Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop Infected [Solved]


  • This topic is locked This topic is locked

#1
welcome123

welcome123

    Member

  • Member
  • PipPip
  • 49 posts

Hi,

i could really do with some help, I can't seem to get rid of luckysearch.com browser startup on Chrome and IE from my laptop, i  have tried several times to remove it but all to no avail,
Here are my log files from FRST.txt.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2015 01
Ran by debbie (administrator) on JOHNNYS on 18-04-2015 21:26:20
Running from C:\Users\debbie\Desktop
Loaded Profiles: debbie (Available profiles: debbie)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
() C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe
(Dropbox, Inc.) C:\Users\debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Python Software Foundation) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files\Plex\Plex Media Server\PlexDlnaServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(BitTorrent, Inc.) C:\Program Files\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Adobe Systems, Incorporated) C:\Program Files\Photoshop\Photoshop.exe
(Python Software Foundation) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
(Python Software Foundation) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [] => [X]
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [JumiController] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [Plex Media Server] => C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
URLSearchHook: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0F4F6717-D050-4F7D-BEE6-533F0C575E5D} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {289F83F7-98DC-4899-9B38-F9F89267C2D3} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {973708C3-FF05-45B5-BDB5-0E1312BD7EE0} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {BA07D4CE-2931-4A4E-9F2C-00DAD247ED8A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {E2AB7DF3-7F1C-48BF-B6FD-18CB65A30C39} URL = 
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28] (Yahoo! Inc)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28] (Yahoo! Inc.)
Toolbar: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files\ThinkSky\iTools 3\Extensions\npiTools.dll [2015-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2012-08-16] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2011-03-23] (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1547069931-2522453681-1799250520-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\debbie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1547069931-2522453681-1799250520-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\debbie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-08-10] (Apple Inc.)
FF SearchPlugin: C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\searchplugins\askcom.xml [2010-09-28]
FF Extension: Complitly - Speed up your search with your personal search suggestions tool - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\Extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [2012-01-21]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files\Fiddler2\FiddlerHook [2013-03-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-09-30]
FF HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Firefox\Extensions: [{b2375139-b908-4471-a891-0e2f76a4d88b}] - C:\Program Files\Show-Password\150.xpi
FF HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\ProgramData\CodecCheck\firefox [2011-07-23]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: Default -> 
CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms}
CHR Profile: C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (ChromePoster) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnbbenoccfckadanalngjafokjnnilm [2013-09-20]
CHR Extension: (ShinySearch) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfpaddcchjgaemolcibmlbgijkhdocl [2014-03-19]
CHR Extension: (Google Docs) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (Web Developer) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-09]
CHR Extension: (YouTube) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-08-15]
CHR Extension: (Google Search) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (Google Sheets) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (Readium) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-11-08]
CHR Extension: (AdBlock) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Gmail) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
CHR HKLM\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] () [File not signed]
S4 ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [186760 2012-08-16] ()
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-07-17] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [53248 2007-05-31] (Tablet Driver) [File not signed]
S4 Blackberry Device Manager; "C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]
S4 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2013-06-29] (Atheros Communications, Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-07-30] (Broadcom Corporation.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [35992 2015-04-10] ()
R3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [13112 2010-06-03] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-04-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1277504 2012-12-27] (Ralink Technology Corp.)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [9472 2009-07-24] (Primax Ltd)
S3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2013-01-14] (VSO Software) [File not signed]
R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [18944 2007-06-07] (PenTablet Driver)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [10752 2007-04-23] (PenTablet Driver)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [515288 2014-12-31] (Realtek Semiconductor Corporation)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows ® Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2013-01-06] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2011-04-15] () [File not signed]
S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [18432 2007-04-23] (Tablet Driver)
S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [12800 2007-05-31] (Tablet Driver)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-07-21] (ZTE Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-18 21:26 - 2015-04-18 21:27 - 00027145 _____ () C:\Users\debbie\Desktop\FRST.txt
2015-04-18 21:22 - 2015-04-18 21:26 - 00000000 ____D () C:\FRST
2015-04-18 21:18 - 2015-04-18 21:18 - 01137664 _____ (Farbar) C:\Users\debbie\Desktop\FRST.exe
2015-04-18 20:10 - 2015-04-18 20:10 - 00064020 _____ () C:\Users\debbie\Downloads\Simpsons.The.Movie.2007.BluRay.1080p.H264.torrent
2015-04-18 18:25 - 2015-04-18 18:25 - 00001602 _____ () C:\Users\debbie\Desktop\GooredFix.txt
2015-04-18 18:25 - 2015-04-18 18:25 - 00000000 ____D () C:\Users\debbie\Desktop\GooredFix Backups
2015-04-18 17:15 - 2015-04-18 17:15 - 00001231 _____ () C:\Users\debbie\Downloads\IsoBuster+Pro+3.5+Build+3.5.0.0+Final+%2B+Key.torrent
2015-04-18 16:16 - 2015-04-18 16:16 - 00109929 _____ () C:\Users\debbie\Downloads\Autodata+2011++3+38.torrent
2015-04-18 15:20 - 2015-04-18 15:20 - 00000000 ____D () C:\_OTM
2015-04-18 15:07 - 2015-04-18 18:30 - 00000000 ____D () C:\Users\debbie\Desktop\Virus software
2015-04-18 15:06 - 2015-04-18 15:07 - 00513320 _____ () C:\Users\debbie\Downloads\erunt.zip
2015-04-16 17:14 - 2015-04-16 17:14 - 00002513 _____ () C:\Users\debbie\Desktop\Twilight Phenomena Strange Menagerie Collectors.lnk
2015-04-16 16:03 - 2015-04-16 16:22 - 1038849645 _____ (Games ) C:\Users\debbie\Downloads\TwilightPhenStrangeMenagerieCE.exe
2015-04-16 16:01 - 2015-04-16 16:01 - 00020479 _____ () C:\Users\debbie\Downloads\Twilight+Phenomena+Strange+Menagerie+Collectors+Edition-Wendy99.torrent
2015-04-16 15:23 - 2015-04-16 15:23 - 08285177 _____ () C:\Users\debbie\Downloads\Cleaner Pro v1.2.1.apk
2015-04-16 10:47 - 2015-04-16 11:36 - 00000000 ____D () C:\Users\debbie\Desktop\MaeMae Summer
2015-04-15 16:32 - 2015-04-15 16:37 - 00000000 ____D () C:\Users\debbie\Downloads\AnyTrans Portable x86
2015-04-15 16:30 - 2015-04-15 16:30 - 00000000 ____D () C:\Users\debbie\.swt
2015-04-15 16:29 - 2015-04-16 16:27 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Azureus
2015-04-15 16:29 - 2015-04-15 16:29 - 00001802 _____ () C:\Users\Public\Desktop\Vuze.lnk
2015-04-15 16:29 - 2015-04-15 16:29 - 00001802 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-04-15 16:29 - 2015-04-15 16:29 - 00000000 ____D () C:\Program Files\Vuze
2015-04-15 16:27 - 2015-04-15 16:27 - 00072008 _____ (Azureus Software, Inc.) C:\Users\debbie\Downloads\VuzeBittorrentClientInstaller.exe
2015-04-15 16:25 - 2015-04-15 16:31 - 38779551 _____ () C:\Users\debbie\Downloads\Air Racing 3D. APK
2015-04-15 15:12 - 2015-04-15 15:12 - 00001339 _____ () C:\Users\debbie\Desktop\Modiac MP3 to MP4 Audio Converter.lnk
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Modiac
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Modiac MP3 to MP4 Audio Converter
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Local\Modiac
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Program Files\Modiac
2015-04-15 15:11 - 2015-04-15 15:12 - 19586822 _____ (Modiac Inc.) C:\Users\debbie\Downloads\Modiac_MP3_to_MP4_Converter.exe
2015-04-15 15:08 - 2015-04-15 15:08 - 00000000 ____D () C:\Users\debbie\AppData\Local\{B1CACF31-36C8-4DA1-8754-89959B9A1C0C}
2015-04-15 14:10 - 2015-04-15 14:10 - 00002252 _____ () C:\Users\debbie\Desktop\SpyHunter.lnk
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\sh4ldr
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-15 14:07 - 2015-04-15 14:07 - 00016816 _____ () C:\Users\debbie\Downloads\[kickass.to.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]spyhunter.v4.15.1.4270.incl.crack.dub.boy.torrent
2015-04-15 14:07 - 2015-04-15 14:07 - 00000000 ____D () C:\Users\debbie\Downloads\SpyHunter v4.15.1.4270 Incl Crack - [Dub_Boy]
2015-04-15 13:26 - 2015-04-15 13:26 - 00002146 _____ () C:\Users\debbie\Downloads\SpyHunter+4.1.11.0+%2B+Crack-LillyEeez.torrent
2015-04-15 13:16 - 2015-04-15 13:16 - 00000903 _____ () C:\Users\debbie\Downloads\SpyHunter+4.1.11.0+%2B+Crack (1).torrent
2015-04-15 13:12 - 2015-04-15 13:12 - 00002135 _____ () C:\Users\debbie\Downloads\SpyHunter+4.1.11.0+%2B+Crack.torrent
2015-04-15 13:11 - 2015-04-15 13:11 - 00005200 _____ () C:\Users\debbie\Downloads\SpyHunter+4.18.9.4384.torrent
2015-04-15 13:02 - 2015-04-15 13:02 - 508374807 _____ () C:\Windows\MEMORY.DMP
2015-04-15 08:25 - 2015-04-15 14:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-14 14:23 - 2015-04-14 14:23 - 00064205 _____ () C:\Users\debbie\Downloads\optien.zip
2015-04-14 11:42 - 2015-04-14 18:23 - 1210027104 _____ () C:\Users\debbie\Downloads\EUR-I9205XXUDOA1-20150217095507.zip
2015-04-13 22:00 - 2015-04-13 22:00 - 00001958 _____ () C:\Users\Public\Desktop\AnyTrans.lnk
2015-04-13 22:00 - 2015-04-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2015-04-13 22:00 - 2015-04-13 22:00 - 00000000 ____D () C:\Program Files\iMobie
2015-04-13 21:49 - 2015-04-13 21:49 - 00000000 ____D () C:\Users\debbie\Downloads\AnyTrans
2015-04-13 21:47 - 2015-04-13 21:47 - 00019789 _____ () C:\Users\debbie\Downloads\iMobie+AnyTrans+4.3.0+Build+20150210+Multilingual%2BPortable%2BSerial.torrent
2015-04-13 21:37 - 2015-04-13 21:37 - 00001332 _____ () C:\Users\debbie\Desktop\CopyTrans Control Center.lnk
2015-04-13 21:23 - 2015-04-13 21:23 - 00016091 _____ () C:\Users\debbie\Downloads\Ella+Henderson+-+Chapter+One+%28Deluxe+Version%29+%7B2014-Album%7D+.torrent
2015-04-13 21:22 - 2015-04-13 21:22 - 00022099 _____ () C:\Users\debbie\Downloads\Ella+Henderson+-+Chapter+One.torrent
2015-04-13 19:48 - 2015-04-13 19:48 - 00018915 _____ () C:\Users\debbie\Downloads\NOW+That%27s+What+I+Call+Music%21+90+%282015%29+%5BPre-Release%5D%28Comedy133%29.torrent
2015-04-13 19:31 - 2015-04-13 19:31 - 00010189 _____ () C:\Users\debbie\Downloads\Various+-+Now+Thats+What+I+Call+Music+Vol.90+%5BBubanee%5D.torrent
2015-04-13 19:11 - 2015-04-13 19:15 - 00000000 ____D () C:\Users\debbie\Downloads\NOW That's What I Call Music! 90 [CBR][MP3] 320KBps - GloDLS
2015-04-13 19:11 - 2015-04-13 19:11 - 00005087 _____ () C:\Users\debbie\Downloads\NOW+That%27s+What+I+Call+Music%21+90+%5B2015%5D+%5BCBR%5D+%5BMP3%5D+320KBps+-+%5BGloDLS%5D.torrent
2015-04-13 18:20 - 2015-04-13 18:27 - 00000000 ____D () C:\Users\debbie\Downloads\Fast and Furious  1-6  1080p
2015-04-13 18:19 - 2015-04-13 18:19 - 00045839 _____ () C:\Users\debbie\Downloads\pic.torrent
2015-04-13 17:50 - 2015-04-13 17:50 - 00045839 _____ () C:\Users\debbie\Downloads\Fast+and+Furious+1-6+1080p.torrent
2015-04-13 17:46 - 2015-04-13 17:46 - 00014641 _____ () C:\Users\debbie\Downloads\The+Fast+and+Furious+Tokyo+Drift.torrent
2015-04-13 17:44 - 2015-04-13 17:44 - 00014892 _____ () C:\Users\debbie\Downloads\2Fast2Furious%5B2003%5DDvdrip%5BEng-Hard-Sub%5D-Salem.torrent
2015-04-13 16:14 - 2015-04-13 16:14 - 01073605 _____ () C:\Users\debbie\Downloads\UPDATE-SuperSU-v1.34 (1).zip
2015-04-13 14:17 - 2015-04-15 10:35 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\HandBrake
2015-04-13 14:15 - 2015-04-13 14:15 - 15839599 _____ () C:\Users\debbie\Downloads\HandBrake-0.10.1-i686-Win_GUI.exe
2015-04-13 14:15 - 2015-04-13 14:15 - 00000985 _____ () C:\Users\debbie\Desktop\Handbrake.lnk
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\Program Files\Handbrake
2015-04-12 21:59 - 2015-04-12 21:59 - 01073605 _____ () C:\Users\debbie\Downloads\UPDATE-SuperSU-v1.34.zip
2015-04-12 21:40 - 2015-04-12 21:41 - 21143241 _____ () C:\Users\debbie\Downloads\GT-I9205.zip
2015-04-12 18:07 - 2015-04-12 18:07 - 00016208 _____ () C:\Users\debbie\Downloads\FAST+AND+FURIOUS+7+%282015%29+-+HDTS+-+x264+-+AC3+5.1+%28LinE%29+-+Team+Telly.torrent
2015-04-11 21:31 - 2015-04-11 21:31 - 00000000 ____D () C:\usb_driver
2015-04-11 18:23 - 2015-04-11 18:23 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\AdamOutler
2015-04-11 18:21 - 2015-04-11 18:21 - 00000000 ____D () C:\Program Files\Heimdall
2015-04-10 20:52 - 2015-04-10 20:52 - 00035992 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-10 20:37 - 2015-04-10 20:37 - 00019880 _____ () C:\Windows\system32\.crusader
2015-04-10 19:59 - 2015-04-10 19:59 - 00001901 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2015-04-10 19:59 - 2015-04-10 19:59 - 00000000 ____D () C:\Program Files\HitmanPro
2015-04-10 19:56 - 2015-04-10 20:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-10 19:51 - 2015-04-10 19:51 - 00000000 ____D () C:\Users\debbie\Downloads\Hitman Pro 3.7.9 Build 238
2015-04-10 15:37 - 2014-06-16 07:01 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-04-10 15:37 - 2014-06-16 07:01 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-04-10 11:17 - 2015-04-14 19:29 - 00000000 ____D () C:\Users\debbie\Desktop\STOCK FIRMWARE GT-I9205
2015-04-10 11:17 - 2015-04-10 11:18 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\debbie\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2015-04-09 21:38 - 2015-04-09 21:38 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-04-09 21:38 - 2015-04-09 21:38 - 00000000 ____D () C:\Users\debbie\AppData\Local\Samsung
2015-04-09 21:37 - 2015-04-09 21:37 - 00000000 ____D () C:\Users\debbie\Documents\samsung
2015-04-09 21:31 - 2015-04-09 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-09 21:31 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2015-04-09 21:31 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2015-04-09 21:31 - 2013-12-30 10:52 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2015-04-09 21:27 - 2015-04-09 21:28 - 77317912 _____ (Samsung Electronics Co., Ltd.) C:\Users\debbie\Downloads\KiesSetup (1).exe
2015-04-09 20:21 - 2015-04-09 20:22 - 12290974 _____ (ImageWriter Developers ) C:\Users\debbie\Downloads\Win32DiskImager-0.9.5-install.exe
2015-04-09 19:14 - 2015-04-09 19:14 - 00000000 ____D () C:\Users\debbie\Documents\ProPCCleaner
2015-04-09 19:14 - 2015-04-09 19:14 - 00000000 ____D () C:\Users\debbie\AppData\Local\Pro_PC_Cleaner
2015-04-08 15:33 - 2015-04-08 15:52 - 00000000 ____D () C:\Users\debbie\Downloads\[ www.Torrenting.com ] - The.Human.Centipede.II.Full.Sequence.UNRATED.DiRECTORS.CUT.2011.BDRiP.XViD-LiViDiTY
2015-04-07 18:11 - 2015-04-18 15:24 - 00000000 ___RD () C:\Users\debbie\Dropbox
2015-04-07 18:11 - 2015-04-07 18:11 - 00001131 _____ () C:\Users\debbie\Desktop\Dropbox.lnk
2015-04-07 18:09 - 2015-04-07 18:09 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-07 18:07 - 2015-04-18 15:24 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Dropbox
2015-04-07 18:07 - 2015-04-07 18:07 - 00356232 _____ (Dropbox, Inc.) C:\Users\debbie\Downloads\DropboxInstaller.exe
2015-04-05 13:29 - 2015-04-05 15:06 - 00000000 ____D () C:\Users\debbie\Desktop\easter
2015-04-04 13:55 - 2015-04-04 13:57 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Digiarty
2015-04-04 13:53 - 2015-04-04 13:54 - 11274056 _____ (Digiarty ) C:\Users\debbie\Downloads\airplayitserver_setup.exe
2015-04-02 14:59 - 2015-04-02 14:59 - 00000000 ____D () C:\ProgramData\GameHouse
2015-04-01 20:23 - 2015-04-01 20:23 - 16216983 _____ () C:\Users\debbie\Documents\The Sky News Ballot Ballad _ General Election 2015.mp4
2015-04-01 20:23 - 2015-04-01 20:23 - 03201213 _____ () C:\Users\debbie\Documents\The Sky News Ballot Ballad _ General Election 2015.wmv
2015-03-31 15:57 - 2015-04-10 20:37 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\jqGt8
2015-03-31 15:57 - 2015-03-31 17:37 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\VTENp
2015-03-31 15:57 - 2015-03-31 15:57 - 00000000 ____D () C:\tmp
2015-03-31 15:51 - 2015-03-31 16:01 - 00000000 ____D () C:\ProgramData\{e54fbc5f-5e54-4c86-e54f-fbc5f5e5f17d}
2015-03-28 17:05 - 2015-03-28 17:05 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\quickclick
2015-03-25 15:19 - 2015-03-25 15:19 - 00087608 _____ () C:\Users\debbie\AppData\Roaming\inst.exe
2015-03-23 16:25 - 2015-04-12 12:01 - 00000000 ____D () C:\ProgramData\4e23d844000033a7
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\Users\debbie\AppData\Local\Reflector
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\ProgramData\Reflector
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\ProgramData\Reflection
2015-03-22 16:45 - 2015-03-23 12:26 - 00000000 ____D () C:\Program Files\Reflector
2015-03-22 16:45 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-22 16:44 - 2015-03-22 16:44 - 11812864 _____ () C:\Users\debbie\Downloads\Reflector32.msi
2015-03-22 16:00 - 2015-04-18 20:44 - 00000308 _____ () C:\Windows\Tasks\iToolsDaemon.job
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\ThinkSky
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iTools 3
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Program Files\ThinkSky
2015-03-22 15:57 - 2015-03-22 15:59 - 15779856 _____ () C:\Users\debbie\Downloads\iToolsSetup_3.1.8.0.exe
2015-03-22 13:58 - 2015-03-22 13:58 - 00000000 ____D () C:\Program Files\uvnc bvba
2015-03-20 12:59 - 2015-03-20 13:23 - 00000000 ____D () C:\Users\debbie\Desktop\Kala
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-18 21:26 - 2014-01-07 19:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-18 21:26 - 2011-03-02 19:15 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\uTorrent
2015-04-18 21:02 - 2015-02-21 19:43 - 00000000 ____D () C:\Users\debbie\Desktop\Movies
2015-04-18 20:53 - 2011-02-23 15:59 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-18 20:27 - 2011-02-23 15:18 - 01255961 _____ () C:\Windows\WindowsUpdate.log
2015-04-18 20:18 - 2015-02-06 14:05 - 00000000 ____D () C:\Users\debbie\Desktop\Bakerbum
2015-04-18 19:53 - 2011-07-15 19:43 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000UA.job
2015-04-18 18:23 - 2011-11-07 12:04 - 00000000 ____D () C:\OutputFolder
2015-04-18 18:22 - 2015-02-24 15:47 - 00000000 ____D () C:\Users\debbie\Desktop\BENS
2015-04-18 18:09 - 2013-09-02 18:50 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\WinFF
2015-04-18 18:09 - 2011-08-20 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-04-18 18:09 - 2011-08-20 11:40 - 00000000 ____D () C:\Program Files\Wondershare
2015-04-18 17:56 - 2014-05-15 20:07 - 00000000 ____D () C:\Program Files\Yawcam
2015-04-18 17:46 - 2014-08-20 13:21 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-18 17:11 - 2011-07-30 14:45 - 00000000 ____D () C:\Users\debbie\AppData\Local\CrashDumps
2015-04-18 15:31 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-18 15:31 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-18 15:23 - 2015-01-28 11:53 - 00030752 _____ () C:\Windows\setupact.log
2015-04-18 15:23 - 2011-02-23 15:59 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-18 15:23 - 2011-02-23 15:19 - 00000000 ____D () C:\Users\debbie
2015-04-18 15:23 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-18 15:18 - 2011-04-11 19:01 - 00000000 ____D () C:\Windows\ERDNT
2015-04-18 10:53 - 2015-01-29 08:31 - 00043218 _____ () C:\Windows\PFRO.log
2015-04-18 10:23 - 2014-06-16 10:50 - 00000000 ____D () C:\Users\debbie\AppData\Local\Adobe
2015-04-18 10:12 - 2011-05-15 12:12 - 00000000 ____D () C:\Windows\Jack of all Tribes
2015-04-17 10:53 - 2011-07-15 19:43 - 00000908 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000Core.job
2015-04-16 17:20 - 2011-11-07 16:41 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\ERS Game Studios
2015-04-16 16:39 - 2010-03-15 05:46 - 00780908 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:28 - 2013-07-17 22:16 - 00000000 ____D () C:\Program Files\Games
2015-04-15 16:46 - 2015-01-28 12:01 - 00000000 ____D () C:\Program Files\GreenTree Applications
2015-04-15 16:46 - 2013-05-27 22:30 - 00000000 ____D () C:\Users\debbie\AppData\Local\CRE
2015-04-15 13:03 - 2015-02-22 13:13 - 00504832 ___SH () C:\Users\debbie\Desktop\Thumbs.db
2015-04-15 13:02 - 2011-03-27 14:25 - 00000000 ____D () C:\Windows\Minidump
2015-04-15 10:46 - 2014-12-08 17:05 - 00000000 ____D () C:\Users\debbie\Desktop\Heart box
2015-04-15 08:08 - 2009-07-14 05:33 - 04212488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-14 20:18 - 2015-02-21 12:45 - 00000000 ____D () C:\Users\debbie\Desktop\pics Isla-mae
2015-04-14 20:13 - 2015-01-27 22:23 - 00000000 ____D () C:\Users\debbie\Desktop\Nicole
2015-04-14 20:08 - 2015-01-22 17:04 - 00000000 ____D () C:\Users\debbie\Desktop\New folder (2)
2015-04-14 19:38 - 2015-01-11 17:37 - 00000000 ____D () C:\Users\debbie\Desktop\New folder
2015-04-14 18:54 - 2011-03-02 19:29 - 00268904 _____ () C:\Users\debbie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-14 14:50 - 2015-03-09 22:37 - 00000000 ____D () C:\Users\debbie\Desktop\Easter l;etter
2015-04-13 21:59 - 2015-02-07 23:13 - 00000000 ____D () C:\Users\debbie\Downloads\iMobie AnyTrans 4.2.7 Build 20150110 Multilingual + Key
2015-04-13 21:37 - 2014-06-02 13:13 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-04-13 18:11 - 2014-07-29 22:16 - 00000000 ____D () C:\Users\debbie\Downloads\Faststone
2015-04-13 14:17 - 2014-06-13 13:07 - 00000000 ____D () C:\Users\debbie\Documents\my medication
2015-04-13 10:38 - 2015-03-05 18:02 - 00000000 ____D () C:\Users\debbie\Desktop\New folder (5)
2015-04-12 17:42 - 2015-01-15 19:33 - 02450944 ___SH () C:\Users\debbie\Downloads\Thumbs.db
2015-04-11 15:54 - 2011-03-28 09:10 - 00753664 ___SH () C:\Users\debbie\Documents\Thumbs.db
2015-04-10 20:37 - 2013-09-03 11:49 - 00000000 ____D () C:\Users\debbie\Downloads\Portrait Professional Studio v10.9.5 + Crack-LnDL
2015-04-10 19:53 - 2015-03-13 21:19 - 00000000 ____D () C:\Users\debbie\Downloads\Now.Thats.What.I.Call.Music - Complete.Collection-(1-75) -Lindoff
2015-04-10 10:23 - 2011-08-16 11:02 - 00000000 ____D () C:\Windows\Sun
2015-04-09 21:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-09 21:38 - 2011-04-15 10:45 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Samsung
2015-04-09 21:31 - 2010-03-15 05:49 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-09 21:30 - 2015-03-15 20:03 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-04-09 21:30 - 2015-03-15 20:01 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-09 21:28 - 2011-07-29 22:44 - 00000000 ____D () C:\Users\debbie\AppData\Local\Downloaded Installations
2015-04-09 19:13 - 2011-02-23 15:20 - 00001643 _____ () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-09 15:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-07 19:41 - 2011-07-01 18:00 - 00000000 ____D () C:\Users\debbie\AppData\Local\WinAVI
2015-04-02 15:25 - 2015-03-13 11:03 - 00000000 ____D () C:\Users\debbie\Documents\AirDroid
2015-04-02 14:57 - 2010-03-15 06:18 - 00000000 ____D () C:\ProgramData\Temp
2015-04-02 13:30 - 2014-11-24 11:28 - 00000000 ____D () C:\Users\debbie\Desktop\Adrian
2015-03-31 21:47 - 2015-01-03 11:35 - 00000000 ____D () C:\Users\debbie\Desktop\mycyber folder
2015-03-31 17:38 - 2011-12-19 23:08 - 00000000 ____D () C:\Windows\Splash Screens
2015-03-30 14:37 - 2013-11-27 17:17 - 00000000 ____D () C:\Users\debbie\Desktop\add family
2015-03-25 22:15 - 2013-04-17 19:01 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\AlawarEntertainment
2015-03-25 16:02 - 2011-10-22 14:26 - 00000000 ____D () C:\Windows\massfilter
2015-03-25 15:27 - 2014-11-08 20:11 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 15:27 - 2014-08-20 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 15:27 - 2014-08-20 13:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-25 15:19 - 2014-12-16 19:04 - 00000000 ____D () C:\Program Files\VSO
2015-03-25 15:19 - 2013-01-14 16:47 - 00000033 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.log
2015-03-25 15:19 - 2013-01-14 16:45 - 00047360 _____ (VSO Software) C:\Users\debbie\AppData\Roaming\pcouffin.sys
2015-03-25 15:19 - 2013-01-14 16:45 - 00007887 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.cat
2015-03-25 15:19 - 2013-01-14 16:45 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Vso
 
==================== Files in the root of some directories =======
 
2002-12-27 11:47 - 2002-07-28 23:40 - 1059840 _____ (Auto FX Software) C:\Program Files\DS_Bonus_Plugin.8bf
2014-03-20 12:53 - 2014-03-20 12:53 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-11-30 20:08 - 2013-11-30 20:08 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-09-14 22:13 - 2014-12-01 19:17 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CC Prefs
2011-11-29 23:40 - 2011-11-29 23:40 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-09-26 23:35 - 2014-09-18 15:16 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-09-26 08:34 - 2012-09-26 08:34 - 0000690 _____ () C:\Users\debbie\AppData\Roaming\Contact Sheet II.xml
2012-09-26 08:34 - 2012-09-26 08:35 - 0007257 _____ () C:\Users\debbie\AppData\Roaming\ContactSheetII.log
2013-01-14 16:45 - 2013-01-14 16:45 - 0081920 _____ () C:\Users\debbie\AppData\Roaming\ezpinst.exe
2013-08-28 18:40 - 2014-07-12 23:19 - 0002048 _____ () C:\Users\debbie\AppData\Roaming\Heritage Photobooks Prefs
2015-03-25 15:19 - 2015-03-25 15:19 - 0087608 _____ () C:\Users\debbie\AppData\Roaming\inst.exe
2013-01-14 16:45 - 2015-03-25 15:19 - 0007887 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.cat
2013-01-14 16:45 - 2015-03-25 15:19 - 0001144 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.inf
2013-01-14 16:47 - 2015-03-25 15:19 - 0000033 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.log
2013-01-14 16:45 - 2015-03-25 15:19 - 0047360 _____ (VSO Software) C:\Users\debbie\AppData\Roaming\pcouffin.sys
2011-07-20 10:16 - 2014-03-20 14:32 - 0003521 _____ () C:\Users\debbie\AppData\Roaming\Rim.Desktop.Exception.log
2011-07-01 22:24 - 2014-09-20 12:40 - 0004205 _____ () C:\Users\debbie\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-07-20 10:16 - 2014-03-20 14:32 - 0003080 _____ () C:\Users\debbie\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-07-25 10:54 - 2013-12-31 20:57 - 0001078 _____ () C:\Users\debbie\AppData\Roaming\Rim.Transcoder.Exception.log
2011-06-21 13:58 - 2012-09-28 11:36 - 0022927 _____ () C:\Users\debbie\AppData\Roaming\UserTile.png
2014-12-16 19:04 - 2014-12-16 20:56 - 0001059 _____ () C:\Users\debbie\AppData\Roaming\vso_ts_preview.xml
2011-04-05 22:40 - 2011-04-05 22:40 - 0001456 _____ () C:\Users\debbie\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-12-04 19:13 - 2014-12-17 17:21 - 0001456 _____ () C:\Users\debbie\AppData\Local\Adobe Save for Web 13.0 Prefs
2011-07-20 10:18 - 2014-05-20 09:02 - 0074240 _____ () C:\Users\debbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 07:07 - 2014-04-09 07:07 - 0000017 _____ () C:\Users\debbie\AppData\Local\resmon.resmoncfg
2012-09-09 16:08 - 2012-09-09 16:08 - 0017408 _____ () C:\Users\debbie\AppData\Local\WebpageIcons.db
2014-10-02 12:06 - 2014-10-02 12:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-04 16:59 - 2014-12-23 10:32 - 0143131 _____ () C:\ProgramData\hpzinstall.log
2011-05-01 22:19 - 2011-05-01 22:19 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2011-04-15 10:43 - 2011-05-21 12:14 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-02-21 18:01 - 2012-02-24 19:27 - 0001478 _____ () C:\ProgramData\port_acpca.log
 
Some content of TEMP:
====================
C:\Users\debbie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6jsazt.dll
C:\Users\debbie\AppData\Local\Temp\Foxit Updater.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-15 11:55
 

==================== End Of Log ============================

And here is the Addition.txt.

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 18-04-2015 01
Ran by debbie at 2015-04-18 21:28:22
Running from C:\Users\debbie\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4Videosoft AMV Media Converter (HKLM\...\4Videosoft AMV Media Converter_is1) (Version:  - )
Abrosoft FantaMorph 5.3.6 (HKLM\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.6 - Abrosoft)
Absolute Sound Recorder version 4.3.1 (HKLM\...\Absolute Sound Recorder_is1) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.5 (HKLM\...\{E071691D-20E6-4C2B-9A04-FE41C0FDC367}) (Version: 3.5.1 - Adobe)
Adobe Pixel Bender Toolkit 2 (HKLM\...\{D5CC77BE-BC5B-424E-8E45-DF60AFF7BE9C}) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AIO_CDB_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AirDroid 3.0.4.0 (HKLM\...\AirDroid) (Version: 3.0.4.0 - Sand Studio)
Albelli Photo books (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\{EE19063F-7048-4094-9A1D-D69D9C591119}_is1) (Version:  - Albelli)
Alien Skin Blow Up 2 (HKLM\...\Alien Skin Blow Up 2) (Version:  - Alien Skin Software)
AnyTrans 4.2.7 (HKLM\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 4.2.7 - iMobie Inc.)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics Registry Defrag (HKLM\...\{D627784F-B3EE-44E8-96B1-9509B991EA34}_is1) (Version: 7.5.2.0 - Auslogics Labs Pty Ltd)
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
AVS Audio Converter version 7 (HKLM\...\AVS Audio Converter_is1) (Version:  - Online Media Technologies Ltd.)
AVS Cover Editor 1.3.1.96 (AVS4YOU) (HKLM\...\AVSCoverEditor_AVS4YOU_is1) (Version:  - Online Media Technologies Ltd.)
AVS Disc Creator version 3.5 (HKLM\...\AVS Disc Creator_is1) (Version:  - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
calibre (HKLM\...\{D7E16C53-8B27-46FE-9499-E826CBC2E9CE}) (Version: 0.9.11 - Kovid Goyal)
Camtasia Studio 8 (HKLM\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (HKLM\...\CameraWindowDVC6) (Version: 6.4.0.9 - )
Canon Camera Window MC 6 for ZoomBrowser EX (HKLM\...\CameraWindowMC) (Version: 6.3.0.8 - )
Canon G.726 WMP-Decoder (HKLM\...\Canon G.726 WMP-Decoder) (Version: 1.1.0.4 - )
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.3.1.5 - )
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.5.1.4 - )
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 2.4.0.14 - )
Canon RAW Image Task for ZoomBrowser EX (HKLM\...\RAW Image Task) (Version: 2.6.0.13 - )
Canon RemoteCapture Task for ZoomBrowser EX (HKLM\...\RemoteCaptureTask) (Version: 1.7.0.8 - )
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.5.1.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.19.43 - )
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 5.8.0.74 - )
CardRecoveryPro 2.5.5 (HKLM\...\{D4F48A8F-8E81-43E0-847F-04318383476F}_is1) (Version: 2.5.5 - LionSea SoftWare)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CloneDVD 4.1.0.23 (HKLM\...\MainApp.exe_is1) (Version:  - Copyright © 2003-2007 DVD X Studios.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CopyTrans Suite (HKLM\...\CopyTrans Suite) (Version:  - )
CopyTrans Suite Remove Only (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\CopyTrans Suite) (Version: 3.009 - WindSolutions)
CorelDRAW Essentials 4 - Content (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Draw (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Filters (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - ICA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang BR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang DE (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang EN (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang ES (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang FR (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang IT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Lang NL (Version: 4.0 - Uw bedrijfsnaam) Hidden
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0 - Corel Corporation) Hidden
CorelDRAW Essentials 4 - Windows Shell Extension (HKLM\...\_{CF0ADC18-6D8F-4353-8EAA-DF45456B7853}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW Essentials 4 (HKLM\...\_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}) (Version:  - Corel Corporation)
CorelDRAW Essentials 4 (Version: 4.0 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink MediaShow (HKLM\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1410a - CyberLink Corp.)
CyberLink PhotoNow (HKLM\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2522 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2519.00 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.0.0913 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DDPB (HKLM\...\{748590DB-44CD-48D2-8585-2496BBFE919F}) (Version: 1.0.9 - DauDen.vn)
Desktop iPhone (HKLM\...\iPhone.F4B6EDD4861104DF103CA831FC6755522BBBD9C1.1) (Version: v3.60 - UNKNOWN)
Desktop iPhone (Version: 3.60 - UNKNOWN) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DiskAid 4.64 (HKLM\...\DiskAid_is1) (Version: 4.64 - DigiDNA)
Disketch Disc Label Software (HKLM\...\Disketch) (Version:  - NCH Software)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
DVD Catalyst 4 4.7.0.1 (HKLM\...\DVD Catalyst 4) (Version: 4.7.0.1 - Tools4Movies)
Dynamic Searcher (HKLM\...\TBSB09767.TBSB09767Toolbar) (Version:  - )
EaseUS Data Recovery Wizard 8.0 (HKLM\...\EaseUS Data Recovery Wizard 8.0_is1) (Version:  - EaseUS)
EASEUS Photo Recovery 2.1.1 (HKLM\...\{97480A25-F284-42B6-A453-7F39E30D6DB0}) (Version: 2.1.1 - EASEUS)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
exPressit SE (HKLM\...\{BB42C935-456E-4A6C-B357-FDEE7A59FE21}) (Version: 3.10.0000 - Medea International Ltd)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FastStone Photo Resizer 3.3 (HKLM\...\FastStone Photo Resizer) (Version: 3.3 - FastStone Soft.)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Fiddler (HKLM\...\Fiddler2) (Version: 2.4.2.6 - Telerik)
Filter Forge 3.013 (HKLM\...\Filter Forge 3_is1) (Version:  - Filter Forge, Inc.)
Flame Painter 1.2 (HKLM\...\Flame Painter_is1) (Version: 1.1 - Peter Blaskovic)
FormatFactory 3.0.1 (HKLM\...\FormatFactory) (Version: 3.0.1 - Free Time)
Free WMA to MP3 Converter 1.16 (HKLM\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
Free YouTube to MP3 Converter version 3.12.53.113 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.)
GetDataBack for NTFS (HKLM\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 2.31.006 - Runtime Software)
Google Advertising Cookie Opt-out (HKLM\...\{291820D0-A626-40F9-BDFF-8D5CEAB04243}) (Version: 1.0.1.0 - Google Inc)
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Drive (HKLM\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HandBrake 0.10.1 (HKLM\...\HandBrake) (Version: 0.10.1 - )
HD Tune Pro 5.50 (HKLM\...\HD Tune Pro_is1) (Version:  - EFD Software)
Heritage Photobooks (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Heritage Photobooks) (Version: Heritage Photobooks 2.5.2 - Blissett)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.240 - SurfRight B.V.)
honestech VHS to DVD 2.0 (HKLM\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - )
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{D9B4150C-9EF6-4861-902F-5F5CB760D7ED}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
iFunbox (v1.99.958.697), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v1.99.958.697 - )
iFunBox 2014 (v3.1.562.425), iFunbox DevTeam (HKLM\...\iFunBox 2014_is1) (Version: v3.1.562.425 - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
iTools 3 (HKLM\...\ThinkSky) (Version:  - 深圳市创想天空科技有限公司)
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kingo ROOT version 1.3.4.2252 (HKLM\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.4.2252 - Kingosoft Technology Ltd.)
Learning Lodge™ (HKLM\...\VTechDownloadManager) (Version:  - VTech)
Magical Jelly Bean KeyFinder (HKLM\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Medion Home Cinema (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1318 - CyberLink Corp.)
Medion Home Cinema (Version: 8.0.1318 - CyberLink Corp.) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MioMore Desktop (HKLM\...\{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}) (Version: 5.90.404 - Navman Technologies NZ Ltd)
MMK DPL Frames (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\MMK DPL Frames) (Version:  - )
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Modiac MP3 to MP4 Audio Converter (HKLM\...\Modiac MP3 to MP4 Audio Converter) (Version: 1.0.0.4258 - Modiac Inc.)
Movie Rotator 1.2 (HKLM\...\Movie Rotator_is1) (Version:  - Chris Pearce)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
myphotobook.co.uk (HKLM\...\co.uk.myphotobook.creator.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.6.1.1053 - myphotobook GmbH)
myphotobook.co.uk (Version: 1.6.1 - myphotobook GmbH) Hidden
Neat Image v7.0 Pro plug-in for Photoshop (32-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version:  - Neat Image team, ABSoft)
Nero 7 Essentials (HKLM\...\{9B4E6CB9-E54D-47F7-A414-E2D5740E1033}) (Version: 7.02.8507 - Nero AG)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network Play System (Patching) (HKLM\...\Network Play System (Patching)) (Version:  - )
Nexus Ultimate 10.7 (HKLM\...\Winstep Xtreme_is1) (Version:  - )
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OneClick Video Capture 7.0.11.40 (HKLM\...\OneClick Video Capture_is1) (Version:  - OneClick Software Inc.)
OpenAL (HKLM\...\OpenAL) (Version:  - )
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
Perfect Effects 4.0.4 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.4 - onOne Software)
Photo to Cartoon (HKLM\...\{3A6A34D3-37EE-40F3-BF81-EC7A4BF7F24D}) (Version: 1.0.0 - Caricature Software)
Photodex Presenter (HKLM\...\Photodex Presenter) (Version:  - Photodex Corporation)
photoFXlab (HKLM\...\photoFXlab) (Version: 1.2.7 - Topaz Labs)
PicturesToExe 6.5 (HKLM\...\{A254D625} PicturesToExe 6.5_is1) (Version:  - WnSoft)
Plex Media Server (HKLM\...\{7425d872-d65d-42c9-8c6d-7a8a529a4b50}) (Version: 0.9.1107 - Plex, Inc.)
Plex Media Server (Version: 0.9.1107 - Plex, Inc.) Hidden
Portrait Professional Studio 10.9 (HKLM\...\PortraitProfessionalStudio10_is1) (Version: 10.9 - Anthropics Technology Ltd.)
PPÖúÊÖ PC°æ 1.1.2.0 (HKLM\...\PPÖúÊÖ PC°æ) (Version: 1.1.2.0 - ¹ãÖÝÌúÈËÍøÂç¿Æ¼¼ÓÐÏÞ¹«Ë¾)
ProShow Producer (HKLM\...\ProShow Producer) (Version:  - Photodex Corporation)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
RM Colour Magic (HKLM\...\{53146BEC-BA35-4F12-8F18-D33D7112621C}) (Version: 3.1.0.0 - RM Education plc)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.3.15024.5 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SMI Grabber Device (HKLM\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.29 - Somagic)
Snagit 11 (HKLM\...\{5EAF9FAA-C4B6-4741-81B4-74CD81759EAA}) (Version: 11.4.0 - TechSmith Corporation)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonne Screen Video Capture 7.1.0.563 (HKLM\...\Sonne Screen Video Capture_is1) (Version:  - Sonne Software Solution Ltd.)
SPCA1528 PC Driver (HKLM\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.3.7 - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SpyHunter (HKLM\...\{DB847E94-446B-49E0-AC5D-C5627EC8B0C0}) (Version: 4.15.1.4270 - Enigma Software Group USA, LLC)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
Tone Mapping Plug-In 2.1.1 (HKLM\...\CS432_is1) (Version: 2.1.1 - HDRsoft Sarl)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Topaz Adjust 5 (HKLM\...\Topaz Adjust 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz Detail 2 (HKLM\...\{2B41A52B-F647-4733-AABD-352A9B94DE46}) (Version: 2.0.0 - Topaz Labs)
Topaz Detail 3 (HKLM\...\Topaz Detail 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM\...\Topaz Simplify 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz Star Effects (HKLM\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trust Tablet Driver (HKLM\...\TabletDriver) (Version:  - )
Twilight Phenomena Strange Menagerie Collectors 1.00 (HKLM\...\Twilight Phenomena Strange Menagerie Collectors 1.00) (Version: 1.00 - Games)
Ulead VideoStudio SE DVD (HKLM\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Ultra Video Joiner 6.1.0108 (HKLM\...\Ultra Video Joiner_is1) (Version:  - Aone Software)
Uninstall DreamSuite Bonus (HKLM\...\DreamSuite Bonus) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\UnityWebPlayer) (Version: 4.5.3f3 - Unity Technologies ApS)
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 11.0 (HKLM\...\{6AEFCA01-8DF1-11E1-A17B-F04DA23A5C58}) (Version: 11.0.682 - Sony)
VLC media player 1.1.8 (HKLM\...\VLC media player) (Version: 1.1.8 - VideoLAN)
VTech Download Agent Library (Version: 1.00.0000 - VTech) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
WBFS Manager 3.0 (HKLM\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.8200 - Broadcom Corporation)
WinAVI Video Converter (HKLM\...\WinAVI Video Converter) (Version: 11.6.1.4671 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter 9.0 (HKLM\...\WinAVI Video Converter 9.09.0) (Version: 9.0 - WinAVI Video Converter 9.0)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
Windows Movie Maker Enhancement Pack 2010 (HKLM\...\{20ADC09F-B0AF-4868-85A5-45B972DC4082}_is1) (Version: 1.5 - Chapinsoft, Inc)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wondershare Photo Recovery (build 3.0.3) (HKLM\...\Wondershare Photo Recovery_is1) (Version:  - Wondershare Software Co., Ltd.)
Xilisoft Video Converter Ultimate (HKLM\...\Xilisoft Video Converter Ultimate) (Version: 7.8.0.20140401 - Xilisoft)
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version:  - )
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - )
Zero Assumption Recovery Version 9 (HKLM\...\Zero Assumption Recovery_is1) (Version:  - )
ZPaint 1.4 (HKLM\...\ZPaint 1.4) (Version:  - )
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.14 - ZTE Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\debbie\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{11CD84A3-A5E0-43CB-B3DF-92C623C0E0E0}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{1C94A05E-ED29-4760-B9BC-134593EEE7C3}\InprocServer32 -> C:\Program Files\nCube\Windows 8 Transformation Pack\SDCtrls.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\debbie\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{286DD289-BFFF-4E23-87D4-F31EC94345D0}\InprocServer32 -> C:\Program Files\nCube\Windows 8 Transformation Pack\SDCtrls.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\debbie\AppData\Local\Google\Update\1.2.183.23\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{2A235D7E-0358-40E2-B51A-DE22F8F5C50D}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\debbie\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{34FFA8DB-350A-41D8-9F3B-23D1DC06F5D1}\InprocServer32 -> C:\Program Files\nCube\Windows 8 Transformation Pack\SDCtrls.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\debbie\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{56C94D6A-7370-4885-A04E-7097FE4E0BAF}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\debbie\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{672CDBDB-0270-4EB9-83EC-216377522D21}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{841BFDCA-6A9A-4EBC-BC7E-194AA5DCE428}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\debbie\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{94330D48-EB33-49BB-87F1-AD8C0352C010}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\debbie\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe No (the data entry has 5 more characters).
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{BC149E72-D422-4745-B674-01AB3DD160EB}\InprocServer32 -> C:\Program Files\nCube\Windows 8 Transformation Pack\SDCtrls.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\debbie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\debbie\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{F3A8BE7C-B00C-4CDD-AB7B-6777A56B46B2}\InprocServer32 -> C:\Program Files\nCube\Windows 8 Transformation Pack\SDCtrls.dll No File
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
15-04-2015 12:36:35 Removed SpyHunter
15-04-2015 12:42:57 Installed SpyHunter
15-04-2015 12:48:26 Removed SpyHunter
15-04-2015 14:08:30 Installed SpyHunter
18-04-2015 15:20:45 OTM Restore Point
18-04-2015 18:13:48 Removed GLUCOFACTS™ Deluxe Smart Launch.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2011-03-27 22:29 - 2015-04-18 15:20 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02E7E28E-C2B6-4EEB-97F6-E21E89A7B47A} - System32\Tasks\iToolsDaemon => C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe [2015-04-07] ()
Task: {108C210F-35AD-4C7F-97A6-5799DD7A3375} - System32\Tasks\{F7AA3DB0-0F59-455F-894D-7EA09BF9783B} => pcalua.exe -a C:\Users\debbie\Downloads\mediaface\mediaface4279.exe -d C:\Users\debbie\Downloads\mediaface
Task: {12D09ED0-7353-40D0-972B-18D3517BB264} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000Core => C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {1CAC12D7-D097-46BF-8EF8-97561C79CE72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-16] (Adobe Systems Incorporated)
Task: {20E97EE0-4FFB-4745-8513-A276273E4D98} - System32\Tasks\{69F0A835-A90E-44F3-B34A-44F4CE14A414} => pcalua.exe -a E:\monsetup.exe -d E:\
Task: {278C7718-BA1C-4DF5-B06A-22FE331E2E94} - System32\Tasks\{901DC041-FEB3-4933-8D16-9239B3D413D3} => C:\Program Files\Skype\\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {2AA26483-D9A5-4995-9825-DC8718582E9A} - System32\Tasks\{C6D88008-6B0F-4DB9-92C5-75C24566D4B4} => pcalua.exe -a "C:\Users\debbie\Downloads\Games Chicken Invaders 1,2,3,4 Collection Setup\Games Chicken Invaders 1,2,3,4 Collection Setup.exe" -d "C:\Users\debbie\Downloads\Games Chicken Invaders 1,2,3,4 Collection Setup"
Task: {3488C4D0-6E4D-4F25-B84C-0BE1D834F953} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {3B42A8A5-2B9C-4C9B-A2A5-CDA77BC1EC91} - \AdobeFlashPlayerUpdate 2 No Task File <==== ATTENTION
Task: {5EC2112E-7E54-45C7-A235-711ED24F15ED} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {66CA46FE-72B2-49CA-962A-CC718861EA25} - \RocketTab No Task File <==== ATTENTION
Task: {6A6D27D5-0687-4156-A750-C62D8193C0F0} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {716B1F6E-1855-4FD0-ABD6-CFD68EDC5656} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {8A27875A-AAA8-467D-9E3F-56F0F39B8CE3} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {8A606C24-B74D-4803-99EA-D3B430BF4C4F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {916D5496-D6B2-4CD2-9F26-48256755D3C4} - System32\Tasks\{9AD25FDF-4812-4EC7-8D28-5D37396B1467} => pcalua.exe -a "C:\Users\debbie\Downloads\Software\ImTOO Video Cutter v1.0.34.1231 Software + Serial Key\ImTOO Video Cutter v1.0.34.1231 Software\video-cutter.exe" -d "C:\Users\debbie\Downloads\Software\ImTOO Video Cutter v1.0.34.1231 Software + Serial Key\ImTOO Video Cutter v1.0.34.1231 Software"
Task: {9C6233D4-D5F7-4ACB-AFDF-6EDF29E1BB4C} - System32\Tasks\TechSmith Updater => C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {B9994A0E-A86B-4F85-A7C3-A55A05DB4F7F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000UA => C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {C53EA4F4-1751-4845-BEE5-8C4F534169C5} - System32\Tasks\AdobeAAMUpdater-1.0-JOHNNYS-debbie => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {C5F9F927-2D43-4FE5-BB7C-7F52C78824F5} - \AdobeFlashPlayerUpdate No Task File <==== ATTENTION
Task: {CA566034-572E-4B8E-9C27-33669EA6902E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {CA870C19-1031-42A7-B2A2-3292A2F960F2} - \BitGuard No Task File <==== ATTENTION
Task: {D3EAA9D5-A4CD-4707-9125-75DFF34CD9D6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E066BB03-E095-4BA7-9B56-51945489251E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.)
Task: {E71188E8-CC73-4DF2-B129-42954E652FDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {E7D8FD2A-4148-4841-BD31-6662D9A5D887} - System32\Tasks\{EE208A5B-A8BA-448B-B44D-C7BDFC921015} => pcalua.exe -a "C:\Users\debbie\Downloads\The Scruffs 2 Return of the Duke Setup.exe" -d C:\Users\debbie\Downloads
Task: {EBC6F52B-277A-4824-B01F-56CB10A762BD} - System32\Tasks\{4ACFC437-D0E8-4DAE-BF43-60B7D0A5197D} => pcalua.exe -a C:\Users\debbie\Downloads\Install_CopyTrans_Suite.exe -d C:\Users\debbie\Downloads
Task: {FD95AADA-3E74-4AA7-826C-AE387F29EBC8} - System32\Tasks\AdobeAAMUpdater-1.0-debbie-PC-debbie => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {FE79C07B-0311-4DA6-A27E-212F426A3C5F} - System32\Tasks\{8CBEE47C-B5C4-4D3F-A52E-C861EE9F6BBA} => pcalua.exe -a C:\Users\debbie\Downloads\TrueFearForsakenSoulsCE.exe -d C:\Users\debbie\Downloads
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000Core.job => C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000UA.job => C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\iToolsDaemon.job => C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-10-26 10:07 - 2010-11-18 19:26 - 00224176 _____ () C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
2013-12-06 22:09 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-06 22:09 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2011-03-27 21:32 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-22 16:00 - 2015-04-07 10:57 - 00464760 _____ () C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe
2015-03-22 16:00 - 2015-04-07 10:57 - 00546680 _____ () C:\Program Files\ThinkSky\iTools 3\MiscCore.dll
2015-03-22 16:00 - 2015-04-07 10:57 - 00273784 _____ () C:\Program Files\ThinkSky\iTools 3\TSLib.dll
2015-03-22 16:00 - 2015-04-07 10:57 - 00103288 _____ () C:\Program Files\ThinkSky\iTools 3\ZLib.dll
2015-03-22 16:00 - 2015-04-07 10:57 - 00534392 _____ () C:\Program Files\ThinkSky\iTools 3\UICore.dll
2015-03-22 16:00 - 2015-04-07 10:57 - 00548728 _____ () C:\Program Files\ThinkSky\iTools 3\Sqlite.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00072840 _____ () C:\Program Files\Plex\Plex Media Server\zlib.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00196232 _____ () C:\Program Files\Plex\Plex Media Server\libidn.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00838792 _____ () C:\Program Files\Plex\Plex Media Server\libxml2.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00049800 _____ () C:\Program Files\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00086664 _____ () C:\Program Files\Plex\Plex Media Server\soci_core-vc80-3_0.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 02092680 _____ () C:\Program Files\Plex\Plex Media Server\opencv_core249.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 01883272 _____ () C:\Program Files\Plex\Plex Media Server\opencv_imgproc249.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00502920 _____ () C:\Program Files\Plex\Plex Media Server\tag.dll
2015-04-18 15:24 - 2015-04-18 15:24 - 00043008 _____ () c:\users\debbie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6jsazt.dll
2015-04-07 18:09 - 2015-03-04 22:45 - 00750080 _____ () C:\Users\debbie\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-04-07 18:09 - 2015-03-04 22:45 - 00047616 _____ () C:\Users\debbie\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-04-07 18:09 - 2015-03-04 22:45 - 00865280 _____ () C:\Users\debbie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-04-07 18:09 - 2015-03-04 22:45 - 00200704 _____ () C:\Users\debbie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00044680 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_socket.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00027784 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ssl.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00018568 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_hashlib.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00034952 _____ () C:\Program Files\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00836232 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\etree.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00062600 _____ () C:\Program Files\Plex\Plex Media Server\libexslt.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00166024 _____ () C:\Program Files\Plex\Plex Media Server\libxslt.dll
2014-12-21 23:31 - 2014-12-21 23:31 - 00192136 _____ () C:\Program Files\Plex\Plex Media Server\Exts\lxml\objectify.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00016520 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\select.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00054920 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00017032 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00043656 _____ () C:\Program Files\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00081544 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\_ctypes.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00111240 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\pyexpat.pyd
2014-12-21 23:31 - 2014-12-21 23:31 - 00689800 _____ () C:\Program Files\Plex\Plex Media Server\DLLs\unicodedata.pyd
2015-04-16 20:57 - 2015-04-13 22:55 - 01252680 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-16 20:57 - 2015-04-13 22:55 - 00080712 _____ () C:\Program Files\Google\Chrome\Application\42.0.2311.90\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:012BC84F
AlternateDataStreams: C:\ProgramData\Temp:164561C8
AlternateDataStreams: C:\ProgramData\Temp:17EB5BAE
AlternateDataStreams: C:\ProgramData\Temp:207C4C79
AlternateDataStreams: C:\ProgramData\Temp:264B2CC4
AlternateDataStreams: C:\ProgramData\Temp:4C35C064
AlternateDataStreams: C:\ProgramData\Temp:517EFA90
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:774C075A
AlternateDataStreams: C:\ProgramData\Temp:943971F5
AlternateDataStreams: C:\ProgramData\Temp:A6F30843
AlternateDataStreams: C:\ProgramData\Temp:AA0017FD
AlternateDataStreams: C:\ProgramData\Temp:B0456F0C
AlternateDataStreams: C:\ProgramData\Temp:B9B3B2FE
AlternateDataStreams: C:\ProgramData\Temp:BEACE4C8
AlternateDataStreams: C:\ProgramData\Temp:D4558A0B
AlternateDataStreams: C:\ProgramData\Temp:DD6F157A
AlternateDataStreams: C:\ProgramData\Temp:E5B07840
AlternateDataStreams: C:\ProgramData\Temp:E8C44CB4
AlternateDataStreams: C:\ProgramData\Temp:F5D01D7C
AlternateDataStreams: C:\ProgramData\Temp:F6A0889A
AlternateDataStreams: C:\ProgramData\Temp:F860DBFD
AlternateDataStreams: C:\ProgramData\Temp:FC97DEBC
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Blackberry Device Manager => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NBService => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: ScsiAccess => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UleadBurningHelper => 2
MSCONFIG\Services: Winstep Xtreme Service => 2
MSCONFIG\Services: WinTabService => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^debbie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^debbie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Photosmart 6520 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^debbie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^QuitSmokingApp1256616475.lnk => C:\Windows\pss\QuitSmokingApp1256616475.lnk.Startup
MSCONFIG\startupfolder: C:^Users^debbie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Wireless.lnk => C:\Windows\pss\Wireless.lnk.Startup
MSCONFIG\startupreg: 6B5D93EBA8598A76CA153C077E8095594432D8C9._service_run => "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AgentMonitor => C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Digiarty_Software_AirPlayit => "C:\Program Files\Digiarty\Air_Playit\airplayit.exe" -min
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Facebook Update => "C:\Users\debbie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Photosmart 6520 series (NET) => "C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe" -deviceID "TH45P5711905XP:NW" -scfn "HP Photosmart 6520 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISUSPM => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Malwarebytes' Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: RockMelt Update => "C:\Users\debbie\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: SkyDrive => "C:\Users\debbie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
MSCONFIG\startupreg: UVS10 Preload => C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WTClient => WTClient.exe
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1547069931-2522453681-1799250520-500 - Administrator - Disabled)
debbie (S-1-5-21-1547069931-2522453681-1799250520-1000 - Administrator - Enabled) => C:\Users\debbie
Guest (S-1-5-21-1547069931-2522453681-1799250520-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1547069931-2522453681-1799250520-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Photosmart 3300 series
Description: Photosmart 3300 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart 3300 series
Description: Photosmart 3300 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart 3300 series
Description: Photosmart 3300 series
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Photosmart 3300 series
Description: Photosmart 3300 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/18/2015 05:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ADBCD.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
Exception code: 0x0eedfade
Fault offset: 0x0000812f
Faulting process id: 0x7d8
Faulting application start time: 0xADBCD.exe0
Faulting application path: ADBCD.exe1
Faulting module path: ADBCD.exe2
Report Id: ADBCD.exe3
 
Error: (04/18/2015 05:09:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ADBCD.exe, version: 0.0.0.0, time stamp: 0x2a425e19
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
Exception code: 0x0eedfade
Fault offset: 0x0000812f
Faulting process id: 0x1354
Faulting application start time: 0xADBCD.exe0
Faulting application path: ADBCD.exe1
Faulting module path: ADBCD.exe2
Report Id: ADBCD.exe3
 
Error: (04/17/2015 10:06:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/16/2015 03:50:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/16/2015 01:46:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/16/2015 00:58:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/16/2015 11:11:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/15/2015 11:55:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (04/15/2015 10:54:31 AM) (Source: Google Update) (EventID: 20) (User: JOHNNYS)
Description: Network Request Error.
Error: 0x8004212e. Http status code: 302.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x
 
Error: (04/13/2015 09:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AnyTrans.exe, version: 4.2.7.0, time stamp: 0x54b108a0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb10c6
Exception code: 0xc0020001
Fault offset: 0x0000812f
Faulting process id: 0xebc
Faulting application start time: 0xAnyTrans.exe0
Faulting application path: AnyTrans.exe1
Faulting module path: AnyTrans.exe2
Report Id: AnyTrans.exe3
 
 
System errors:
=============
Error: (04/18/2015 03:23:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/18/2015 03:20:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SpyHunter 4 Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/18/2015 10:53:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/18/2015 10:53:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:50:54 on ‎18/‎04/‎2015 was unexpected.
 
Error: (04/18/2015 10:13:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/17/2015 08:41:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/16/2015 04:34:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/16/2015 04:34:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:31:06 on ‎16/‎04/‎2015 was unexpected.
 
Error: (04/16/2015 09:56:57 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BayerHealthcareService service failed to start due to the following error: 
%%2
 
Error: (04/15/2015 04:34:38 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
 
 
Microsoft Office Sessions:
=========================
Error: (04/18/2015 05:11:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ADBCD.exe0.0.0.02a425e19KERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812f7d801d079f2418a8375E:\ADCDA2\ADBCD.exeC:\Windows\system32\KERNELBASE.dll80bb2b9d-e5e5-11e4-bc89-00262df80690
 
Error: (04/18/2015 05:09:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ADBCD.exe0.0.0.02a425e19KERNELBASE.dll6.1.7601.1822951fb10c60eedfade0000812f135401d079f2031808b0E:\ADCDA2\ADBCD.exeC:\Windows\system32\KERNELBASE.dll42a0e443-e5e5-11e4-bc89-00262df80690
 
Error: (04/17/2015 10:06:39 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/16/2015 03:50:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/16/2015 01:46:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/16/2015 00:58:23 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/16/2015 11:11:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/15/2015 11:55:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\HP\HP Photosmart 6520 series\DriverStore\Pipeline\amd64\hpinkinsAF11.exe
 
Error: (04/15/2015 10:54:31 AM) (Source: Google Update) (EventID: 20) (User: JOHNNYS)
Description: Network Request Error.
Error: 0x8004212e. Http status code: 302.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x8004212e. Http status code 302.
trying WinHTTP.
Send request returned 0x80072ee2. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x
 
Error: (04/13/2015 09:51:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AnyTrans.exe4.2.7.054b108a0KERNELBASE.dll6.1.7601.1822951fb10c6c00200010000812febc01d0762a851fe606C:\Program Files\iMobie\AnyTrans\AnyTrans.exeC:\Windows\system32\KERNELBASE.dllce6c1c7b-e21e-11e4-b17e-00262df80690
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 69%
Total physical RAM: 3032.88 MB
Available physical RAM: 934.91 MB
Total Pagefile: 6064.04 MB
Available Pagefile: 2811.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.69 MB
 
==================== Drives ================================
 
Drive c: (BOOT) (Fixed) (Total:266.99 GB) (Free:31.78 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1DA5C039)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=267 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)
 
==================== End Of Log ============================

Thank you in advance for your help!, Regards and Respect, Johnny.

 


  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Hi welcome123, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction, stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 

Please note that pirated version of software file has been detected in your system. They are not only illegal but also a source of malware infection. I implore you to uninstall your torrent client and refrain from piracy. Should you choose to ignore this, future help will be declined.
2015-04-18 20:10 - 2015-04-18 20:10 - 00064020 _____ () C:\Users\debbie\Downloads\Simpsons.The.Movie.2007.BluRay.1080p.H264.torrent
2015-04-18 17:15 - 2015-04-18 17:15 - 00001231 _____ () C:\Users\debbie\Downloads\IsoBuster+Pro+3.5+Build+3.5.0.0+Final+%2B+Key.torrent
2015-04-18 16:16 - 2015-04-18 16:16 - 00109929 _____ () C:\Users\debbie\Downloads\Autodata+2011++3+38.torrent
2015-04-15 14:07 - 2015-04-15 14:07 - 00016816 _____ () C:\Users\debbie\Downloads\[kickass.to.prx.websiteproxy.co.uk.prx.websiteproxy.co.uk]spyhunter.v4.15.1.4270.incl.crack.dub.boy.torrent

 
  • Step #1 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CreateRestorePoint:
      CloseProcesses:
      EmptyTemp:
      HKLM\...\Run: [] => [X]
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
      HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0F4F6717-D050-4F7D-BEE6-533F0C575E5D} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {289F83F7-98DC-4899-9B38-F9F89267C2D3} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {973708C3-FF05-45B5-BDB5-0E1312BD7EE0} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {BA07D4CE-2931-4A4E-9F2C-00DAD247ED8A} URL = 
      SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {E2AB7DF3-7F1C-48BF-B6FD-18CB65A30C39} URL = 
      FF Extension: No Name - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\[email protected] [Not Found]
      CHR HKLM\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
      CHR HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
      Folder: C:\Users\debbie\Desktop\Virus software
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #2 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 

Reset your web-browsers.

 
  • Required Log(s):
    • FRST Fix Log
    • AdwCleaner Log
Regards,
Valinorum
  • 0

#3
welcome123

welcome123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Thank you,
This is actually a friend of mines laptop!, i have taken note of your above post and agree that piracy is illegal and unfair to those who own the content,
i will in turn explain this to him when he collects it, i have tried to delete most of the downloaded stuff and maybe stuff that isn't wrongly downloaded but that's down to him for having it there in the first place, i will also explain to him that you and i will not help in future if he continues to use such software, or better still i will get him to register. Anyway it seems to have got rid of the dreaded luckysearch.com.
Thank you so much for your help and i will make sure he makes a donation for your time and hopefully i will not have to contact you again over this laptop, i do mean that in a nice way!,
once again thank you and respect to you for your time.
i will await your reply to confirm everything is ok!
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2015 01
Ran by debbie (administrator) on JOHNNYS on 19-04-2015 14:26:31
Running from C:\Users\debbie\Desktop
Loaded Profiles: debbie (Available profiles: debbie)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
() C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files\ThinkSky\iTools 3\iToolsDaemon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Plex, Inc.) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe
(Dropbox, Inc.) C:\Users\debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Python Software Foundation) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
(Plex, Inc.) C:\Program Files\Plex\Plex Media Server\PlexDlnaServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [JumiController] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [CubeDesktop] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [Nexus] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Run: [Plex Media Server] => C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe [5142664 2014-12-21] (Plex, Inc.)
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
Startup: C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\debbie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\debbie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-09-22] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll [2015-01-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @itools.hk/npiTools, version=1.0.0 -> C:\Program Files\ThinkSky\iTools 3\Extensions\npiTools.dll [2015-04-07] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @photodex.com/PhotodexPresenter -> C:\Program Files\Photodex Presenter\npPxPlay.dll [2012-08-16] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2011-03-23] (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1547069931-2522453681-1799250520-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\debbie\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1547069931-2522453681-1799250520-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\debbie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-08-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2011-08-10] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2011-08-10] (Apple Inc.)
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files\Fiddler2\FiddlerHook [2013-03-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-09-30]
FF HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\[email protected] [Not Found]
FF Extension: No Name - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} [Not Found]
FF Extension: No Name - C:\ProgramData\CodecCheck\firefox [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.co.uk/
CHR StartupUrls: Default -> "hxxp://www.google.co.uk/"
CHR DefaultSearchKeyword: Default -> 
CHR DefaultSearchURL: Default -> web/?type=dspp&q={searchTerms}
CHR Profile: C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-15]
CHR Extension: (ChromePoster) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnbbenoccfckadanalngjafokjnnilm [2013-09-20]
CHR Extension: (ShinySearch) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajfpaddcchjgaemolcibmlbgijkhdocl [2014-03-19]
CHR Extension: (Google Docs) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-15]
CHR Extension: (Google Drive) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-20]
CHR Extension: (Web Developer) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-07-09]
CHR Extension: (YouTube) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-20]
CHR Extension: (Chromoji - Emoji for Google Chrome™) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cahedbegdkagmcjfolhdlechbkeaieki [2014-08-15]
CHR Extension: (Google Search) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-20]
CHR Extension: (Google Sheets) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-15]
CHR Extension: (Readium) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-11-08]
CHR Extension: (AdBlock) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-07]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-20]
CHR Extension: (Gmail) - C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-20]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Abrosoft: Abrosoft FantaMorph update permissions manager. 12810.; C:\Program Files\Abrosoft\FantaMorph5\FantaUp.exe [224176 2010-11-18] ()
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
S4 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [244904 2010-02-10] () [File not signed]
S4 ScsiAccess; C:\Program Files\Photodex\ProShowProducer\ScsiAccess.exe [186760 2012-08-16] ()
S4 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2013-07-17] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S4 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S4 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [53248 2007-05-31] (Tablet Driver) [File not signed]
S4 Blackberry Device Manager; "C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe" [X]
S4 Winstep Xtreme Service; C:\Program Files\Winstep\WsxService [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2013-06-29] (Atheros Communications, Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
S3 BTWAMPFL; C:\Windows\System32\DRIVERS\btwampfl.sys [302120 2011-07-30] (Broadcom Corporation.)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [13904 2011-05-06] ()
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [35992 2015-04-10] ()
R3 jumi; C:\Windows\System32\DRIVERS\jumi.sys [13112 2010-06-03] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-04-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [1277504 2012-12-27] (Ralink Technology Corp.)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [9472 2009-07-24] (Primax Ltd)
S3 pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [47360 2013-01-14] (VSO Software) [File not signed]
R3 PTSimBus; C:\Windows\System32\DRIVERS\PTSimBus.sys [18944 2007-06-07] (PenTablet Driver)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [10752 2007-04-23] (PenTablet Driver)
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [515288 2014-12-31] (Realtek Semiconductor Corporation)
S3 SMIGrabber3C; C:\Windows\System32\Drivers\SmiUsbGrabber3C.sys [805888 2011-01-26] (Windows ® Win 7 DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2013-01-06] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2011-04-15] () [File not signed]
S3 TClass2k; C:\Windows\System32\DRIVERS\TClass2k.sys [18432 2007-04-23] (Tablet Driver)
S3 UCTblHid; C:\Windows\System32\DRIVERS\UCTblHid.sys [12800 2007-05-31] (Tablet Driver)
S3 usbrndis6; C:\Windows\system32\drivers\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)
S3 ZTEusbnet; C:\Windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-07-21] (ZTE Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-19 13:32 - 2015-04-19 13:38 - 00000000 ____D () C:\AdwCleaner
2015-04-19 13:32 - 2015-04-19 13:32 - 02217984 _____ () C:\Users\debbie\Desktop\adwcleaner_4.201.exe
2015-04-19 11:09 - 2015-04-19 11:27 - 00000000 ____D () C:\Users\debbie\Desktop\Phoebe
2015-04-18 21:28 - 2015-04-18 21:29 - 00071347 _____ () C:\Users\debbie\Desktop\Addition.txt
2015-04-18 21:26 - 2015-04-19 14:26 - 00024149 _____ () C:\Users\debbie\Desktop\FRST.txt
2015-04-18 21:22 - 2015-04-19 14:26 - 00000000 ____D () C:\FRST
2015-04-18 21:18 - 2015-04-18 21:18 - 01137664 _____ (Farbar) C:\Users\debbie\Desktop\FRST.exe
2015-04-18 18:25 - 2015-04-18 18:25 - 00001602 _____ () C:\Users\debbie\Desktop\GooredFix.txt
2015-04-18 18:25 - 2015-04-18 18:25 - 00000000 ____D () C:\Users\debbie\Desktop\GooredFix Backups
2015-04-18 15:20 - 2015-04-18 15:20 - 00000000 ____D () C:\_OTM
2015-04-18 15:07 - 2015-04-18 18:30 - 00000000 ____D () C:\Users\debbie\Desktop\Virus software
2015-04-18 15:06 - 2015-04-18 15:07 - 00513320 _____ () C:\Users\debbie\Downloads\erunt.zip
2015-04-16 17:14 - 2015-04-16 17:14 - 00002513 _____ () C:\Users\debbie\Desktop\Twilight Phenomena Strange Menagerie Collectors.lnk
2015-04-16 16:03 - 2015-04-16 16:22 - 1038849645 _____ (Games ) C:\Users\debbie\Downloads\TwilightPhenStrangeMenagerieCE.exe
2015-04-16 15:23 - 2015-04-16 15:23 - 08285177 _____ () C:\Users\debbie\Downloads\Cleaner Pro v1.2.1.apk
2015-04-16 10:47 - 2015-04-16 11:36 - 00000000 ____D () C:\Users\debbie\Desktop\MaeMae Summer
2015-04-15 16:32 - 2015-04-15 16:37 - 00000000 ____D () C:\Users\debbie\Downloads\AnyTrans Portable x86
2015-04-15 16:30 - 2015-04-15 16:30 - 00000000 ____D () C:\Users\debbie\.swt
2015-04-15 16:29 - 2015-04-16 16:27 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Azureus
2015-04-15 16:29 - 2015-04-15 16:29 - 00001802 _____ () C:\Users\Public\Desktop\Vuze.lnk
2015-04-15 16:29 - 2015-04-15 16:29 - 00001802 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2015-04-15 16:29 - 2015-04-15 16:29 - 00000000 ____D () C:\Program Files\Vuze
2015-04-15 16:27 - 2015-04-15 16:27 - 00072008 _____ (Azureus Software, Inc.) C:\Users\debbie\Downloads\VuzeBittorrentClientInstaller.exe
2015-04-15 16:25 - 2015-04-15 16:31 - 38779551 _____ () C:\Users\debbie\Downloads\Air Racing 3D. APK
2015-04-15 15:12 - 2015-04-15 15:12 - 00001339 _____ () C:\Users\debbie\Desktop\Modiac MP3 to MP4 Audio Converter.lnk
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Modiac
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Modiac MP3 to MP4 Audio Converter
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Users\debbie\AppData\Local\Modiac
2015-04-15 15:12 - 2015-04-15 15:12 - 00000000 ____D () C:\Program Files\Modiac
2015-04-15 15:11 - 2015-04-15 15:12 - 19586822 _____ (Modiac Inc.) C:\Users\debbie\Downloads\Modiac_MP3_to_MP4_Converter.exe
2015-04-15 15:08 - 2015-04-15 15:08 - 00000000 ____D () C:\Users\debbie\AppData\Local\{B1CACF31-36C8-4DA1-8754-89959B9A1C0C}
2015-04-15 14:10 - 2015-04-15 14:10 - 00002252 _____ () C:\Users\debbie\Desktop\SpyHunter.lnk
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\sh4ldr
2015-04-15 14:10 - 2015-04-15 14:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-04-15 13:02 - 2015-04-15 13:02 - 508374807 _____ () C:\Windows\MEMORY.DMP
2015-04-15 08:25 - 2015-04-15 14:08 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-14 14:23 - 2015-04-14 14:23 - 00064205 _____ () C:\Users\debbie\Downloads\optien.zip
2015-04-14 11:42 - 2015-04-14 18:23 - 1210027104 _____ () C:\Users\debbie\Downloads\EUR-I9205XXUDOA1-20150217095507.zip
2015-04-13 22:00 - 2015-04-13 22:00 - 00001958 _____ () C:\Users\Public\Desktop\AnyTrans.lnk
2015-04-13 22:00 - 2015-04-13 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2015-04-13 22:00 - 2015-04-13 22:00 - 00000000 ____D () C:\Program Files\iMobie
2015-04-13 21:49 - 2015-04-13 21:49 - 00000000 ____D () C:\Users\debbie\Downloads\AnyTrans
2015-04-13 14:17 - 2015-04-15 10:35 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\HandBrake
2015-04-13 14:15 - 2015-04-13 14:15 - 15839599 _____ () C:\Users\debbie\Downloads\HandBrake-0.10.1-i686-Win_GUI.exe
2015-04-13 14:15 - 2015-04-13 14:15 - 00000985 _____ () C:\Users\debbie\Desktop\Handbrake.lnk
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-04-13 14:15 - 2015-04-13 14:15 - 00000000 ____D () C:\Program Files\Handbrake
2015-04-12 21:59 - 2015-04-12 21:59 - 01073605 _____ () C:\Users\debbie\Downloads\UPDATE-SuperSU-v1.34.zip
2015-04-12 21:40 - 2015-04-12 21:41 - 21143241 _____ () C:\Users\debbie\Downloads\GT-I9205.zip
2015-04-11 21:31 - 2015-04-11 21:31 - 00000000 ____D () C:\usb_driver
2015-04-11 18:23 - 2015-04-11 18:23 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\AdamOutler
2015-04-11 18:21 - 2015-04-11 18:21 - 00000000 ____D () C:\Program Files\Heimdall
2015-04-10 20:52 - 2015-04-10 20:52 - 00035992 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-04-10 20:37 - 2015-04-10 20:37 - 00019880 _____ () C:\Windows\system32\.crusader
2015-04-10 19:59 - 2015-04-10 19:59 - 00001901 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2015-04-10 19:59 - 2015-04-10 19:59 - 00000000 ____D () C:\Program Files\HitmanPro
2015-04-10 19:56 - 2015-04-10 20:38 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-10 19:51 - 2015-04-10 19:51 - 00000000 ____D () C:\Users\debbie\Downloads\Hitman Pro 3.7.9 Build 238
2015-04-10 15:37 - 2014-06-16 07:01 - 00184192 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-04-10 15:37 - 2014-06-16 07:01 - 00089856 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-04-10 11:17 - 2015-04-14 19:29 - 00000000 ____D () C:\Users\debbie\Desktop\STOCK FIRMWARE GT-I9205
2015-04-10 11:17 - 2015-04-10 11:18 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\debbie\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.0.exe
2015-04-09 21:38 - 2015-04-09 21:38 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2015-04-09 21:38 - 2015-04-09 21:38 - 00000000 ____D () C:\Users\debbie\AppData\Local\Samsung
2015-04-09 21:37 - 2015-04-09 21:37 - 00000000 ____D () C:\Users\debbie\Documents\samsung
2015-04-09 21:31 - 2015-04-09 21:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-09 21:31 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\system32\Redemption.dll
2015-04-09 21:31 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\system32\secman.dll
2015-04-09 21:31 - 2013-12-30 10:52 - 00821824 _____ (Devguru Co., Ltd.) C:\Windows\system32\dgderapi.dll
2015-04-09 21:27 - 2015-04-09 21:28 - 77317912 _____ (Samsung Electronics Co., Ltd.) C:\Users\debbie\Downloads\KiesSetup (1).exe
2015-04-09 20:21 - 2015-04-09 20:22 - 12290974 _____ (ImageWriter Developers ) C:\Users\debbie\Downloads\Win32DiskImager-0.9.5-install.exe
2015-04-07 18:11 - 2015-04-19 13:41 - 00000000 ___RD () C:\Users\debbie\Dropbox
2015-04-07 18:11 - 2015-04-07 18:11 - 00001131 _____ () C:\Users\debbie\Desktop\Dropbox.lnk
2015-04-07 18:09 - 2015-04-07 18:09 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-07 18:07 - 2015-04-19 13:41 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Dropbox
2015-04-07 18:07 - 2015-04-07 18:07 - 00356232 _____ (Dropbox, Inc.) C:\Users\debbie\Downloads\DropboxInstaller.exe
2015-04-05 13:29 - 2015-04-05 15:06 - 00000000 ____D () C:\Users\debbie\Desktop\easter
2015-04-04 13:55 - 2015-04-04 13:57 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Digiarty
2015-04-04 13:53 - 2015-04-04 13:54 - 11274056 _____ (Digiarty ) C:\Users\debbie\Downloads\airplayitserver_setup.exe
2015-04-02 14:59 - 2015-04-02 14:59 - 00000000 ____D () C:\ProgramData\GameHouse
2015-04-01 20:23 - 2015-04-01 20:23 - 16216983 _____ () C:\Users\debbie\Documents\The Sky News Ballot Ballad _ General Election 2015.mp4
2015-04-01 20:23 - 2015-04-01 20:23 - 03201213 _____ () C:\Users\debbie\Documents\The Sky News Ballot Ballad _ General Election 2015.wmv
2015-03-31 15:57 - 2015-04-10 20:37 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\jqGt8
2015-03-31 15:57 - 2015-03-31 17:37 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\VTENp
2015-03-31 15:57 - 2015-03-31 15:57 - 00000000 ____D () C:\tmp
2015-03-31 15:51 - 2015-03-31 16:01 - 00000000 ____D () C:\ProgramData\{e54fbc5f-5e54-4c86-e54f-fbc5f5e5f17d}
2015-03-25 15:19 - 2015-03-25 15:19 - 00087608 _____ () C:\Users\debbie\AppData\Roaming\inst.exe
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\Users\debbie\AppData\Local\Reflector
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\ProgramData\Reflector
2015-03-22 16:46 - 2015-03-22 16:46 - 00000000 ____D () C:\ProgramData\Reflection
2015-03-22 16:45 - 2015-03-23 12:26 - 00000000 ____D () C:\Program Files\Reflector
2015-03-22 16:45 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-22 16:44 - 2015-03-22 16:44 - 11812864 _____ () C:\Users\debbie\Downloads\Reflector32.msi
2015-03-22 16:00 - 2015-04-19 14:27 - 00000308 _____ () C:\Windows\Tasks\iToolsDaemon.job
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\ThinkSky
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iTools 3
2015-03-22 16:00 - 2015-03-22 16:00 - 00000000 ____D () C:\Program Files\ThinkSky
2015-03-22 15:57 - 2015-03-22 15:59 - 15779856 _____ () C:\Users\debbie\Downloads\iToolsSetup_3.1.8.0.exe
2015-03-22 13:58 - 2015-03-22 13:58 - 00000000 ____D () C:\Program Files\uvnc bvba
2015-03-20 12:59 - 2015-03-20 13:23 - 00000000 ____D () C:\Users\debbie\Desktop\Kala
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-19 14:26 - 2015-02-21 19:43 - 00000000 ____D () C:\Users\debbie\Desktop\Movies
2015-04-19 14:26 - 2014-01-07 19:03 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 13:53 - 2011-07-15 19:43 - 00000930 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000UA.job
2015-04-19 13:53 - 2011-02-23 15:59 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-19 13:53 - 2011-02-23 15:59 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-19 13:49 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-19 13:49 - 2009-07-14 05:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-19 13:43 - 2014-08-20 13:21 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-19 13:40 - 2015-01-28 11:53 - 00030920 _____ () C:\Windows\setupact.log
2015-04-19 13:40 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-19 13:39 - 2011-02-23 15:18 - 01265745 _____ () C:\Windows\WindowsUpdate.log
2015-04-19 13:38 - 2015-03-13 11:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-04-19 13:38 - 2011-02-23 15:20 - 00001152 _____ () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-19 13:25 - 2015-02-22 13:13 - 00516608 ___SH () C:\Users\debbie\Desktop\Thumbs.db
2015-04-19 10:53 - 2011-07-15 19:43 - 00000908 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1547069931-2522453681-1799250520-1000Core.job
2015-04-19 10:29 - 2014-06-16 10:50 - 00000000 ____D () C:\Users\debbie\AppData\Local\Adobe
2015-04-18 20:18 - 2015-02-06 14:05 - 00000000 ____D () C:\Users\debbie\Desktop\Bakerbum
2015-04-18 18:23 - 2011-11-07 12:04 - 00000000 ____D () C:\OutputFolder
2015-04-18 18:22 - 2015-02-24 15:47 - 00000000 ____D () C:\Users\debbie\Desktop\BENS
2015-04-18 18:09 - 2013-09-02 18:50 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\WinFF
2015-04-18 18:09 - 2011-08-20 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2015-04-18 18:09 - 2011-08-20 11:40 - 00000000 ____D () C:\Program Files\Wondershare
2015-04-18 17:56 - 2014-05-15 20:07 - 00000000 ____D () C:\Program Files\Yawcam
2015-04-18 17:11 - 2011-07-30 14:45 - 00000000 ____D () C:\Users\debbie\AppData\Local\CrashDumps
2015-04-18 15:23 - 2011-02-23 15:19 - 00000000 ____D () C:\Users\debbie
2015-04-18 15:18 - 2011-04-11 19:01 - 00000000 ____D () C:\Windows\ERDNT
2015-04-18 10:53 - 2015-01-29 08:31 - 00043218 _____ () C:\Windows\PFRO.log
2015-04-18 10:12 - 2011-05-15 12:12 - 00000000 ____D () C:\Windows\Jack of all Tribes
2015-04-16 17:20 - 2011-11-07 16:41 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\ERS Game Studios
2015-04-16 16:39 - 2010-03-15 05:46 - 00780908 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-16 16:28 - 2013-07-17 22:16 - 00000000 ____D () C:\Program Files\Games
2015-04-15 16:46 - 2013-05-27 22:30 - 00000000 ____D () C:\Users\debbie\AppData\Local\CRE
2015-04-15 13:02 - 2011-03-27 14:25 - 00000000 ____D () C:\Windows\Minidump
2015-04-15 10:46 - 2014-12-08 17:05 - 00000000 ____D () C:\Users\debbie\Desktop\Heart box
2015-04-15 08:08 - 2009-07-14 05:33 - 04212488 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-14 20:18 - 2015-02-21 12:45 - 00000000 ____D () C:\Users\debbie\Desktop\pics Isla-mae
2015-04-14 20:13 - 2015-01-27 22:23 - 00000000 ____D () C:\Users\debbie\Desktop\Nicole
2015-04-14 20:08 - 2015-01-22 17:04 - 00000000 ____D () C:\Users\debbie\Desktop\New folder (2)
2015-04-14 19:38 - 2015-01-11 17:37 - 00000000 ____D () C:\Users\debbie\Desktop\New folder
2015-04-14 18:54 - 2011-03-02 19:29 - 00268904 _____ () C:\Users\debbie\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-14 14:50 - 2015-03-09 22:37 - 00000000 ____D () C:\Users\debbie\Desktop\Easter l;etter
2015-04-13 21:59 - 2015-02-07 23:13 - 00000000 ____D () C:\Users\debbie\Downloads\iMobie AnyTrans 4.2.7 Build 20150110 Multilingual
2015-04-13 21:37 - 2014-06-02 13:13 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2015-04-13 18:11 - 2014-07-29 22:16 - 00000000 ____D () C:\Users\debbie\Downloads\Faststone
2015-04-13 14:17 - 2014-06-13 13:07 - 00000000 ____D () C:\Users\debbie\Documents\my medication
2015-04-13 10:38 - 2015-03-05 18:02 - 00000000 ____D () C:\Users\debbie\Desktop\New folder (5)
2015-04-12 17:42 - 2015-01-15 19:33 - 02450944 ___SH () C:\Users\debbie\Downloads\Thumbs.db
2015-04-11 15:54 - 2011-03-28 09:10 - 00753664 ___SH () C:\Users\debbie\Documents\Thumbs.db
2015-04-10 10:23 - 2011-08-16 11:02 - 00000000 ____D () C:\Windows\Sun
2015-04-09 21:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-04-09 21:38 - 2011-04-15 10:45 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Samsung
2015-04-09 21:31 - 2010-03-15 05:49 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2015-04-09 21:30 - 2015-03-15 20:03 - 00000000 ____D () C:\Program Files\SAMSUNG
2015-04-09 21:30 - 2015-03-15 20:01 - 00000000 ____D () C:\ProgramData\Samsung
2015-04-09 21:28 - 2011-07-29 22:44 - 00000000 ____D () C:\Users\debbie\AppData\Local\Downloaded Installations
2015-04-09 15:53 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-07 19:41 - 2011-07-01 18:00 - 00000000 ____D () C:\Users\debbie\AppData\Local\WinAVI
2015-04-02 15:25 - 2015-03-13 11:03 - 00000000 ____D () C:\Users\debbie\Documents\AirDroid
2015-04-02 14:57 - 2010-03-15 06:18 - 00000000 ____D () C:\ProgramData\Temp
2015-04-02 13:30 - 2014-11-24 11:28 - 00000000 ____D () C:\Users\debbie\Desktop\Adrian
2015-03-31 21:47 - 2015-01-03 11:35 - 00000000 ____D () C:\Users\debbie\Desktop\mycyber folder
2015-03-31 17:38 - 2011-12-19 23:08 - 00000000 ____D () C:\Windows\Splash Screens
2015-03-30 14:37 - 2013-11-27 17:17 - 00000000 ____D () C:\Users\debbie\Desktop\add family
2015-03-25 22:15 - 2013-04-17 19:01 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\AlawarEntertainment
2015-03-25 16:02 - 2011-10-22 14:26 - 00000000 ____D () C:\Windows\massfilter
2015-03-25 15:27 - 2014-11-08 20:11 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-25 15:27 - 2014-08-20 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-25 15:27 - 2014-08-20 13:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-03-25 15:19 - 2014-12-16 19:04 - 00000000 ____D () C:\Program Files\VSO
2015-03-25 15:19 - 2013-01-14 16:47 - 00000033 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.log
2015-03-25 15:19 - 2013-01-14 16:45 - 00047360 _____ (VSO Software) C:\Users\debbie\AppData\Roaming\pcouffin.sys
2015-03-25 15:19 - 2013-01-14 16:45 - 00007887 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.cat
2015-03-25 15:19 - 2013-01-14 16:45 - 00000000 ____D () C:\Users\debbie\AppData\Roaming\Vso
 
==================== Files in the root of some directories =======
 
2002-12-27 11:47 - 2002-07-28 23:40 - 1059840 _____ (Auto FX Software) C:\Program Files\DS_Bonus_Plugin.8bf
2014-03-20 12:53 - 2014-03-20 12:53 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files\Common Files\atimpenc.dll
2013-11-30 20:08 - 2013-11-30 20:08 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-09-14 22:13 - 2014-12-01 19:17 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CC Prefs
2011-11-29 23:40 - 2011-11-29 23:40 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-09-26 23:35 - 2014-09-18 15:16 - 0000132 _____ () C:\Users\debbie\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-09-26 08:34 - 2012-09-26 08:34 - 0000690 _____ () C:\Users\debbie\AppData\Roaming\Contact Sheet II.xml
2012-09-26 08:34 - 2012-09-26 08:35 - 0007257 _____ () C:\Users\debbie\AppData\Roaming\ContactSheetII.log
2013-01-14 16:45 - 2013-01-14 16:45 - 0081920 _____ () C:\Users\debbie\AppData\Roaming\ezpinst.exe
2013-08-28 18:40 - 2014-07-12 23:19 - 0002048 _____ () C:\Users\debbie\AppData\Roaming\Heritage Photobooks Prefs
2015-03-25 15:19 - 2015-03-25 15:19 - 0087608 _____ () C:\Users\debbie\AppData\Roaming\inst.exe
2013-01-14 16:45 - 2015-03-25 15:19 - 0007887 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.cat
2013-01-14 16:45 - 2015-03-25 15:19 - 0001144 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.inf
2013-01-14 16:47 - 2015-03-25 15:19 - 0000033 _____ () C:\Users\debbie\AppData\Roaming\pcouffin.log
2013-01-14 16:45 - 2015-03-25 15:19 - 0047360 _____ (VSO Software) C:\Users\debbie\AppData\Roaming\pcouffin.sys
2011-07-20 10:16 - 2014-03-20 14:32 - 0003521 _____ () C:\Users\debbie\AppData\Roaming\Rim.Desktop.Exception.log
2011-07-01 22:24 - 2014-09-20 12:40 - 0004205 _____ () C:\Users\debbie\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-07-20 10:16 - 2014-03-20 14:32 - 0003080 _____ () C:\Users\debbie\AppData\Roaming\Rim.DesktopHelper.Exception.log
2012-07-25 10:54 - 2013-12-31 20:57 - 0001078 _____ () C:\Users\debbie\AppData\Roaming\Rim.Transcoder.Exception.log
2011-06-21 13:58 - 2012-09-28 11:36 - 0022927 _____ () C:\Users\debbie\AppData\Roaming\UserTile.png
2014-12-16 19:04 - 2014-12-16 20:56 - 0001059 _____ () C:\Users\debbie\AppData\Roaming\vso_ts_preview.xml
2011-04-05 22:40 - 2011-04-05 22:40 - 0001456 _____ () C:\Users\debbie\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-12-04 19:13 - 2014-12-17 17:21 - 0001456 _____ () C:\Users\debbie\AppData\Local\Adobe Save for Web 13.0 Prefs
2011-07-20 10:18 - 2014-05-20 09:02 - 0074240 _____ () C:\Users\debbie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-09 07:07 - 2014-04-09 07:07 - 0000017 _____ () C:\Users\debbie\AppData\Local\resmon.resmoncfg
2012-09-09 16:08 - 2012-09-09 16:08 - 0017408 _____ () C:\Users\debbie\AppData\Local\WebpageIcons.db
2014-10-02 12:06 - 2014-10-02 12:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2011-04-04 16:59 - 2014-12-23 10:32 - 0143131 _____ () C:\ProgramData\hpzinstall.log
2011-05-01 22:19 - 2011-05-01 22:19 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2011-04-15 10:43 - 2011-05-21 12:14 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2012-02-21 18:01 - 2012-02-24 19:27 - 0001478 _____ () C:\ProgramData\port_acpca.log
 
Some content of TEMP:
====================
C:\Users\debbie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpes4dho.dll
C:\Users\debbie\AppData\Local\Temp\Quarantine.exe
C:\Users\debbie\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-15 11:55
 
==================== End Of Log ============================
 
ADWARE CLEANER LOG
 
 
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 13:37:41
# Updated 08/04/2015 by Xplode
# Database : 2015-04-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : debbie - JOHNNYS
# Running from : C:\Users\debbie\Desktop\adwcleaner_4.201.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : YahooAUService
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Isis
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\codeccheck
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\4e23d844000033a7
Folder Deleted : C:\Program Files\GreenTree Applications
Folder Deleted : C:\Program Files\kuaiyong
Folder Deleted : C:\Program Files\Video Converter
Folder Deleted : C:\Users\debbie\AppData\Local\PackageAware
Folder Deleted : C:\Users\debbie\AppData\Local\torch
Folder Deleted : C:\Users\debbie\AppData\Local\DownloadManager
Folder Deleted : C:\Users\debbie\AppData\Local\Pro_PC_Cleaner
Folder Deleted : C:\Users\debbie\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\debbie\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\debbie\AppData\Roaming\iWin
Folder Deleted : C:\Users\debbie\AppData\Roaming\kuaiyong
Folder Deleted : C:\Users\debbie\AppData\Roaming\quickclick
Folder Deleted : C:\Users\debbie\AppData\Roaming\YourFileDownloader
Folder Deleted : C:\Users\debbie\Documents\ProPCCleaner
Folder Deleted : C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\Extensions\{33E0DAA6-3AF3-D8B5-6752-10E949C61516}
File Deleted : C:\END
File Deleted : C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\invalidprefs.js
File Deleted : C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\searchplugins\Askcom.xml
 
***** [ Scheduled tasks ] *****
 
Task Deleted : ProPCCleaner_Popup
Task Deleted : ProPCCleaner_Start
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid\AirDroid.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AirDroid.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\debbie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Medion Homepage.lnk
 
***** [ Registry ] *****
 
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b2375139-b908-4471-a891-0e2f76a4d88b}]
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\*\shell\filescout
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKCU\Software\5d55dfd8e169b914
Key Deleted : HKLM\SOFTWARE\5d55dfd8e169b914
Key Deleted : HKLM\SOFTWARE\9ec9bf11-8076-01f2-f374-b4b58448e55c
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Key Deleted : HKCU\Software\ProPCCleanerConfig
Key Deleted : HKCU\Software\rttasks
Key Deleted : HKCU\Software\AppDataLow\Software\Show-Password
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SimplyGen
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16736
 
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v42.0.2311.90
 
[C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : jpnbdefcbnoefmmcpelplabbkfmfhlho
[C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : kiplfnciaokpcennlkldkdaeaaomamof
[C:\Users\debbie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : logekkkdbdidmmcgkonmmonclldogceg
 
*************************
 
AdwCleaner[R0].txt - [8463 bytes] - [19/04/2015 13:32:49]
AdwCleaner[S0].txt - [8599 bytes] - [19/04/2015 13:37:41]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8658  bytes] ##########
 

  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Post the Fixlog.txt.
  • 0

#5
welcome123

welcome123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-04-2015 01
Ran by debbie at 2015-04-19 13:20:21 Run:1
Running from C:\Users\debbie\Desktop
Loaded Profiles: debbie (Available profiles: debbie)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
HKLM\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {0F4F6717-D050-4F7D-BEE6-533F0C575E5D} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {289F83F7-98DC-4899-9B38-F9F89267C2D3} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {973708C3-FF05-45B5-BDB5-0E1312BD7EE0} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {BA07D4CE-2931-4A4E-9F2C-00DAD247ED8A} URL = 
SearchScopes: HKU\S-1-5-21-1547069931-2522453681-1799250520-1000 -> {E2AB7DF3-7F1C-48BF-B6FD-18CB65A30C39} URL = 
FF Extension: No Name - C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\[email protected] [Not Found]
CHR HKLM\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
CHR HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nipcdlfhdehdhmajficeeocjdbdhacdn] - C:\Users\debbie\AppData\Local\CRE\nipcdlfhdehdhmajficeeocjdbdhacdn.crx [Not Found]
Folder: C:\Users\debbie\Desktop\Virus software
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F4F6717-D050-4F7D-BEE6-533F0C575E5D}" => Key deleted successfully.
HKCR\CLSID\{0F4F6717-D050-4F7D-BEE6-533F0C575E5D} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}" => Key deleted successfully.
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{289F83F7-98DC-4899-9B38-F9F89267C2D3}" => Key deleted successfully.
HKCR\CLSID\{289F83F7-98DC-4899-9B38-F9F89267C2D3} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{973708C3-FF05-45B5-BDB5-0E1312BD7EE0}" => Key deleted successfully.
HKCR\CLSID\{973708C3-FF05-45B5-BDB5-0E1312BD7EE0} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA07D4CE-2931-4A4E-9F2C-00DAD247ED8A}" => Key deleted successfully.
HKCR\CLSID\{BA07D4CE-2931-4A4E-9F2C-00DAD247ED8A} => Key not found. 
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E2AB7DF3-7F1C-48BF-B6FD-18CB65A30C39}" => Key deleted successfully.
HKCR\CLSID\{E2AB7DF3-7F1C-48BF-B6FD-18CB65A30C39} => Key not found. 
C:\Users\debbie\AppData\Roaming\Mozilla\Firefox\Profiles\vjly1c4c.default\extensions\[email protected] => not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\nipcdlfhdehdhmajficeeocjdbdhacdn" => Key deleted successfully.
"HKU\S-1-5-21-1547069931-2522453681-1799250520-1000\SOFTWARE\Google\Chrome\Extensions\nipcdlfhdehdhmajficeeocjdbdhacdn" => Key deleted successfully.
 
========================= Folder: C:\Users\debbie\Desktop\Virus software ========================
 
2015-04-18 15:10 - 2015-04-18 15:10 - 0071398 _____ (jpshortstuff) C:\Users\debbie\Desktop\Virus software\GooredFix.exe
2015-04-18 15:09 - 2015-04-18 15:09 - 0522240 _____ (OldTimer Tools) C:\Users\debbie\Desktop\Virus software\OTM.exe
2015-04-18 15:16 - 2015-04-18 15:16 - 4197016 _____ (Kaspersky Lab ZAO) C:\Users\debbie\Desktop\Virus software\tdsskiller.exe
2015-04-18 16:12 - 2015-04-18 16:12 - 0267964 _____ () C:\Users\debbie\Desktop\Virus software\virus  removal.docx
2015-04-18 15:08 - 2015-04-18 15:08 - 0000000 ____D () C:\Users\debbie\Desktop\Virus software\ERUNT
2015-04-18 15:07 - 2005-10-20 12:04 - 0038912 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\AUTOBACK.EXE
2015-04-18 15:07 - 2005-10-20 12:02 - 0163328 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\ERDNT.E_E
2015-04-18 15:07 - 2002-09-25 03:11 - 0002815 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\ERDNTDOS.LOC
2015-04-18 15:07 - 2002-09-25 03:09 - 0003275 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\ERDNTWIN.LOC
2015-04-18 15:07 - 2005-10-20 12:00 - 0157696 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\ERUNT.EXE
2015-04-18 15:07 - 2001-11-24 04:01 - 0004090 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\ERUNT.LOC
2015-04-18 15:07 - 2005-10-20 12:04 - 0038994 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\LIESMICH.TXT
2015-04-18 15:07 - 2002-09-25 03:11 - 0005417 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\LOC_GER.ZIP
2015-04-18 15:07 - 2005-10-20 12:03 - 0140288 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\NTREGOPT.EXE
2015-04-18 15:07 - 2002-09-25 02:57 - 0001960 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\NTREGOPT.LOC
2015-04-18 15:07 - 2005-10-20 12:05 - 0031952 _____ () C:\Users\debbie\Desktop\Virus software\ERUNT\README.TXT
 
====== End of Folder: ======
 
EmptyTemp: => Removed 1.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 13:22:23 ====

  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Iconic_normal.png Please download Malwarebytes Anti-Malware to your desktop
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
    • Enable free trial of Malwarebytes Anti-Malware Premium
    • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that everything is set to "Quarantine", and click Apply Actions.
  • Reboot your computer if prompted.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

The log is available throughout History ->Application logs. Please post it contents in your next reply.
  • 0

#7
welcome123

welcome123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 19/04/2015
Scan Time: 05:38:10 PM
Logfile: Mbam.txt
Administrator: Yes
 
Version: 2.01.4.1018
Malware Database: v2015.04.19.04
Rootkit Database: v2015.03.31.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: debbie
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 351953
Time Elapsed: 24 min, 25 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

#8
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
How is the PC performing?
  • 0

#9
welcome123

welcome123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts

Its fine now!,

Again thank you for your time. 
Regards and Respect.


  • 0

#10
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Perusing your logs, I see no infection currently present in your system. Unless you are having any issue(s), the machine appears to be Malware-free as we speak.

 

♣ Removal of Tools and Quarantined Files ♣


 

Despite the tools we have used are clean, they are powerful removal tools and made in a way so that they carry out any commands given to them without (most cases) asking for a confirmation. In the hands of an inept person, they can make the machine un-bootable -- a scenario we do not wish to see. Also, we need to remove the quarantined files/folders from your system as a dormant malware can be as bad as an active one if given the proper environment. I shall now give you the guidelines to remove the tools and the quarantined files from your system.
  • Cleanup with Delfix
    Please download DelFix by Xplode to your Desktop.
    Download Link
    • Double-click to run the program;
      • Note: Windows Vista/7/8 users right-click and choose Run as administrator
    • Make sure that all the boxes are checked;
    • Click Run;
    • A log will be opened after the operation is finished;
    • Copy and Paste it in your next reply
 

♣ Prevention and Future Guidelines ♣


 

Prevention is better than cure -- goes the old saying. As much as we love to see you visit our site, we do not want to see you having your PC infected by malwares again.
  • Keep Windows up-to-date.
    It is extremely important that you keep your operating system (Windows) updated when updates are made available. It is set to alert you, so be sure not to ignore these notices and to allow the updates to install. Many of these are critical security packages which could very possibly be the difference between your picking up a future infiltration and simply passing right by it unharmed.
  • Run antivirus software and keep it up-to-date, too.
    Antivirus software is your safety net if all other protections fail. The first line of defense is smart computing, of course, but everyone needs a backup. I'd recommend Microsoft Security Essentials or avast!, both of which are excellent, as well as free. Once they're installed, check periodically to ensure they have been successfully updating as well. An out-of-date antivirus is not a happy antivirus!
  • Keep your web browser plugins and other programs updated also.
    This tip is rarely shared by technicians and its importance is not widely recognized, but it's absolutely critical. Programs such as Java, Adobe Flash Player and Adobe Reader, Internet Explorer, and myriad other such web-exposed items are deeply vulnerable to attack, which can quickly lead to a hopelessly infected system no matter what protection you currently have installed. The reason is that these programs are ubiquitous, but are also not perfect and are extremely complex... and as such, security vulnerabilities are discovered and exploited by hackers hoping to gain control over your machine. By performing every update for these programs as soon as it's made available, you will greatly reduce your exposure to dangerous internet threats.

    A great way to do this is to install the Filehippo Update Checker and run it regularly. Also, try not to ignore any notifications you receive regarding updates to programs already installed on your PC.

    No scripts is an excellent security device too. I like it but it is not for everyone because it requires you to take action if you want to see some things (pop ups, banners etc.) on sites you visit.

    Download NoSript by Giorgio Maone.

    Note: Sometimes you will get a site telling you that you need to install Java when actually all you need to do is enable the site through the no script icon down on the right hand side of your computer.
  • Watch out for new threat named CryptoLocker
    CryptoLocker is a new type ransomware family malware that encrypts your important files and asks for a ransom to decrypt them. At the moment of posting this reply there are no tools that can undo the havoc this malware causes. We can help you to remove the malware from your system but the files that was encrypted cannot be recovered without the decryption key. So, I ask for your forbearance and practice constant vigilance. Please read the following article to acknowledge yourself about the safety measures.
    How to prevent your computer from becoming infected by CryptoLocker.
  • And last of all, surf smart.
    It doesn't matter how well the autopilot system works if the pilot keeps flying the plane into mountain ranges. Don't forget that no matter how much you have protecting yourself, your security ultimately begins and ends with you. Don't visit dangerous or questionable web sites, avoid suspicious links on Facebook and emails/email attachments you're unsure about, and just generally keep your wits about you, and you'll be much safer. Also, avoid illegal downloads, cracks, "warez", and all other too-good-to-be-true internet offerings: they're typically laden with malware. Be smart and you can avoid most threats lurking about the darker corners of the internet! And for even more tips, see our article How Did I Get Infected in the First Place? and Keep Your Computer Safe Online.

Regards,
Valinorum
  • 0

#11
welcome123

welcome123

    Member

  • Topic Starter
  • Member
  • PipPip
  • 49 posts
# DelFix v10.9 - Logfile created 19/04/2015 at 18:41:58
# Updated 27/02/2015 by Xplode
# Username : debbie - JOHNNYS
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTM
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\debbie\Desktop\GooredFix Backups
Deleted : C:\Program Files\Trend Micro\Hijackthis
Deleted : C:\Program Files\Hijackthis
Deleted : C:\rkill.log
Deleted : C:\TDSSKiller.2.8.16.0_06.12.2013_21.52.42_log.txt
Deleted : C:\TDSSKiller.3.0.0.19_06.12.2013_21.52.56_log.txt
Deleted : C:\TDSSKiller.3.0.0.44_18.04.2015_18.26.04_log.txt
Deleted : C:\TDSSKiller.3.0.0.44_18.04.2015_18.28.35_log.txt
Deleted : C:\Users\debbie\Desktop\Addition.txt
Deleted : C:\Users\debbie\Desktop\adwcleaner_4.201.exe
Deleted : C:\Users\debbie\Desktop\Fixlog.txt
Deleted : C:\Users\debbie\Desktop\FRST.exe
Deleted : C:\Users\debbie\Desktop\FRST.txt
Deleted : C:\Users\debbie\Desktop\GooredFix.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #566 [Removed SpyHunter | 04/15/2015 11:36:35]
Deleted : RP #567 [Installed SpyHunter | 04/15/2015 11:42:57]
Deleted : RP #568 [Removed SpyHunter | 04/15/2015 11:48:26]
Deleted : RP #569 [Installed SpyHunter | 04/15/2015 13:08:30]
Deleted : RP #570 [OTM Restore Point | 04/18/2015 14:20:45]
Deleted : RP #571 [Removed GLUCOFACTS™ Deluxe Smart Launch. | 04/18/2015 17:13:48]
Deleted : RP #573 [Restore Point Created by FRST | 04/19/2015 12:20:31]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

  • 0

#12
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Surf safely. I shall close this as solved.
  • 0

#13
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,911 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP