} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe
Task: {BA443592-EC97-4B7A-B0AA-B0697B601C1A} - System32\Tasks\{6666D30D-CE2C-4C24-ABFD-98E74DAC257D} => pcalua.exe -a "C:\Users\New User\Downloads\PD9812000_Ace_Gingerbread_S_hboot_0.85.0024.exe" -d "C:\Users\New User\Downloads"
Task: {BE2B11A8-25A1-4FB2-BA1A-ABFBC9D67CCF} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {C0921BE9-A5D4-41FF-AB7F-80E63CC2CF6D} - System32\Tasks\{B16438F9-6240-4B60-BE4F-67DF6D31E7DD} => pcalua.exe -a "C:\Users\New User\AppData\Roaming\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {C317D6B8-4F72-4539-B6E9-AFFE96127668} - System32\Tasks\{94363BB8-9C1E-4165-A48D-6DD0C8FD3AEB} => pcalua.exe -a "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers"
Task: {CD6C0667-1205-46E3-B3B1-DDAD3B9B6545} - System32\Tasks\HDNINSTSCHD => C:\windows\PCBHDNW\hdnInstaller.exe
Task: {D5334025-975D-415C-ACE0-4B5266F24207} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {DA8E2620-5154-4BB3-8A67-513CB3AE5722} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {E1DEA0D2-524A-4DA1-9508-2063AFDFBEF8} - System32\Tasks\{5C6FFFA1-D803-4F18-AE74-C44A23E7827E} => pcalua.exe -a "C:\Users\New User\Desktop\RUU_TOTEMC2_UL_JB_45_S_Cingular_US_2.21.502.1_Radio_1.18.40.00.07_10.68.40.33I_release_323768_signed.exe" -d "C:\Users\New User\Desktop"
Task: {E41C9E4D-9183-4774-AF63-E68F96CB8586} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E49B6A6E-9C2A-4463-9C69-A2B50919E7E0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27] (Adobe Systems Incorporated)
Task: {E8174CD9-60C3-4A17-900B-5669842A5BF3} - System32\Tasks\gtaUpt => C:\Program Files\shopperz\zaeed.bat [2015-03-11] ()
Task: {EC3C66FD-2B36-44D3-AEB1-ED6D9CAEE437} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F80CFB63-475F-4D94-8542-594DDAFA6D6D} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe
Task: {FC7642EF-F5BC-4BE9-B733-22ECCEEFA7D3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2011-10-24] (TOSHIBA CORPORATION)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 15:03 - 2015-03-02 15:03 - 00103424 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
2015-03-02 14:26 - 2014-12-11 10:55 - 00073728 _____ () C:\Program Files (x86)\dataup\dataup.exe
2015-03-02 15:03 - 2015-03-02 15:03 - 00108032 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 14:25 - 2015-03-02 14:26 - 00404480 _____ () C:\ProgramData\Online\updater.exe
2015-03-02 14:32 - 2015-02-15 17:02 - 00294264 _____ () C:\Program Files\shopperz\krios64.dll
2011-08-31 10:13 - 2011-08-31 10:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-20 16:53 - 2015-01-20 16:53 - 00725504 _____ () C:\Users\New User\AppData\Local\Temp\20150316\ct.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 02157056 _____ () C:\Program Files (x86)\msrtn32\msrtn32.exe
2015-03-02 16:04 - 2015-03-02 16:05 - 00360448 _____ () C:\ProgramData\a5srv5task\mcsvc.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00282488 _____ () C:\Program Files\shopperz\grunt.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00430456 _____ () C:\Program Files\shopperz\wrex.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00461176 _____ () C:\Program Files\shopperz\wrex64.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00621432 _____ () C:\Program Files\shopperz\tsoni64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00273784 _____ () C:\Program Files\shopperz\liara64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00333688 _____ () C:\Program Files\shopperz\kasumi64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00170360 _____ () C:\Program Files\shopperz\nseven.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 01446264 _____ () C:\Program Files\shopperz\csrcc.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00075776 _____ () C:\Program Files (x86)\msrtn32\cdhtr.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00529920 _____ () C:\Program Files (x86)\msrtn32\rthdcpd.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 14:32 - 2015-02-15 17:02 - 00288120 _____ () C:\Program Files\shopperz\krios.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00098816 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32api.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00110080 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pywintypes27.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00364544 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pythoncom27.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00045568 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_socket.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01161216 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_ssl.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00320512 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32com.shell.shell.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00713216 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_hashlib.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01175040 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._core_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00805888 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._gdi_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00811008 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._windows_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01062400 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._controls_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00735232 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._misc_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00682496 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pysqlite2._sqlite.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00128512 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_elementtree.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00127488 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pyexpat.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00087552 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_ctypes.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00119808 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32file.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00108544 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32security.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00007168 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\hashobjs_ext.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00167936 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32gui.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00018432 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32event.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00038912 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32inet.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00011264 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32crypt.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00070656 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._html2.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00027136 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_multiprocessing.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00020480 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_yappi.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00035840 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32process.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00686080 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\unicodedata.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00122368 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._wizard.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00024064 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32pipe.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00010240 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\select.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00025600 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32pdh.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00525640 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\windows._lib_cacheinvalidation.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00017408 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32profile.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00022528 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32ts.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00078336 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._animate.pyd
2015-03-02 14:27 - 2015-03-02 14:27 - 02299904 _____ () C:\Program Files (x86)\msrtn32\QxOrm.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00243200 _____ () C:\Program Files (x86)\msrtn32\boost_serialization-vc100-mt-1_54.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00879104 _____ () C:\Program Files (x86)\msrtn32\platforms\qwindows.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00635392 _____ () C:\Program Files (x86)\msrtn32\sqldrivers\qsqlite.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00611192 _____ () C:\Program Files\shopperz\tsoni.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00238968 _____ () C:\Program Files\shopperz\liara.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00309112 _____ () C:\Program Files\shopperz\kasumi32.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00032256 _____ () C:\Program Files (x86)\msrtn32\imageformats\qdds.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qgif.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00027648 _____ () C:\Program Files (x86)\msrtn32\imageformats\qicns.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qico.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00381952 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjp2.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00204800 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjpeg.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00218112 _____ () C:\Program Files (x86)\msrtn32\imageformats\qmng.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00015360 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtga.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00307712 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtiff.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00014848 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwbmp.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00252928 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwebp.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\New User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.25.227.55 - 209.18.47.61
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OptimizerProInstaller.lnk => C:\windows\pss\OptimizerProInstaller.lnk.Startup
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE" -b
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: googletalk => C:\Users\New User\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1355722718\ee\AOLSoftware.exe
MSCONFIG\startupreg: HP Officejet 6500 E710n-z (NET) => "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN0CL114C205JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MusicManager => "C:\Users\New User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: SearchProtect => C:\Users\New User\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: SRS Premium Sound HD => "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: Zoom => 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3917243199-554470053-2731875590-500 - Administrator - Disabled)
Guest (S-1-5-21-3917243199-554470053-2731875590-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3917243199-554470053-2731875590-1013 - Limited - Enabled)
New User (S-1-5-21-3917243199-554470053-2731875590-1000 - Administrator - Enabled) => C:\Users\New User
 
==================== Faulty Device Manager Devices =============
 
Name: itnfd_1_10_0_9
Description: itnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: itnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/21/2015 07:24:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 11.3.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 173b8
 
Start Time: 01d064564a34dc76
 
Termination Time: 0
 
Application Path: C:\Users\New User\Desktop\FRST64.exe
 
Report Id:
 
Error: (03/21/2015 06:09:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Regprocleaner.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 16988
 
Start Time: 01d06455d8f87073
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe
 
Report Id: 36ed6400-d049-11e4-9675-00038a000015
 
Error: (03/21/2015 00:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
System errors:
=============
Error: (03/21/2015 05:45:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 05:39:21 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 05:31:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:49:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:49:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:09:54 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:00:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:50:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:50:24 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:45:31 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
Error: (03/21/2015 07:24:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe11.3.2015.0173b801d064564a34dc760C:\Users\New User\Desktop\FRST64.exe
 
Error: (03/21/2015 06:09:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Regprocleaner.exe1.0.0.01698801d06455d8f870730C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe36ed6400-d049-11e4-9675-00038a000015
 
Error: (03/21/2015 00:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-21 15:13:45.372
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:13:42.537
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:11:11.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:10:24.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:08:58.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:53.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:53.675
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:34.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:33.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:27.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 4043.86 MB
Available physical RAM: 2364.32 MB
Total Pagefile: 6042.04 MB
Available Pagefile: 3624.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI106320W0D) (Fixed) (Total:449.62 GB) (Free:310.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 7FE1B5BF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=449.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=17)
 
==================== End Of Log ============================

  • 0

#8
Jeris
Posted 22 March 2015 - 03:30 AM

Jeris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts

Hi Bruce1270,

 

The above-mentioned apps magically appeared again, so i had to uninstall them in a different order here is my updated file:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by New User (administrator) on JERISAMA-PC on 21-03-2015 23:20:02
Running from C:\Users\New User\Desktop
Loaded Profiles: New User (Available profiles: New User)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\dataup\dataup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
() C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
() C:\Windows\rcore.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
() C:\ProgramData\Online\updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Badosoft) C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\Spotify.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Dropbox, Inc.) C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Super PC Tools Ltd) C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}\SuperOptimizerInstaller.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\New User\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [gmsd_us_265] => [X]
HKLM-x32\...\Run: [gmsd_us_275] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Google Update] => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-13] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [3EEACF25A3A34117C559996B7D8760AD66AA92BB._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [809288 2015-03-14] (Google Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Spotify Web Helper] => C:\Users\New User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-18] (Spotify Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Zoom] => [X]
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2548072 2011-12-18] (Hewlett-Packard Co.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [26232152 2015-02-19] (Google)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Facebook Update] => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-08] (Facebook Inc.)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Connectivity Fixer] => C:\Program Files (x86)\Badosoft\Connectivity Fixer\Connectivity Fixer.exe [2100896 2013-10-07] (Badosoft)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Run: [Spotify] => C:\Users\New User\AppData\Roaming\Spotify\Spotify.exe [6611512 2015-03-18] (Spotify Ltd)
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {cff3b6be-cbaa-11e4-a191-00038a000015} - E:\AutoRun.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MountPoints2: {fa87911e-63d2-11e1-80d5-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\GPhotos.scr [4558848 2014-01-06] (Google Inc.)
HKU\S-1-5-18\...\Run: [BackgroundContainer] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\New User\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
AppInit_DLLs-x32: c:/progra~3/{df443~1/192~1.1/dimo.dll => "c:\progra~3\{df443~1\192~1.1\dimo.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SuperOptimizerInstaller.lnk
ShortcutTarget: SuperOptimizerInstaller.lnk -> C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}\SuperOptimizerInstaller.exe (Super PC Tools Ltd)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
BootExecute: dfboottime \??\C:\windows\System32\dfboottime.cfgautocheck autochk * 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.toshiba.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft....oshiba.com&OSP=
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://taplika.com/?...r=388742277&ir=
SearchScopes: HKLM -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {589B893E-773C-4941-88C2-0DCC718E621C} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {206B0E61-D998-4957-917E-912C2DF3B633} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> {47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF} URL = http://www.basicserv...s={searchTerms}
SearchScopes: HKU\.DEFAULT -> {D907D19D-6A81-4774-9AFF-C790B0C5C570} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/r...r=388742277&ir=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://taplika.com/r...r=388742277&ir=
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {0A525978-B1E2-4998-AE7B-D143EDA5177E} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {5DA706DD-FEC7-485C-836E-0F757801EEB0} URL = http://www.google.co...1I7TSNP_enUS492
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> {A48F0BD4-00E1-4568-BFBC-3C85687C2088} URL = http://www.bing.com/...rc=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-17] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKLM - No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {7223C9FC-65A6-491F-AAA7-62DBF4641C6D} -  No File
Toolbar: HKU\S-1-5-21-3917243199-554470053-2731875590-1000 -> No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 24.25.227.55 209.18.47.61
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-27] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-17] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\New User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @sun.com/npsopluginmi;version=1.0 -> C:\Program Files (x86)\OpenOffice.org 3\program No File
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @talk.google.com/O1DPlugin -> C:\Users\New User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=3 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @tools.google.com/Google Update;version=9 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\New User\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2015-02-12] (Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-3917243199-554470053-2731875590-1000: facebook.com/fbDesktopPlugin -> C:\Users\New User\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\New User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Social Privacy\FF
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://daycalc.appspot.com/09/22/2012", "hxxp://www.gmail.com/", "hxxp://www.search.ask.com/?tpid=ORJ-SPE&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_35.0.1916.153&apn_uid=72F953BF-113E-46A7-84EE-733BF68F1F49&itbv=12.15.1.20&doi=2014-07-27&psv=&pt=tb", "hxxp://google.com/", "hxxp://www.trovi.com/?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=MA9B1F09D-C72D-4F69-8012-C4E1F6AEF924&SearchSource=55&CUI=&UM=8&UP=SP4ECA6549-E0F1-480A-BD08-30C8C7BC627B&D=031615&SSPV="
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-10]
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (Skype Click to Call) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-04-07]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-27]
CHR Profile: C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Unfriend Notify for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahigpjeolkfgjdaeodlmaceggigbpeoh [2015-03-21]
CHR Extension: (Dislike button for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anjnlnfmhgbmfdemkbknebhfjfahhfki [2015-03-21]
CHR Extension: (Google Drive) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-17]
CHR Extension: (Fotor Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bfbckhhmjfnmedpakkaaflpnmkamdppf [2014-09-20]
CHR Extension: (iCloud) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-09-20]
CHR Extension: (Slinky Elegant) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2015-03-20]
CHR Extension: (Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-03-20]
CHR Extension: (Advanced Font Settings) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2014-09-29]
CHR Extension: (Adblock Plus) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-15]
CHR Extension: (Spotify - Music for every moment) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2015-03-21]
CHR Extension: (Surveillance Cam Professional( Security Cam)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cpcnbefekficgbfoibedacpkahdfijoe [2015-03-15]
CHR Extension: (Gmail™ Notifier) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcjichoefijpinlfnjghokpkojhlhkgl [2015-03-20]
CHR Extension: (Polarr Photo Editor 2.0b) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djonnbgfieijldcieafgjcnhmpcfpmgg [2015-03-21]
CHR Extension: (Facebook Unseen) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dmdhkalcecemojegheiohcghkamlipof [2015-03-21]
CHR Extension: (Name) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejjjniaenghhbffhplhdcipdgidbajdp [2015-03-20]
CHR Extension: (Video Downloader professional) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-09-20]
CHR Extension: (iCloud Bookmarks) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-09-20]
CHR Extension: (PhotoLive - Download Facebook Photos!) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjnpabklnaaifclgealaepelncljadk [2015-03-21]
CHR Extension: (Facebook for Chrome) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2015-03-21]
CHR Extension: (PDFescape Free PDF Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gdefoklganepljiopdnglodohlgfikkl [2014-10-03]
CHR Extension: (Camera) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfhhnacclhffhdffklopdkcgdhifgngh [2015-03-15]
CHR Extension: (PDF Mergy) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgecghmkcdefnknohcimkoemhaofpoha [2014-09-20]
CHR Extension: (Photon - Facebook Photo Editor) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihhdcjefkafghalpbdjebmfnjbgfgkpo [2015-03-21]
CHR Extension: (PDFescape) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioombffmiompnnfbajkmmghjaleclnjo [2014-10-03]
CHR Extension: (Facebook Platinum) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbmfodbocncpdocjdknjadipkgbbagld [2015-03-21]
CHR Extension: (Google Voice (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2015-03-15]
CHR Extension: (PictureMate - View hidden pictures) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\khmlalkcjmglpgdkmkmmgjcajahkoigj [2015-03-21]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\knipolnnllmklapflnccelgolnpehhpl [2015-03-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Photo Hack for Facebook) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lfolibbobnddfcjbjnfiikjgdefiejpl [2015-03-21]
CHR Extension: (Facebook Album & Photo Manager) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg [2015-03-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-17]
CHR Extension: (Facebook Email Signature - By WiseStamp) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mddbjkchhjpknjmkmkifidnpdnecmbjn [2015-03-20]
CHR Extension: (Enhancements for Gmail) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgdnblnolcinnndenjnollpiplgkbjcn [2015-03-20]
CHR Extension: (Hangouts) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2015-03-15]
CHR Extension: (Google Wallet) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Video Chat FlirtyMania) - C:\Users\New User\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oiaahapngnjijjgplpikimpaepddnfae [2015-03-15]
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\NEWUSE~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-03-17]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKU\S-1-5-21-3917243199-554470053-2731875590-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [edjionickmdagfblofjmidnkiljiflah] - C:\ProgramData\Coolyou\edjionickmdagfblofjmidnkiljiflah.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [fdmdjfpocfbldkjgocmihobobmpnckaa] - C:\Users\New User\AppData\Local\CRE\fdmdjfpocfbldkjgocmihobobmpnckaa.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\New User\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pbofibgamhkgoonaocfgemncghhadmgb] - C:\Users\New User\AppData\Local\CRE\pbofibgamhkgoonaocfgemncghhadmgb.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-08-06] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 cehufofi; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp [103424 2015-03-02] () [File not signed]
R2 Dataup; C:\Program Files (x86)\dataup\dataup.exe [73728 2014-12-11] () [File not signed] <==== ATTENTION
S2 HPSLPSVC; C:\Users\New User\AppData\Local\Temp\7zS3B22\hpslpsvc64.dll [1039360 2013-02-05] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
R2 rcores; C:\windows\rcore.exe [4686848 2015-02-02] () [File not signed]
R2 UpWork; C:\ProgramData\Online\updater.exe [404480 2015-03-02] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 windowsmanagementservice; C:\Users\New User\AppData\Local\Temp\20150316\ct.exe [725504 2015-01-20] () [File not signed]
R2 pizegyhy; C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S1 DMICall; C:\Windows\SysWOW64\DRIVERS\DMICall.sys [3888 2000-02-23] (Sony Corporation) [File not signed]
S3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [15360 2010-02-04] (Windows ® Win 7 DDK provider)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1514568 2013-05-02] (Realtek Semiconductor Corporation                           )
R1 {21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64; C:\Windows\System32\drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys [48784 2015-03-16] (StdLib)
S3 androidusb; System32\Drivers\androidusb.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S3 HTCAND64; System32\Drivers\ANDROIDUSB.sys [X]
S1 itnfd_1_10_0_9; system32\drivers\itnfd_1_10_0_9.sys [X]
S3 massfilter_hs; \??\C:\windows\system32\drivers\massfilter_hs.sys [X]
S3 zghsdiag; system32\DRIVERS\zghsdiag.sys [X]
S3 zghsmdm; system32\DRIVERS\zghsmdm.sys [X]
S3 zghsnmea; system32\DRIVERS\zghsnmea.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-21 23:09 - 2015-03-21 23:09 - 00002183 _____ () C:\Users\Public\Desktop\Google Earth.lnk
2015-03-21 23:09 - 2015-03-21 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-03-21 19:35 - 2015-03-21 19:39 - 00055586 _____ () C:\Users\New User\Desktop\Addition.txt
2015-03-21 19:31 - 2015-03-21 23:20 - 00042512 _____ () C:\Users\New User\Desktop\FRST.txt
2015-03-21 19:28 - 2015-03-16 20:59 - 01388672 _____ (Thisisu) C:\Users\New User\Desktop\JRT_NEW.exe
2015-03-19 18:23 - 2015-03-19 18:23 - 00000000 ____D () C:\Users\New User\Documents\Microsoft Hardware
2015-03-17 19:32 - 2015-03-21 23:19 - 00000000 ___RD () C:\Users\New User\Google Drive
2015-03-17 10:38 - 2015-03-21 17:46 - 00000570 _____ () C:\windows\system32\Drivers\etc\hosts.ics
2015-03-17 06:16 - 2015-03-17 06:16 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-03-17 06:15 - 2015-03-21 23:16 - 00018110 _____ () C:\windows\PFRO.log
2015-03-17 06:06 - 2015-03-19 20:57 - 00000000 ____D () C:\ProgramData\2f46f07000001bbd
2015-03-16 09:34 - 2015-03-21 23:20 - 00000000 ____D () C:\FRST
2015-03-16 09:32 - 2015-03-16 09:33 - 02095616 _____ (Farbar) C:\Users\New User\Desktop\FRST64.exe
2015-03-16 00:12 - 2015-03-16 02:24 - 00048784 _____ (StdLib) C:\windows\system32\Drivers\{21c2e5a7-1a4a-4181-b493-a02c5d6a043a}Gw64.sys
2015-03-13 17:38 - 2015-03-13 17:38 - 00000000 _____ () C:\windows\SysWOW64\shoAC1A.tmp
2015-03-12 17:06 - 2015-03-12 17:06 - 00000000 ____D () C:\Users\New User\Tracing
2015-03-09 20:28 - 2015-03-21 23:16 - 00007822 _____ () C:\windows\setupact.log
2015-03-09 20:28 - 2015-03-09 20:28 - 00000000 _____ () C:\windows\setuperr.log
2015-03-09 04:11 - 2015-03-09 04:11 - 00000000 ____D () C:\Users\New User\AppData\Local\BreakingNewsAlert
2015-03-03 06:11 - 2015-03-15 20:07 - 00000000 ____D () C:\Users\New User\Documents\Zoom
2015-03-03 05:55 - 2015-03-03 05:55 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 23:41 - 2015-03-02 23:41 - 00000000 _____ () C:\windows\SysWOW64\shoC90C.tmp
2015-03-02 21:04 - 2015-03-02 21:05 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2015-03-02 18:42 - 2015-03-02 18:42 - 00000000 _____ () C:\windows\SysWOW64\shoBDD5.tmp
2015-03-02 18:12 - 2015-03-08 06:12 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-03-02 17:40 - 2015-03-03 06:25 - 00000000 ____D () C:\Program Files (x86)\Tuneup computer
2015-03-02 17:40 - 2015-03-02 17:40 - 00003696 _____ () C:\windows\System32\Tasks\boosterpop
2015-03-02 17:40 - 2015-03-02 17:40 - 00003694 _____ () C:\windows\System32\Tasks\IEError
2015-03-02 17:40 - 2015-03-02 17:40 - 00003510 _____ () C:\windows\System32\Tasks\AI_Updater
2015-03-02 17:39 - 2015-03-02 17:39 - 00000000 ____D () C:\Users\New User\AppData\Local\PCTuner
2015-03-02 17:28 - 2015-03-02 17:28 - 00613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 00000000 __SHD () C:\Users\New User\AppData\Roaming\AnyProtectEx
2015-03-02 17:17 - 2015-03-02 17:17 - 00000000 ____D () C:\BreakingNewsAlert
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\SysWOW64\BasementDusterOff.ini
2015-03-02 17:13 - 2015-03-02 23:47 - 00008560 _____ () C:\windows\system32\BasementDusterOff.ini
2015-03-02 17:13 - 2015-02-24 03:51 - 00318808 _____ (OM Inc.) C:\windows\SysWOW64\BDL.dll
2015-03-02 17:09 - 2015-03-09 04:07 - 00000000 ____D () C:\Users\New User\AppData\Local\SmartWeb
2015-03-02 17:09 - 2015-03-02 17:09 - 00004052 _____ () C:\windows\System32\Tasks\SmartWeb Upgrade Trigger Task
2015-03-02 17:09 - 2015-03-02 17:09 - 00003664 _____ () C:\windows\System32\Tasks\IE_ERR4WDR
2015-03-02 17:09 - 2015-03-02 17:09 - 00003640 _____ () C:\windows\System32\Tasks\HDNINSTSCHD
2015-03-02 17:09 - 2015-03-02 17:09 - 00003506 _____ () C:\windows\System32\Tasks\UPDTEXE4_WDR
2015-03-02 17:08 - 2015-03-03 06:39 - 00000000 ____D () C:\Program Files (x86)\Portable WeatherApp
2015-03-02 16:31 - 2015-03-02 16:31 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425313884-11E1-93C8-047D7B6646C7
2015-03-02 16:12 - 2015-03-02 16:12 - 00003190 _____ () C:\windows\System32\Tasks\DoctorPC_Start
2015-03-02 16:11 - 2015-03-02 16:11 - 00000000 ____D () C:\Users\New User\AppData\Local\Doctor_PC
2015-03-02 16:10 - 2015-03-02 23:50 - 00000000 ____D () C:\Users\New User\Documents\DoctorPC
2015-03-02 16:06 - 2015-03-20 05:08 - 00000000 ____D () C:\Users\New User\AppData\Local\Deployment
2015-03-02 16:05 - 2015-03-15 14:11 - 00000000 ____D () C:\Users\New User\AppData\Roaming\et
2015-03-02 16:05 - 2015-03-02 16:05 - 00000000 ____D () C:\ProgramData\uc
2015-03-02 16:04 - 2015-03-10 18:45 - 00000000 ____D () C:\ProgramData\a5srv5task
2015-03-02 15:55 - 2015-03-09 04:11 - 00000000 ____D () C:\ProgramData\CFvZAfrKU
2015-03-02 15:53 - 2015-03-02 15:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 15:17 - 2015-03-02 15:17 - 00274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 00161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-02 15:02 - 2015-03-02 15:03 - 00000000 ____D () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7
2015-03-02 15:01 - 2015-03-10 18:46 - 00000000 ____D () C:\ProgramData\d3fdac2f0000255e
2015-03-02 14:36 - 2015-03-21 23:17 - 00000980 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-02 14:36 - 2015-03-21 23:17 - 00000976 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-02 14:36 - 2015-03-02 17:12 - 00003978 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-02 14:36 - 2015-03-02 17:12 - 00003724 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-02 14:32 - 2015-03-21 23:11 - 00000000 ____D () C:\Program Files\shopperz
2015-03-02 14:32 - 2015-03-21 18:08 - 00000045 _____ () C:\user.js
2015-03-02 14:32 - 2015-03-02 15:17 - 00002017 _____ () C:\windows\patsearch.bin
2015-03-02 14:32 - 2015-03-02 14:32 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webTinstMK_01009.Wdf
2015-03-02 14:30 - 2015-03-02 14:56 - 00000000 ____D () C:\Users\New User\AppData\Local\gmsd_us_265
2015-03-02 14:30 - 2015-03-02 14:30 - 00003782 _____ () C:\windows\System32\Tasks\PostPoneInstall
2015-03-02 14:30 - 2015-03-02 14:30 - 00003170 _____ () C:\windows\System32\Tasks\Run_Bobby_Browser
2015-03-02 14:29 - 2015-03-09 11:13 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-03-02 14:28 - 2015-03-02 14:28 - 00000000 ____D () C:\Users\New User\AppData\Local\Bluestacks
2015-03-02 14:27 - 2015-03-21 20:02 - 00000000 ____D () C:\Program Files (x86)\msrtn32
2015-03-02 14:26 - 2015-03-21 23:10 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-03-02 14:26 - 2015-03-21 19:50 - 00000000 ____D () C:\Program Files (x86)\GU Player
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{d9a6106a-1c74-cc0f-d9a6-6106a1c741a8}
2015-03-02 14:26 - 2015-03-02 15:19 - 00000000 ____D () C:\ProgramData\{9c4d2de5-1c79-57c2-9c4d-d2de51c7b794}
2015-03-02 14:26 - 2015-03-02 14:48 - 00000000 ____D () C:\Program Files (x86)\Regprocleaner
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Users\New User\AppData\Local\Bypass
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\u2c
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\dataup
2015-03-02 14:26 - 2015-03-02 14:26 - 00000000 ____D () C:\Program Files (x86)\data_up
2015-03-02 14:25 - 2015-03-02 14:26 - 00000000 ____D () C:\ProgramData\Online
2015-03-02 09:58 - 2015-03-02 09:58 - 00001764 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-02 09:58 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-02 09:56 - 2015-03-02 09:58 - 00000000 ____D () C:\Program Files\iTunes
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files\iPod
2015-03-02 09:56 - 2015-03-02 09:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-02 09:50 - 2015-03-02 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-02-28 16:12 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Dept of Human Services
2015-02-28 15:56 - 2015-02-28 15:58 - 00000000 ____D () C:\Users\New User\Documents\Employment
2015-02-28 15:54 - 2015-02-28 16:22 - 00000000 ____D () C:\Users\New User\Documents\Recovery
2015-02-28 09:53 - 2015-03-21 23:18 - 00000000 ____D () C:\Users\New User\AppData\Local\Spotify
2015-02-28 09:53 - 2015-02-28 09:53 - 00001779 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-02-28 09:52 - 2015-03-21 23:19 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Spotify
2015-02-28 03:17 - 2015-02-28 03:17 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Windows
2015-02-21 16:22 - 2015-02-28 16:21 - 00000000 ____D () C:\Users\New User\Documents\Correspondence
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-03-21 23:23 - 2012-08-07 21:10 - 00000940 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-03-21 23:18 - 2013-04-09 12:46 - 00000000 ___RD () C:\Users\New User\Dropbox
2015-03-21 23:18 - 2012-11-20 07:46 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Dropbox
2015-03-21 23:17 - 2014-09-20 03:27 - 00000000 ___RD () C:\Users\New User\iCloudDrive
2015-03-21 23:17 - 2012-03-01 09:39 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-21 23:16 - 2009-07-13 19:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-21 23:15 - 2013-09-16 18:49 - 05534166 _____ () C:\Users\Public\CAFADEBUG.log
2015-03-21 23:15 - 2012-03-01 09:10 - 01846706 _____ () C:\windows\WindowsUpdate.log
2015-03-21 23:14 - 2015-02-17 23:09 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job
2015-03-21 23:14 - 2012-08-13 11:27 - 00000868 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-21 23:10 - 2012-07-10 11:24 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-21 23:09 - 2012-03-01 09:39 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-21 22:25 - 2012-03-01 09:39 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-21 20:42 - 2013-06-18 08:28 - 00000000 ____D () C:\Users\New User\AppData\Roaming\vlc
2015-03-21 20:08 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-21 20:08 - 2009-07-13 18:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-21 19:53 - 2014-11-26 15:37 - 00166912 ___SH () C:\Users\New User\Downloads\Thumbs.db
2015-03-21 18:05 - 2013-01-11 20:49 - 00000000 ____D () C:\Program Files (x86)\Ant.com
2015-03-21 17:38 - 2013-04-07 15:13 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Skype
2015-03-21 14:23 - 2012-08-07 21:10 - 00000918 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job
2015-03-21 04:35 - 2014-07-27 18:58 - 00000418 _____ () C:\windows\Tasks\Defraggler Volume C Task.job
2015-03-20 05:45 - 2009-07-13 19:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-19 18:33 - 2014-09-15 13:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-19 17:50 - 2009-07-13 17:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-17 18:19 - 2013-03-30 01:12 - 00000000 ____D () C:\windows\pss
2015-03-17 04:59 - 2009-07-13 16:34 - 00000505 _____ () C:\windows\win.ini
2015-03-17 01:58 - 2014-09-11 20:46 - 00003584 _____ () C:\Users\New User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-17 01:25 - 2014-03-10 00:21 - 00000000 ____D () C:\Users\New User\AppData\Local\Windows Live
2015-03-15 08:54 - 2013-04-11 23:14 - 00000000 ____D () C:\Users\New User\AppData\Local\Apple
2015-03-12 17:06 - 2012-08-04 01:59 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-12 17:05 - 2012-08-04 01:59 - 00000000 ____D () C:\ProgramData\Skype
2015-03-12 10:07 - 2013-04-07 15:12 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-12 10:04 - 2011-11-02 20:33 - 00000000 ___HD () C:\Users\Public\TEMP
2015-03-10 18:46 - 2012-09-22 16:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-09 11:00 - 2012-07-20 21:17 - 00000000 ____D () C:\ProgramData\Conexant
2015-03-09 04:15 - 2014-09-29 09:54 - 00002094 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Cloud Print.lnk
2015-03-09 04:15 - 2013-04-07 15:12 - 00002375 _____ () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-09 04:12 - 2014-09-24 21:21 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-03-09 04:09 - 2011-11-02 20:12 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-03 07:15 - 2012-07-10 11:35 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-03-03 07:14 - 2012-07-10 11:35 - 00000000 ____D () C:\Program Files\CCleaner
2015-03-03 03:17 - 2010-11-20 17:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-03-02 21:05 - 2014-07-26 20:32 - 00000000 ____D () C:\Users\New User\AppData\Roaming\Zoom
2015-03-02 16:06 - 2014-10-25 23:50 - 00000000 ____D () C:\Users\New User\AppData\Local\Apps\2.0
2015-03-02 15:17 - 2014-06-19 15:14 - 00000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2015-03-02 09:56 - 2013-04-11 23:13 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-02-28 16:19 - 2014-10-03 15:43 - 00000000 ____D () C:\Users\New User\Documents\George Nakamoto
2015-02-28 16:02 - 2013-09-11 12:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-02-28 15:48 - 2014-01-27 07:05 - 00000000 ____D () C:\Users\New User\Documents\9 Essays Notes
2015-02-27 19:11 - 2012-07-10 11:24 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-02-27 19:11 - 2012-07-10 11:24 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-02-27 19:11 - 2011-11-02 20:12 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-27 18:31 - 2014-08-27 12:15 - 00000000 ____D () C:\Users\New User\AppData\Local\Adobe
2015-02-21 16:17 - 2013-07-06 21:00 - 00000000 ____D () C:\Users\New User\Documents\Other
 
==================== Files in the root of some directories =======
 
2013-01-05 14:36 - 2013-01-05 14:35 - 0003584 _____ () C:\Program Files\1033.MST
2013-01-05 14:36 - 2013-01-05 14:35 - 32268288 _____ () C:\Program Files\MOTOROLA MEDIA LINK.msi
2014-06-19 15:14 - 2015-03-02 15:17 - 0000126 _____ () C:\Users\New User\AppData\Roaming\WB.CFG
2014-09-11 20:46 - 2015-03-17 01:58 - 0003584 _____ () C:\Users\New User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-02 15:17 - 2015-03-02 15:17 - 0274045 _____ () C:\Users\New User\AppData\Local\dsi1.dat
2015-03-02 15:17 - 2015-03-02 15:17 - 0161916 _____ () C:\Users\New User\AppData\Local\dsi2.dat
2015-03-03 05:55 - 2015-03-03 05:55 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsr5816.tmp
2015-03-02 17:28 - 2015-03-02 17:28 - 0613067 _____ (CMI Limited) C:\Users\New User\AppData\Local\nsu3D9F.tmp
2013-04-07 14:41 - 2014-09-29 10:46 - 0007604 _____ () C:\Users\New User\AppData\Local\Resmon.ResmonCfg
2013-09-04 10:54 - 2013-09-04 10:54 - 0000000 _____ () C:\ProgramData\222c213d3c333429442337_c
2012-11-30 07:47 - 2012-11-30 07:47 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-08-07 08:49 - 2012-08-07 08:49 - 4608000 _____ () C:\ProgramData\ReadOnlyInstaller.msi
 
Some content of TEMP:
====================
C:\Users\New User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcenxea.dll
C:\Users\New User\AppData\Local\Temp\optsetup.exe
C:\Users\New User\AppData\Local\Temp\radB33F5.tmp.exe
C:\Users\New User\AppData\Local\Temp\sdf210A.exe
C:\Users\New User\AppData\Local\Temp\SkypeSetup.exe
C:\Users\New User\AppData\Local\Temp\sprz.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-03-05 00:44
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by New User at 2015-03-21 19:35:40
Running from C:\Users\New User\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.179.0 - Microsoft Corporation)
BIOS R0121K5 Update Utility For Windows  XP (HKLM-x32\...\{0B880892-A2A4-4465-8CF4-6A4C081ED738}) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.39.50 - Conexant)
Connectivity Fixer (HKLM-x32\...\{53ED0F0C-13C7-4154-9CE8-B0E5FEAB2367}) (Version: 1.1.0 - Badosoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.4 - PC Drivers Headquarters, LP)
Dropbox (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Image Viewer 5.2 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.2 - FastStone Soft)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk (remove only) (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hawaiian Unicode (HKLM\...\{9BB9ACB5-5731-4445-A476-1571FA22A3D2}) (Version: 1.0.3.40 - Hale Kuamoo)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 6.0.12230.783 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 4620 series Basic Device Software (HKLM\...\{A2E836B3-59A6-486B-82DC-1EA3878BCDEA}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}) (Version: 1.0.16.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
InstallIQ Updater (HKLM-x32\...\{8E1CB0F1-67BF-4052-AA23-FA22E94804C1}) (Version: 1.4.3.0 - W3i, LLC)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iPhone Configuration Utility (HKLM-x32\...\{B90FCEB7-2B0C-4D27-95B5-54238DF059ED}) (Version: 3.6.2.300 - Apple Inc.)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Latency Optimizer FREE VERSION (HKLM-x32\...\{2A9767A4-577D-4806-A121-7F0010F6BC60}) (Version: 3.1.20 - Badosoft)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Mountain Bike (HKLM\...\Mountain Bike) (Version: 2015.03.22.004828 - Mountain Bike) <==== ATTENTION
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\MusicManager) (Version:  - Google, Inc.)
Netwaiting (HKLM-x32\...\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}) (Version: 1.0.1 - Conexant Systems, Inc)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PastaLeads (HKLM-x32\...\PastaLeads Client) (Version: 1.0.0.26 - PastaLeads)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.7600 - DTS, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QWRS 3.1.0 (HKLM-x32\...\QWRS_is1) (Version: 3.1.0 - State of Hawaii, Department of Labor and Industrial Relations, Unemployment Insurance)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.15 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
Reg Pro Cleaner version 2.0 (HKLM-x32\...\{6406DF9F-E9C8-4C2E-AB48-80352BDF5099}_is1) (Version: 2.0 - Regprocleaner)
shopperz 2.0.0.457 (HKLM\...\{5081D2D4-1637-404c-B74F-50526718257D}_is1) (Version: 2.0.0.457 - shopperz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Speedtest4free (HKLM-x32\...\{E5E6D2B9-D991-4B2A-8294-974181531DCB}) (Version: 1.0.0 - Badosoft)
Spotify (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{6FF9A012-0254-41E9-81E2-F538C4B53611}) (Version: 1.3.3.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}) (Version: 1.3.5.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.12 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}) (Version: 4.08.09.00 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.38 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zoom (HKU\S-1-5-21-3917243199-554470053-2731875590-1000\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\New User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3917243199-554470053-2731875590-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\New User\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 16:34 - 2015-03-03 06:44 - 00000853 ____A C:\windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09EF5443-B72A-42C6-9E7C-BB6DBD58CB6E} - System32\Tasks\{0094CBC2-0CDB-4A3A-9B11-013577E07B63} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {0D76CF1F-6088-4F54-8BBA-6B5F15123A08} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {120E8F47-6EA1-42F2-B0FC-E7279BD0A352} - System32\Tasks\SmartWeb Upgrade Trigger Task => C:\Users\New User\AppData\Local\SmartWeb\SmartWebHelper.exe <==== ATTENTION
Task: {1561AEF0-B84C-4392-A72D-71C923783DDD} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe
Task: {1683D07D-8741-4C81-973D-49B5E1CCDD98} - System32\Tasks\{3458AABF-901C-4040-ABD1-E7DEC89D6FE8} => pcalua.exe -a "C:\Users\New User\Downloads\MML_Installer-v1.5.1915.0.exe" -d "C:\Users\New User\Downloads"
Task: {2BE258F6-9E23-4361-9B14-CA6650E352DC} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {3A626E56-2169-4625-BB78-28A6F7A1687A} - System32\Tasks\DoctorPC_Start => C:\Program Files (x86)\Doctor PC\DoctorPC.exe
Task: {443A42DE-D250-4E11-8537-F42EF6835058} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {475C3524-9503-4F2E-8C01-9E312EA142A2} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {4A08DA9A-F9BD-43B6-9B5F-2518B1871680} - System32\Tasks\{F3266061-33DE-4FD6-93EF-6590BC6A7334} => pcalua.exe -a "C:\Users\New User\Downloads\reflash_package.exe" -d "C:\Users\New User\Downloads"
Task: {52BBC3D8-6417-4D04-BA1D-89EBDACF245E} - System32\Tasks\boosterpop => C:\Program Files (x86)\Tuneup computer\Probsalert.exe
Task: {54F10FFC-98C8-45A4-92A6-26FB8C024436} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {5978764C-9848-4243-BE7F-F426014126A3} - System32\Tasks\GoogleUpdateTaskUserM_1_7_22_478699874-4155726479-3780505679-3006UA__313435303130393739352d3455416c555a2a5723416c34 => Wscript.exe //B "C:\ProgramData\PastaLeadsAgent\startprocess.js" pastaleadss.exe /invoke /f:check_services /l:0
Task: {6699EB5D-EAB0-496D-9EF4-6E4D7C10A2E5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {68BF36F5-36FB-476A-909D-78EB66ACB3BD} - System32\Tasks\{2E32A290-388A-42A3-968E-58CBBA498FAB} => pcalua.exe -a "C:\Users\New User\Downloads\chromeinstall-8u31 (1).exe" -d "C:\Users\New User\Downloads"
Task: {69B4898D-ACC6-4081-8068-CEF48AA1CD26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-13] (Google Inc.)
Task: {6A949BFC-BD5E-46C5-9860-C18E1EC6EDED} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {715C3153-490E-432B-B639-4D642350E43A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {79B8DB62-0EE0-467F-B4C7-FD1A2CBB9E26} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {7AEC204D-4081-46BF-8FC3-6A3B6BABE9E7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {7F941C9A-E1D7-4C5B-A29D-3BF8D80A2BE3} - System32\Tasks\{660776D4-F64B-4F88-B0D8-F8228795443E} => pcalua.exe -a "C:\Users\New User\Desktop\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop"
Task: {8629C88E-B5DC-4AFD-9EC2-045D149CB96C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {87433B36-CFB1-4A7F-9319-E643D8F27125} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-17] (Google Inc.)
Task: {8A3C300F-F9E5-4BCD-96C3-BAAC7149C888} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {92E3745A-8505-4C6A-BB9D-01A1B7BBFA2D} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe
Task: {93BD32F0-BC63-4450-B766-057FA6B3E05F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {94897E48-6CB2-4B82-8482-208BB309C947} - System32\Tasks\PostPoneInstall => C:\Users\NEWUSE~1\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ATTENTION
Task: {9523D5B9-ABA8-48E0-B692-132A8CF10D46} - System32\Tasks\{B5900387-2532-4B07-B355-EA4C68AE2418} => Chrome.exe http://ui.skype.com/...e=tsProgressBar
Task: {A586667C-42CD-4380-B72C-0762F7B69461} - System32\Tasks\{1C07B500-30B6-4F1E-8DBB-EE4100379985} => C:\Program Files\HP\HP Officejet 4620 series\Bin\HP Officejet 4620 series.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {AC3B2EBB-67FD-445F-98C7-A5652B142BD6} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {AE1A73FF-2D15-4FAE-A929-596711B3A0AE} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {B3DFADE0-6D34-4473-99BA-743441195E6D} - System32\Tasks\Run_Bobby_Browser => C:\Users\New User\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {B732D8B6-6014-436E-A756-EE5A858EF304} - System32\Tasks\AI_Updater => C:\Program Files (x86)\Tuneup computer\updater.exe
Task: {BA443592-EC97-4B7A-B0AA-B0697B601C1A} - System32\Tasks\{6666D30D-CE2C-4C24-ABFD-98E74DAC257D} => pcalua.exe -a "C:\Users\New User\Downloads\PD9812000_Ace_Gingerbread_S_hboot_0.85.0024.exe" -d "C:\Users\New User\Downloads"
Task: {BE2B11A8-25A1-4FB2-BA1A-ABFBC9D67CCF} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {C0921BE9-A5D4-41FF-AB7F-80E63CC2CF6D} - System32\Tasks\{B16438F9-6240-4B60-BE4F-67DF6D31E7DD} => pcalua.exe -a "C:\Users\New User\AppData\Roaming\uTorrent\uTorrent.exe" -c /UNINSTALL
Task: {C317D6B8-4F72-4539-B6E9-AFFE96127668} - System32\Tasks\{94363BB8-9C1E-4165-A48D-6DD0C8FD3AEB} => pcalua.exe -a "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers\HTCDriver3.0.0.007.exe" -d "C:\Users\New User\Desktop\aahk-11092012\tools\windrivers"
Task: {CD6C0667-1205-46E3-B3B1-DDAD3B9B6545} - System32\Tasks\HDNINSTSCHD => C:\windows\PCBHDNW\hdnInstaller.exe
Task: {D5334025-975D-415C-ACE0-4B5266F24207} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe
Task: {DA8E2620-5154-4BB3-8A67-513CB3AE5722} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-08] (Facebook Inc.)
Task: {E1DEA0D2-524A-4DA1-9508-2063AFDFBEF8} - System32\Tasks\{5C6FFFA1-D803-4F18-AE74-C44A23E7827E} => pcalua.exe -a "C:\Users\New User\Desktop\RUU_TOTEMC2_UL_JB_45_S_Cingular_US_2.21.502.1_Radio_1.18.40.00.07_10.68.40.33I_release_323768_signed.exe" -d "C:\Users\New User\Desktop"
Task: {E41C9E4D-9183-4774-AF63-E68F96CB8586} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E49B6A6E-9C2A-4463-9C69-A2B50919E7E0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27] (Adobe Systems Incorporated)
Task: {E8174CD9-60C3-4A17-900B-5669842A5BF3} - System32\Tasks\gtaUpt => C:\Program Files\shopperz\zaeed.bat [2015-03-11] ()
Task: {EC3C66FD-2B36-44D3-AEB1-ED6D9CAEE437} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {F80CFB63-475F-4D94-8542-594DDAFA6D6D} - System32\Tasks\IEError => C:\Program Files (x86)\Tuneup computer\Popialert.exe
Task: {FC7642EF-F5BC-4BE9-B733-22ECCEEFA7D3} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2011-10-24] (TOSHIBA CORPORATION)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000Core.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3917243199-554470053-2731875590-1000UA.job => C:\Users\New User\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 15:03 - 2015-03-02 15:03 - 00103424 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\jnsuBBA5.tmp
2015-03-02 14:26 - 2014-12-11 10:55 - 00073728 _____ () C:\Program Files (x86)\dataup\dataup.exe
2015-03-02 15:03 - 2015-03-02 15:03 - 00108032 _____ () C:\Users\New User\AppData\Roaming\9B45D880-1425308552-11E1-93C8-047D7B6646C7\nsz4C88.tmpfs
2015-03-02 15:53 - 2015-02-02 05:42 - 04686848 _____ () C:\windows\rcore.exe
2015-03-02 14:25 - 2015-03-02 14:26 - 00404480 _____ () C:\ProgramData\Online\updater.exe
2015-03-02 14:32 - 2015-02-15 17:02 - 00294264 _____ () C:\Program Files\shopperz\krios64.dll
2011-08-31 10:13 - 2011-08-31 10:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-01-20 16:53 - 2015-01-20 16:53 - 00725504 _____ () C:\Users\New User\AppData\Local\Temp\20150316\ct.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 02157056 _____ () C:\Program Files (x86)\msrtn32\msrtn32.exe
2015-03-02 16:04 - 2015-03-02 16:05 - 00360448 _____ () C:\ProgramData\a5srv5task\mcsvc.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00282488 _____ () C:\Program Files\shopperz\grunt.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00430456 _____ () C:\Program Files\shopperz\wrex.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00461176 _____ () C:\Program Files\shopperz\wrex64.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 00621432 _____ () C:\Program Files\shopperz\tsoni64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00273784 _____ () C:\Program Files\shopperz\liara64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00333688 _____ () C:\Program Files\shopperz\kasumi64.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00170360 _____ () C:\Program Files\shopperz\nseven.exe
2015-03-21 18:08 - 2015-03-11 11:28 - 01446264 _____ () C:\Program Files\shopperz\csrcc.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00075776 _____ () C:\Program Files (x86)\msrtn32\cdhtr.exe
2015-03-02 14:28 - 2015-03-02 14:28 - 00529920 _____ () C:\Program Files (x86)\msrtn32\rthdcpd.exe
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-02 14:32 - 2015-02-15 17:02 - 00288120 _____ () C:\Program Files\shopperz\krios.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00098816 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32api.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00110080 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pywintypes27.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00364544 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pythoncom27.dll
2015-03-19 20:40 - 2015-03-19 20:40 - 00045568 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_socket.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01161216 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_ssl.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00320512 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32com.shell.shell.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00713216 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_hashlib.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01175040 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._core_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00805888 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._gdi_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00811008 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._windows_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 01062400 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._controls_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00735232 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._misc_.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00682496 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pysqlite2._sqlite.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00128512 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_elementtree.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00127488 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\pyexpat.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00087552 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_ctypes.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00119808 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32file.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00108544 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32security.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00007168 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\hashobjs_ext.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00167936 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32gui.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00018432 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32event.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00038912 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32inet.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00011264 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32crypt.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00070656 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._html2.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00027136 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_multiprocessing.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00020480 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\_yappi.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00035840 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32process.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00686080 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\unicodedata.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00122368 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._wizard.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00024064 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32pipe.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00010240 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\select.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00025600 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32pdh.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00525640 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\windows._lib_cacheinvalidation.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00017408 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32profile.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00022528 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\win32ts.pyd
2015-03-19 20:40 - 2015-03-19 20:40 - 00078336 _____ () C:\Users\New User\AppData\Local\Temp\_MEI46042\wx._animate.pyd
2015-03-02 14:27 - 2015-03-02 14:27 - 02299904 _____ () C:\Program Files (x86)\msrtn32\QxOrm.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00243200 _____ () C:\Program Files (x86)\msrtn32\boost_serialization-vc100-mt-1_54.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00879104 _____ () C:\Program Files (x86)\msrtn32\platforms\qwindows.dll
2015-03-02 14:28 - 2015-03-02 14:28 - 00635392 _____ () C:\Program Files (x86)\msrtn32\sqldrivers\qsqlite.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00611192 _____ () C:\Program Files\shopperz\tsoni.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00238968 _____ () C:\Program Files\shopperz\liara.dll
2015-03-21 18:08 - 2015-03-11 11:28 - 00309112 _____ () C:\Program Files\shopperz\kasumi32.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00032256 _____ () C:\Program Files (x86)\msrtn32\imageformats\qdds.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qgif.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00027648 _____ () C:\Program Files (x86)\msrtn32\imageformats\qicns.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00021504 _____ () C:\Program Files (x86)\msrtn32\imageformats\qico.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00381952 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjp2.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00204800 _____ () C:\Program Files (x86)\msrtn32\imageformats\qjpeg.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00218112 _____ () C:\Program Files (x86)\msrtn32\imageformats\qmng.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00015360 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtga.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00307712 _____ () C:\Program Files (x86)\msrtn32\imageformats\qtiff.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00014848 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwbmp.dll
2015-03-02 14:27 - 2015-03-02 14:27 - 00252928 _____ () C:\Program Files (x86)\msrtn32\imageformats\qwebp.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3917243199-554470053-2731875590-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\New User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 24.25.227.55 - 209.18.47.61
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^New User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OptimizerProInstaller.lnk => C:\windows\pss\OptimizerProInstaller.lnk.Startup
MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files (x86)\AOL Desktop 9.7a\AOL.EXE" -b
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: googletalk => C:\Users\New User\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: HostManager => C:\Program Files (x86)\Common Files\AOL\1355722718\ee\AOLSoftware.exe
MSCONFIG\startupreg: HP Officejet 6500 E710n-z (NET) => "C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe" -deviceID "CN0CL114C205JW:NW" -scfn "HP Officejet 6500 E710n-z (NET)" -AutoStart 1
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe  startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MusicManager => "C:\Users\New User\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
MSCONFIG\startupreg: SearchProtect => C:\Users\New User\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SACpl.exe /t
MSCONFIG\startupreg: SRS Premium Sound HD => "C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe"  /f="C:\Program Files\SRS Labs\SRS Control Panel\SRS_Premium_Sound_HD.zip" /h
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ToshibaAppPlace => "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: Zoom => 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3917243199-554470053-2731875590-500 - Administrator - Disabled)
Guest (S-1-5-21-3917243199-554470053-2731875590-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3917243199-554470053-2731875590-1013 - Limited - Enabled)
New User (S-1-5-21-3917243199-554470053-2731875590-1000 - Administrator - Enabled) => C:\Users\New User
 
==================== Faulty Device Manager Devices =============
 
Name: itnfd_1_10_0_9
Description: itnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: itnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: cherimoya
Description: cherimoya
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: cherimoya
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/21/2015 07:24:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 11.3.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 173b8
 
Start Time: 01d064564a34dc76
 
Termination Time: 0
 
Application Path: C:\Users\New User\Desktop\FRST64.exe
 
Report Id:
 
Error: (03/21/2015 06:09:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Regprocleaner.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 16988
 
Start Time: 01d06455d8f87073
 
Termination Time: 0
 
Application Path: C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe
 
Report Id: 36ed6400-d049-11e4-9675-00038a000015
 
Error: (03/21/2015 00:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
System errors:
=============
Error: (03/21/2015 05:45:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 05:39:21 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 05:31:26 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:49:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:49:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:09:54 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 02:00:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:50:25 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:50:24 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (03/21/2015 01:45:31 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
 
Microsoft Office Sessions:
=========================
Error: (03/21/2015 07:24:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FRST64.exe11.3.2015.0173b801d064564a34dc760C:\Users\New User\Desktop\FRST64.exe
 
Error: (03/21/2015 06:09:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Regprocleaner.exe1.0.0.01698801d06455d8f870730C:\Program Files (x86)\Reg Pro Cleaner\Regprocleaner.exe36ed6400-d049-11e4-9675-00038a000015
 
Error: (03/21/2015 00:40:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 21
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18
 
Error: (03/21/2015 00:40:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-03-21 15:13:45.372
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:13:42.537
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:11:11.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:10:24.099
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:08:58.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:53.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:53.675
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:34.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:33.020
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-03-21 15:07:27.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP79.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 4043.86 MB
Available physical RAM: 2364.32 MB
Total Pagefile: 6042.04 MB
Available Pagefile: 3624.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI106320W0D) (Fixed) (Total:449.62 GB) (Free:310.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 7FE1B5BF)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=449.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14.7 GB) - (Type=17)
 
==================== End Of Log ============================

  • 0

#9
Bruce1270
Posted 22 March 2015 - 05:24 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts

Hi Jeris

 

Thanks for the logs. I am analysing them and hope to have a fix with you shortly. :)


  • 0

#10
Jeris
Posted 23 March 2015 - 05:26 AM

Jeris

    Member

  • Topic Starter
  • Member
  • PipPip
  • 92 posts

thank you!


  • 0

Advertisements

#11
Bruce1270
Posted 24 March 2015 - 01:51 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts

Hi Jeris

Sorry for the delay. I'm still in training so all my fixes must first be approved by my instructor.

Here are my next steps for you. The programs you are uninstalling are continuing to reappear so after the fix please uninstall them again.

Step1 - FRST fix


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Download the attached fixlist.txt to your desktop. Attached File  fixlist.txt   14.62KB   305 downloads

  • Ensure fixlist.txt is in the same location as FRST.exe on your desktop.
    FRSTfix.JPG
  • Run FRST by right clicking on it and selecting Run as Administrator and press Fix
  • On completion a log (fixlog.txt) will be generated.
  • Please select all text in this fix, copy (CTRL + C) and then Paste (CTRL + V) in your next reply.



    Step2 - Remove Programs

    Please uninstall the following unwanted programs:

    File1 Package Manager
    Installiq Updater
    McAfee Security Scan Plus
    Mountain Bike
    PastaLeads
    Reg Pro Cleaner version 2.0
    Shopperz 2.0.0.457


    Note: If any of the programs are not listed, proceed to the next one and work through the list.

    To do this:
    Please go to Start Menu -> Control Panel -> Uninstall a program or Programs and Features
    In the list of installed programs locate and click on the program to uninstall e.g. .
    Click uninstall.
    Repeat the above steps for all the other programs to remove.

    Important: Please reboot your machine after completing all the uninstalls


    Step3 - New FRST scan
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.


    Things for your next post:
  • Fixlog.txt
  • FRST.txt
  • Addition.txt

  • 0

#12
Bruce1270
Posted 28 March 2015 - 06:35 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts

Hi Jeris

 

Are you still needing help? I haven't heard from you and it's almost coming up for 4 days which means the topic will have to be closed.

 

Thanks.


  • 0

#13
godawgs
Posted 31 March 2015 - 12:21 PM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#14
godawgs
Posted 04 April 2015 - 06:21 AM

godawgs

    Teacher

  • Retired Staff
  • 8,228 posts

User returned.


  • 0

#15
Bruce1270
Posted 04 April 2015 - 12:22 PM

Bruce1270

    Trusted Helper

  • Malware Removal
  • 1,714 posts
Hi Jeris

Welcome back!

So we can see where we are please run and post fresh FRST logs.
  • Please run Farbars Recovery Scan Tool again. Run FRST by right clicking on it and selecting Run as Administrator. Allow it to update if it wants to.
  • Please tick the Addition.txt box under Optional Scan.
  • Press Scan button.
  • It will make logs FRST.txt & Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

    Thanks

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP