Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

PC Running Sluggishly, Consistently Freezing

Started by crybaby , May 24 2015 11:48 AM

Vista 32bit; FRST scan logs

This topic is locked

#1
crybaby

Posted 24 May 2015 - 11:48 AM

Member

Member
175 posts

Hi,

I'm unsure if this is a malware issue, but I suspect that it is. PC running on Vista 32bit, secured with Webroot; constantly freezing, running extremely slow both on and off-line. Major stuttering while playing video or mp3 files; lagging while trying to open windows, tabs, or programs; and occasionally upon startup, desktop is nothing more than a blue screen, resulting in rebooting several times before desktop is restored. Any help or direction to the proper forum would be greatly appreciated. Thank you for your time regarding this matter.

FRST Logs:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-05-2015 01

Ran by Shayla Potter (administrator) on BNSS-LEASED on 24-05-2015 12:30:15

Running from C:\Users\Shayla Potter\Desktop

Loaded Profiles: Shayla Potter (Available Profiles: Mason & Shayla Potter & Kieran & Administrator & Guest)

Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) OS Language: English (United States)

Internet Explorer Version 9 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

( ) C:\Windows\System32\dlcxcoms.exe

(NETGEAR) C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe

() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Microsoft Corporation) C:\Windows\System32\iashost.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

() C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe

() C:\Program Files\Dell Photo AIO Printer 926\memcard.exe

(Microsoft Corporation) C:\Windows\System32\wpcumi.exe

(Primax Electronics Ltd.) C:\Windows\System32\ico.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

() C:\Program Files\DivX\DivX Update\DivXUpdate.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Nokia) C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\PCSuite.exe

(NETGEAR Inc.) C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe

(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

(Dropbox, Inc.) C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft® Corporation) C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe

() C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe

() C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe

(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.exe

(Apache Software Foundation) C:\Program Files\OpenOffice 4\program\soffice.bin

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\Windows\System32\wuauclt.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Webroot) C:\Program Files\Webroot\WRSA.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11930696 2013-03-29] (Realtek Semiconductor)

HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation)

HKLM\...\Run: [dscactivate] => c:\dell\dsca.exe [16384 2007-07-30] ( )

HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-22] (Google)

HKLM\...\Run: [FaxCenterServer] => C:\Program Files\Dell PC Fax\fm3032.exe [312200 2006-11-03] ()

HKLM\...\Run: [dlcxmon.exe] => C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe [292336 2007-01-12] ()

HKLM\...\Run: [MemoryCardManager] => C:\Program Files\Dell Photo AIO Printer 926\memcard.exe [304008 2006-11-03] ()

HKLM\...\Run: [DLCXCATS] => rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16

HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)

HKLM\...\Run: [Mouse Suite 98 Daemon] => C:\Windows\system32\ICO.EXE [56128 2007-02-15] (Primax Electronics Ltd.)

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-03-29] (Adobe Systems Incorporated)

HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)

HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2006-12-10] (Hewlett-Packard Co.)

HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-22] (DivX, LLC)

HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-14] ()

HKLM\...\Run: [TomcatStartup 2.5] => C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe [741376 2007-05-19] (Hewlett-Packard)

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)

HKLM\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [817072 2015-05-16] (Webroot)

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [iLivid] => "C:\Users\Shayla Potter\AppData\Local\iLivid\iLivid.exe" -autorun

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [Itibiti.exe] => C:\Program Files\Itibiti Soft Phone\Itibiti.exe

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [PC Suite Tray] => C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [NETGEARGenie] => C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe [602880 2014-12-14] (NETGEAR Inc.)

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\MountPoints2: E - E:\WRSetupCD.exe

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\MountPoints2: {f46aefae-e281-11e3-82dc-001aa06945f1} - G:\LGAutoRun.exe

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\MountPoints2: {f46af174-e281-11e3-82dc-001aa06945f1} - G:\LaunchU3.exe -a

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [294912 2008-01-19] (Microsoft Corporation)

IFEO\bitguard.exe: [Debugger] tasklist.exe

IFEO\bprotect.exe: [Debugger] tasklist.exe

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\browserdefender.exe: [Debugger] tasklist.exe

IFEO\browserprotect.exe: [Debugger] tasklist.exe

IFEO\browsersafeguard.exe: [Debugger] tasklist.exe

IFEO\dprotectsvc.exe: [Debugger] tasklist.exe

IFEO\jumpflip: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\searchinstaller.exe: [Debugger] tasklist.exe

IFEO\searchprotection.exe: [Debugger] tasklist.exe

IFEO\searchprotector.exe: [Debugger] tasklist.exe

IFEO\searchsettings.exe: [Debugger] tasklist.exe

IFEO\searchsettings64.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

IFEO\umbrella.exe: [Debugger] tasklist.exe

IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

IFEO\volaro: [Debugger] tasklist.exe

IFEO\vonteera: [Debugger] tasklist.exe

IFEO\websteroids.exe: [Debugger] tasklist.exe

IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2007-11-21]

ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-12]

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\Users\Kids\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk [2011-05-18]

ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\iWin Desktop Alerts.lnk [2008-08-01]

ShortcutTarget: iWin Desktop Alerts.lnk -> C:\ProgramData\iWin Games\DesktopAlerts\DesktopAlerts.exe (No File)

Startup: C:\Users\Mason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk [2009-06-16]

ShortcutTarget: OpenOffice.org 3.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe (No File)

Startup: C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-10]

ShortcutTarget: Dropbox.lnk -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WKCALREM.LNK [2010-02-19]

ShortcutTarget: WKCALREM.LNK -> C:\Program Files\Common Files\microsoft shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)

GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1010\User: Group Policy Restriction detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1005\User: Group Policy Restriction detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1000\User: Group Policy Restriction detected <======= ATTENTION

CHR HKU\S-1-5-21-1260561122-373576474-2963483527-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....?trackid=sp-006

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....?trackid=sp-006

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.co...=us&ibd=1071121

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006

URLSearchHook: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - No File

SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKLM -> bProtectorDefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

SearchScopes: HKLM -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.goonsearc...q={searchTerms}

SearchScopes: HKLM -> {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}

SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =

SearchScopes: HKLM -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}

SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKLM -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKU\.DEFAULT -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-se...13_246&tsp=4981

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.goonsearc...q={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {54ACE04D-52D8-4E32-97D3-0E379B1128F0} URL = http://groovorio.com...r=885083894&ir=

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {9001ECE5-27F9-7260-292B-CF945347FC97} URL = http://www.bing.com/...eferrer:source}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80051&lng=en

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = http://search.yahoo....p={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search...p={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}

SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {EFE522B3-7ABD-49CB-A5C3-A2AFBBA83B9D} URL = https://www.google.c...q={searchTerms}

BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File

BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30] (Adobe Systems Incorporated)

BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File

BHO: AccelerateTab -> {48A789BF-F6D6-4930-9C8B-77855A63EDE1} -> C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll [2014-05-26] (Secure Speed Dial)

BHO: Yahoo! IE Services Button -> {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} -> C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31] (Yahoo! Inc.)

BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} -> No File

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)

BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-05-16] (Webroot)

BHO: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} -> No File

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)

BHO: Adblock -> {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} -> C:\Program Files\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll [2014-06-17] (Adblock)

Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

Toolbar: HKLM - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - No File

Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File

DPF: {5E92F538-B50B-46C5-9C5F-C6EECED3F6C6} http://www.infospace...pointsSetup.exe

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2006-06-05] (Microsoft Corporation)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)

Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192 2008-06-12] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF ProfilePath: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default

FF DefaultSearchEngine: Google (avast)

FF DefaultSearchUrl: https://www.google.c...?trackid=sp-006

FF SearchEngineOrder.1: Google (avast)

FF SelectedSearchEngine: Google (avast)

FF Homepage: https://www.google.com/?trackid=sp-006

FF Keyword.URL: https://www.google.c...?trackid=sp-006

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()

FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll [2014-12-10] (Adobe Systems, Inc.)

FF Plugin: @alternatiff.com/AlternaTIFF -> C:\Program Files\MIE\AlternaTIFF\npzzatif.dll [2013-02-05] (Medical Informatics Engineering, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-16] (DivX, LLC.)

FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2013-12-27] (DivX, LLC)

FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)

FF Plugin: @meadco.com/neptune plugin,version=2.0.0.29 -> C:\Program Files\OSA Kit Pro Player v4.0\npmeadax.dll [2008-10-09] (MeadCo Corp.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)

FF Plugin: @movenetworks.com/Quantum Media Player -> C:\Users\Shayla Potter\AppData\Roaming\Move Networks\plugins\npqmp071504000001.dll No File

FF Plugin: @pack.google.com/Google Updater;version=14 -> C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll [2011-09-06] (Google)

FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)

FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)

FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File

FF Plugin HKU\S-1-5-21-1260561122-373576474-2963483527-1005: @nsroblox.roblox.com/launcher -> C:\Users\Shayla Potter\AppData\Local\Roblox\Versions\version-c04585a2d58a4f29\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)

FF Plugin HKU\S-1-5-21-1260561122-373576474-2963483527-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Shayla Potter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-05] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-1260561122-373576474-2963483527-1005: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Users\Shayla Potter\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll [2010-08-04] (Yahoo! Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nphssb.dll [2009-07-09] (Homestead Technologies, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npmeadax.dll [2008-10-09] (MeadCo Corp.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2011-08-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-08-08] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-08-08] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-08-08] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-08-08] (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-08-08] (Apple Inc.)

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\bing-zugo.xml [2011-11-07]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\google-avast.xml [2014-12-22]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\Groovorio.xml [2015-04-25]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\SearchTheWeb.xml [2012-01-08]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\trovi-search.xml [2014-12-08]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\web-search.xml [2012-03-20]

FF SearchPlugin: C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\searchplugins\yahoo_ff.xml [2013-10-30]

FF Extension: AppGraffiti - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\AppGraffiti@AppGraffiti(93).com [2012-03-18]

FF Extension: AD Block - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\[email protected] [2014-06-27]

FF Extension: AccelerateTab - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\[email protected] [2014-10-08]

FF Extension: Ancestry.com Advanced Image Viewer - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\[email protected] [2010-05-16]

FF Extension: BitTorrentBar Community Toolbar - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}(38) [2011-08-19]

FF Extension: Old Default Image Style - C:\Users\Shayla Potter\AppData\Roaming\Mozilla\Firefox\Profiles\oyn0fdki.default\Extensions\[email protected] [2012-03-23]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-29]

FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi

FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-11-23]

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer

FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2015-05-16]

FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-07-02]

Chrome:

=======

CHR Profile: C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Zwinky) - C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehjkfdmkpocpileolmldepapdjbfegei [2014-08-08]

CHR Extension: (Bookmark Manager) - C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]

CHR Extension: (RealDownloader) - C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-11-23]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]

CHR Extension: (Google Wallet) - C:\Users\Shayla Potter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - https://clients2.goo...ice/update2/crx

CHR HKLM\...\Chrome\Extension: [aaaaaigjndjblmpeckabiffcpogflfgl] - C:\Users\Shayla Potter\AppData\Local\ilividbandoomoviestoolbar\GC\toolbar.crx [2014-07-03]

CHR HKLM\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.goo...ice/update2/crx

CHR HKLM\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files\Coupons.com CouponBar\chrome\Coupons.com.crx [Not Found]

CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Shayla Potter\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.1.0.57.crx [2015-05-16]

CHR HKU\S-1-5-21-1260561122-373576474-2963483527-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmchfpimpbbdmgpcieclabeafkljbhm] - https://clients2.goo...ice/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 dlcx_device; C:\Windows\system32\dlcxcoms.exe [532480 2006-10-11] ( )

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [70656 2007-03-19] () []

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-22] (Google)

R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-01-02] (Hewlett-Packard Co.) []

R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2006-12-10] (Hewlett-Packard Co.) []

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) []

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) []

R2 NETGEARGenieDaemon; C:\Program Files\NETGEAR Genie\bin\NETGEARGenieDaemon.exe [195840 2014-12-14] (NETGEAR)

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) []

R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) []

R2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) []

S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2580304 2014-05-28] () <==== ATTENTION

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)

R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [817072 2015-05-16] (Webroot)

S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2008-01-19] (Microsoft Corporation)

S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) []

S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [61704 2014-01-08] (FTDI Ltd.)

R3 HPPLSBULK; C:\Windows\System32\drivers\hpplsbulk.sys [9344 2005-02-02] (Hewlett Packard) []

R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) []

R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2015-05-13] (CACE Technologies, Inc.)

R1 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) []

S3 pelmouse; C:\Windows\System32\DRIVERS\pelmouse.sys [23360 2007-02-15] (Primax Electronics Ltd.)

S3 pelusblf; C:\Windows\System32\DRIVERS\pelusblf.sys [19264 2007-02-15] (Primax Electronics Ltd.)

R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [36624 2006-10-18] (Sonic Solutions) []

S3 usbanyka; C:\Windows\System32\DRIVERS\UsbAnyka.sys [17536 2007-10-22] (Anyka (Guangzhou) Software Technology Co., Ltd.) []

S3 vncmirror; C:\Windows\System32\DRIVERS\vncmirror.sys [3072 2007-10-17] (RealVNC Ltd.)

S2 W55U01; C:\Windows\System32\Drivers\W55U01.sys [15232 2005-08-12] (Windows ® 2000 DDK provider) []

R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117784 2015-05-16] (Webroot)

S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [37432 2015-05-16] (Webroot)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 easytether; system32\DRIVERS\easytthr.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S1 vieieerh; \??\C:\Windows\system32\drivers\vieieerh.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 12:30 - 2015-05-24 12:33 - 00036299 _____ () C:\Users\Shayla Potter\Desktop\FRST.txt

2015-05-24 12:28 - 2015-05-24 12:28 - 01146880 _____ (Farbar) C:\Users\Shayla Potter\Desktop\FRST.exe

2015-05-24 12:27 - 2015-05-24 12:30 - 00000000 ___DC () C:\FRST

2015-05-24 12:25 - 2015-05-24 12:27 - 01146880 _____ (Farbar) C:\Users\Shayla Potter\Downloads\FRST.exe

2015-05-23 12:17 - 2015-05-23 12:17 - 00002195 _____ () C:\Users\Shayla Potter\Desktop\T+C.txt

2015-05-18 16:17 - 2015-05-18 16:17 - 00018840 _____ () C:\Users\Shayla Potter\Desktop\KAEDYN ROCKS!.txt

2015-05-17 09:28 - 2015-05-17 09:28 - 00858768 _____ () C:\Users\Shayla Potter\Desktop\scanlog.log

2015-05-16 19:23 - 2015-05-16 19:23 - 00037432 ____T (Webroot) C:\Windows\system32\Drivers\wrUrlFlt.sys

2015-05-16 19:22 - 2015-05-20 13:32 - 00000657 _____ () C:\Users\Public\Desktop\Webroot SecureAnywhere.lnk

2015-05-16 19:22 - 2015-05-16 19:23 - 00000000 ____D () C:\Program Files\Webroot

2015-05-16 19:22 - 2015-05-16 19:22 - 00166128 _____ (Webroot) C:\Windows\system32\WRusr.dll

2015-05-16 19:22 - 2015-05-16 19:22 - 00117784 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys

2015-05-16 19:22 - 2015-05-16 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere

2015-05-16 19:01 - 2015-05-24 12:28 - 00000000 ____D () C:\ProgramData\WRData

2015-05-14 16:54 - 2015-05-14 16:54 - 00000000 ____D () C:\Users\Shayla Potter\Desktop\Make a word cloud - WordItOut_files

2015-05-13 09:04 - 2015-05-21 01:32 - 00000000 ____D () C:\Users\Shayla Potter\AppData\Local\NETGEARGenie

2015-05-13 09:04 - 2015-05-13 09:04 - 00001805 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR Genie.lnk

2015-05-13 09:04 - 2015-05-13 09:04 - 00001793 _____ () C:\Users\Public\Desktop\NETGEAR Genie.lnk

2015-05-13 09:01 - 2015-05-13 09:02 - 39316824 _____ (NETGEAR Inc.) C:\Users\Shayla Potter\Downloads\NETGEARGenie-install (1).exe

2015-05-13 03:57 - 2015-04-30 11:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-05-13 03:55 - 2015-04-19 16:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll

2015-05-13 03:55 - 2015-04-19 16:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll

2015-05-13 03:55 - 2015-04-19 16:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll

2015-05-13 03:55 - 2015-04-19 16:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll

2015-05-13 03:55 - 2015-04-19 15:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2015-05-13 03:55 - 2015-04-19 15:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll

2015-05-13 03:55 - 2015-04-19 15:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll

2015-05-13 03:55 - 2015-04-19 15:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-05-13 03:55 - 2015-04-19 15:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-05-13 03:55 - 2015-04-18 23:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-05-13 03:52 - 2015-04-30 08:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-13 03:10 - 2015-04-10 18:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe

2015-05-12 17:38 - 2015-04-10 10:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-05-12 17:38 - 2015-04-10 10:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2015-05-12 17:38 - 2015-04-10 10:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2015-05-12 17:37 - 2015-04-10 10:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-05-12 17:37 - 2015-04-10 10:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-05-12 17:37 - 2015-04-10 10:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-05-12 17:37 - 2015-04-10 10:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-05-12 17:37 - 2015-04-10 10:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-05-12 17:37 - 2015-04-10 10:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-05-12 17:37 - 2015-04-10 10:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2015-05-12 17:37 - 2015-04-10 10:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-05-12 17:37 - 2015-04-10 10:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-05-12 17:37 - 2015-04-10 10:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-05-12 17:37 - 2015-04-10 10:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-05-12 17:37 - 2015-04-10 10:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-05-12 17:37 - 2015-04-10 10:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-05-12 17:37 - 2015-04-10 10:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2015-05-02 22:25 - 2015-05-02 22:25 - 00153448 _____ () C:\Windows\Minidump\Mini050215-01.dmp

2015-05-02 22:20 - 2014-01-09 19:59 - 526695157 _____ () C:\Users\Shayla Potter\Desktop\YUNC0001.mp4

2015-04-28 08:41 - 2015-04-28 08:43 - 00000000 ____D () C:\Users\Shayla Potter\Desktop\Jeremy

2015-04-24 19:16 - 2015-04-24 18:58 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2015-04-24 19:00 - 2015-04-24 19:00 - 00000000 ____D () C:\Program Files\Common Files\Java

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-24 12:31 - 2009-08-27 22:17 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-05-24 12:06 - 2012-03-31 06:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-05-24 11:35 - 2006-11-02 07:45 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2015-05-24 11:35 - 2006-11-02 07:45 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2015-05-24 11:24 - 2010-04-25 15:13 - 00000868 _____ () C:\Windows\Tasks\Google Software Updater.job

2015-05-24 07:13 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\tracing

2015-05-24 06:55 - 2007-11-21 10:54 - 01652633 _____ () C:\Windows\WindowsUpdate.log

2015-05-24 00:31 - 2009-08-27 22:17 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-05-20 14:10 - 2014-05-02 21:05 - 00000000 ___RD () C:\Users\Shayla Potter\Dropbox

2015-05-20 14:10 - 2014-05-02 21:02 - 00000000 ____D () C:\Users\Shayla Potter\AppData\Roaming\Dropbox

2015-05-20 14:06 - 2009-07-13 21:43 - 00000000 ____D () C:\Users\Shayla Potter

2015-05-20 13:32 - 2013-11-23 15:30 - 01069156 _____ () C:\Windows\PFRO.log

2015-05-20 13:32 - 2008-08-28 11:35 - 00065536 _____ () C:\Windows\system32\Ikeext.etl

2015-05-20 13:32 - 2006-11-02 07:58 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-05-20 13:28 - 2006-11-02 07:58 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2015-05-16 21:55 - 2014-04-02 19:10 - 00000000 ____D () C:\Users\Shayla Potter\AppData\Local\Softonic

2015-05-16 15:34 - 2009-07-13 21:44 - 00001356 _____ () C:\Users\Shayla Potter\AppData\Local\d3d9caps.dat

2015-05-15 08:32 - 2011-01-22 10:13 - 00120216 _____ () C:\Users\Shayla Potter\Desktop\Budget year look.ods

2015-05-13 09:03 - 2012-07-31 19:26 - 00281104 _____ (CACE Technologies, Inc.) C:\Windows\system32\wpcap.dll

2015-05-13 09:03 - 2012-07-31 19:26 - 00096784 _____ (CACE Technologies, Inc.) C:\Windows\system32\packet.dll

2015-05-13 09:03 - 2012-07-31 19:26 - 00035088 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys

2015-05-13 04:33 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2015-05-13 04:20 - 2006-11-02 07:44 - 00540864 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-05-13 04:17 - 2008-07-12 19:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-05-13 04:15 - 2006-11-02 07:35 - 00000000 ____D () C:\Windows\system32\XPSViewer

2015-05-13 03:50 - 2013-08-01 03:02 - 00000000 ____D () C:\Windows\system32\MRT

2015-05-13 03:14 - 2006-11-02 05:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2015-05-13 03:07 - 2010-06-03 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-12 18:12 - 2014-05-02 21:03 - 00000000 ____D () C:\Users\Shayla Potter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-05-11 03:13 - 2006-11-02 05:33 - 00784272 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-05-10 11:14 - 2014-06-12 19:56 - 00127388 _____ () C:\Windows\hppins01.dat

2015-05-10 11:14 - 2010-01-18 23:47 - 00042706 _____ () C:\ProgramData\hpzinstall.log

2015-05-10 07:42 - 2006-11-02 05:23 - 00000179 _____ () C:\Windows\win.ini

2015-05-10 07:38 - 2007-12-07 14:08 - 00000000 ____D () C:\Program Files\Dl_cats

2015-05-09 08:19 - 2013-11-23 14:40 - 00063057 _____ () C:\Windows\setupact.log

2015-05-02 22:25 - 2013-11-23 15:24 - 233041665 _____ () C:\Windows\MEMORY.DMP

2015-05-02 22:25 - 2008-01-04 16:11 - 00000000 ____D () C:\Windows\Minidump

2015-05-02 22:17 - 2010-03-31 07:49 - 00000000 ____C () C:\DebugTraceNormal.log

2015-05-02 22:17 - 2010-03-31 07:42 - 00000000 ____D () C:\ProgramData\VideoViewer

2015-05-02 22:16 - 2008-07-22 16:00 - 00000000 ____D () C:\MDT

2015-05-01 23:36 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\LogFiles

2015-04-28 08:45 - 2015-03-22 11:47 - 00000000 ____D () C:\Users\Shayla Potter\Desktop\Eagle Aspen SSM-22 Single Signal Meter (SSM-22) from Solid Signal_files

2015-04-28 08:44 - 2014-03-06 17:58 - 00000000 ____D () C:\Users\Shayla Potter\Desktop\Shayla's Phone

2015-04-28 08:44 - 2013-06-18 07:56 - 00000000 ____D () C:\Users\Shayla Potter\Desktop\KAEDYN'S Stuff

2015-04-25 06:25 - 2014-01-13 22:34 - 00000000 ____D () C:\ProgramData\Oracle

2015-04-24 19:17 - 2007-11-21 11:02 - 00000000 ____D () C:\Program Files\Java

==================== Files in the root of some directories =======

2011-11-07 20:54 - 2011-09-16 15:50 - 0161712 _____ () C:\Program Files\u4res.dll

2014-08-24 19:49 - 2014-08-24 19:49 - 0000046 _____ () C:\Users\Shayla Potter\AppData\Roaming\Camdata.ini

2014-08-24 19:49 - 2014-08-24 19:49 - 0000408 _____ () C:\Users\Shayla Potter\AppData\Roaming\CamLayout.ini

2014-08-24 19:49 - 2014-08-24 19:49 - 0000408 _____ () C:\Users\Shayla Potter\AppData\Roaming\CamShapes.ini

2014-08-24 19:49 - 2014-08-24 19:49 - 0004535 _____ () C:\Users\Shayla Potter\AppData\Roaming\CamStudio.cfg

2014-10-22 21:17 - 2014-10-24 07:17 - 0000098 _____ () C:\Users\Shayla Potter\AppData\Roaming\WB.CFG

2009-08-18 12:53 - 2015-02-20 07:23 - 0003088 _____ () C:\Users\Shayla Potter\AppData\Roaming\wklnhst.dat

2009-07-13 21:44 - 2015-05-16 15:34 - 0001356 _____ () C:\Users\Shayla Potter\AppData\Local\d3d9caps.dat

2009-09-22 16:49 - 2015-03-12 10:25 - 0073216 _____ () C:\Users\Shayla Potter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2012-01-08 15:27 - 2012-01-08 15:27 - 0000101 _____ () C:\Users\Shayla Potter\AppData\Local\fusioncache.dat

2010-01-18 23:47 - 2015-05-10 11:14 - 0042706 _____ () C:\ProgramData\hpzinstall.log

2008-01-26 18:43 - 2008-01-26 18:43 - 0164144 _____ () C:\ProgramData\SPL7338.tmp

Files to move or delete:

====================

C:\Users\Kids\jagex_runescape_preferences.dat

C:\Users\Kids\jagex_runescape_preferences2.dat

C:\Users\Kieran\jagex_runescape_preferences.dat

C:\Users\Kieran\jagex_runescape_preferences2.dat

C:\Users\Shayla Potter\jagex_runescape_preferences.dat

C:\Users\Shayla Potter\jagex_runescape_preferences2.dat

Some files in TEMP:

====================

C:\Users\Mason\AppData\Local\Temp\uninstall.exe

C:\Users\Shayla Potter\AppData\Local\Temp\APNSetup.exe

C:\Users\Shayla Potter\AppData\Local\Temp\banner.exe

C:\Users\Shayla Potter\AppData\Local\Temp\CloudBackup3926.exe

C:\Users\Shayla Potter\AppData\Local\Temp\dlLogic.exe

C:\Users\Shayla Potter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptpwcn5.dll

C:\Users\Shayla Potter\AppData\Local\Temp\exthelper.exe

C:\Users\Shayla Potter\AppData\Local\Temp\GCVerifier.dll

C:\Users\Shayla Potter\AppData\Local\Temp\InstallIMVU_507.0.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-8u40-windows-au.exe

C:\Users\Shayla Potter\AppData\Local\Temp\jre-8u45-windows-au.exe

C:\Users\Shayla Potter\AppData\Local\Temp\lowproc.exe

C:\Users\Shayla Potter\AppData\Local\Temp\nsfD008.exe

C:\Users\Shayla Potter\AppData\Local\Temp\Softonic_EN_1-5-9_EN-Production_10_CleanRelease.exe

C:\Users\Shayla Potter\AppData\Local\Temp\spstub.exe

C:\Users\Shayla Potter\AppData\Local\Temp\stubhelper.dll

C:\Users\Shayla Potter\AppData\Local\Temp\vcredist_x86.exe

C:\Users\Shayla Potter\AppData\Local\Temp\verifier.exe

C:\Users\Shayla Potter\AppData\Local\Temp\_Installation Guide.exe

Some zero byte size files/folders:

==========================

C:\Windows\System32\DIFxAPI.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-05-2015 01

Ran by Shayla Potter at 2015-05-24 12:36:38

Running from C:\Users\Shayla Potter\Desktop

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1260561122-373576474-2963483527-500 - Administrator - Disabled) => C:\Users\Administrator

Guest (S-1-5-21-1260561122-373576474-2963483527-501 - Limited - Disabled) => C:\Users\Guest

Kieran (S-1-5-21-1260561122-373576474-2963483527-1010 - Limited - Enabled) => C:\Users\Kieran

Mason (S-1-5-21-1260561122-373576474-2963483527-1000 - Administrator - Enabled) => C:\Users\Mason

Shayla Potter (S-1-5-21-1260561122-373576474-2963483527-1005 - Administrator - Enabled) => C:\Users\Shayla Potter

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}

AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1784.41616 - ABBYY Software House)

AccelerateTab (HKLM\...\AccelerateTab_is1) (Version: 2.6 - AccelerateTab)

Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader 8.3.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A83000000003}) (Version: 8.3.1 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)

Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Architectural Library for progeCAD SMART! ENG (HKLM\...\Architectural Library for progeCAD SMART! ENG) (Version: - )

Arduino (HKLM\...\Arduino) (Version: 1.0.5-r2 - Arduino LLC)

AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )

Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

BufferChm (Version: 82.0.173.000 - Hewlett-Packard) Hidden

CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)

Celtx (2.9.1) (HKLM\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)

Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1) (Version: - )

CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Dell DataSafe Online (HKLM\...\{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}) (Version: 1.0.15 - Dell, Inc.)

Dell Driver Download Manager (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell PC Fax (HKLM\...\Dell PC Fax) (Version: - )

Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version: - Dell, Inc.)

Dell Support Center (HKLM\...\{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}) (Version: 1.0.07192 - Dell)

DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3075 - Dell)

DesignPro 5.4 Limited Edition (HKLM\...\InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}) (Version: 5.2.1201 - Avery Dennison)

DesignPro 5.4 Limited Edition (Version: 5.2.1201 - Avery Dennison) Hidden

Destinations (Version: 82.0.173.000 - Hewlett-Packard) Hidden

DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)

DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)

DocProc (Version: 8.1.0.0 - Hewlett-Packard) Hidden

DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)

DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - )

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )

eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

FaxTools (HKLM\...\{F45298E5-0083-426F-A668-1A2C5F04B8A0}) (Version: 5.10 - BVRP Software)

File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version: - Pow Tools)

Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google SketchUp 8 (HKLM\...\{B700113B-24A8-4D4C-8484-0CC944F764C8}) (Version: 3.0.3117 - Google, Inc.)

Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden

Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)

HP Color LaserJet 2820/2830/2840 3.1 (HKLM\...\HP Color LaserJet 2820/2830/2840) (Version: 3.1 - HP)

HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)

HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)

HP Managed Printing Admin (HKLM\...\{7CA4F780-7AD0-417A-82A1-46EB825CFD53}) (Version: 2.5.8 - Hewlett-Packard)

HP OCR Software 8.0 (HKLM\...\HPOCR) (Version: 8.0 - HP)

HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)

HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HP Wireless Rechargeable Optical Mouse (HKLM\...\MouseSuite98) (Version: - )

hppCLJ2800 (Version: 003.000.00273 - Hewlett-Packard) Hidden

hppDustDevil (Version: 003.000.00106 - Hewlett-Packard) Hidden

hppFaxDrv (Version: 003.000.00136 - Hewlett-Packard) Hidden

hppFonts (Version: 001.001.00056 - Hewlett-Packard) Hidden

hppIOFiles (Version: 002.000.00030 - Hewlett-Packard) Hidden

hppManuals2800 (Version: 003.000.00284 - Hewlett-Packard) Hidden

HPProductAssistant (Version: 82.0.173.000 - Hewlett-Packard) Hidden

hppscan2800 (Version: 003.000.00274 - Hewlett-Packard) Hidden

hppScanTo (Version: 003.000.00261 - Hewlett-Packard) Hidden

hppSendFax (Version: 003.000.00136 - Hewlett-Packard) Hidden

hppTLBX2840 (Version: 001.000.00002 - Hewlett-Packard) Hidden

hppTLBX2840Help (Version: 001.000.00001 - Hewlett-Packard) Hidden

hppTooCool (Version: 1.00.0000 - Hewlett-Packard) Hidden

Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden

iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)

Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)

Juniper Networks Cache Cleaner 6.1.0 (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Juniper_Networks_Cache_Cleaner 6.1.0) (Version: 6.1.0.13281 - Juniper Networks)

Juniper Networks Host Checker (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Neoteris_Host_Checker) (Version: 7.1.0.18193 - Juniper Networks)

Juniper Networks Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)

Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Juniper_Setup_Client) (Version: 7.1.2.10059 - Juniper Networks, Inc.)

Logicator for PIC micros (HKLM\...\{273DE5D6-81A6-4EF5-B21C-E4095E21F174}) (Version: 3.06.05 - Revolution Education Limited)

MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden

Mechanics Library for progeCAD SMART! ENG (HKLM\...\Mechanics Library for progeCAD SMART! ENG) (Version: - )

Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )

Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )

Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )

Microsoft Fix it Center (HKLM\...\{B7588D45-AFDC-4C93-9E2E-A100F3554B64}) (Version: 1.0.0100 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)

MiShell*Budget (remove only) (HKLM\...\MiShell_Budget) (Version: - )

Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.17.8 - Dell)

Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

msxml4 (HKLM\...\{5AE3D9F1-9E9E-4015-8787-E22705AA32C5}) (Version: 1.0.0 - Default Company Name)

Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)

NaturalReaderFree (HKLM\...\{C5E7BF75-007E-44AD-8962-627ED44CB63B}) (Version: 11.8 - NaturalSoft)

NCH Toolbox (HKLM\...\ToolBox) (Version: - NCH Software)

Netflix Movie Viewer (HKLM\...\{BCE72AED-3332-4863-9567-C5DCB9052CA2}) (Version: 1.2.211 - Netflix)

NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.3.1.57 - NETGEAR Inc.)

NETGEAR Live Parental Controls Management Utility 2.1.5 (HKLM\...\NETGEAR Live Parental Controls Management Utility) (Version: 2.1.5 - )

NETGEAR Live Parental Controls User Utility 1.0b40 (HKLM\...\NETGEAR Live Parental Controls User Utility) (Version: 1.0b40 - )

Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)

Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)

Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden

NVIDIA Graphics Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 285.62 - NVIDIA Corporation)

NVIDIANetworkDiagnostic (HKLM\...\InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}) (Version: 1.00.0000 - NVIDIA Corporation)

Onverse (HKLM\...\{B3B30A68-B9A5-4d42-86E6-2BD1AFCE9DD4}) (Version: - )

Onverse (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\{B3B30A68-B9A5-4d42-86E6-2BD1AFCE9DD4}) (Version: - )

OpenAL (HKLM\...\OpenAL) (Version: - )

OpenOffice 4.0.0 (HKLM\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)

OSA Kit Pro Player v4.0 1.0 (HKLM\...\OSA Kit Pro Player) (Version: 1.0 - Maher F. Farag)

PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)

Pdf995 (HKLM\...\Pdf995) (Version: - )

Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: - )

Pinnacle Studio MediaSuite (HKLM\...\{77B8ECB2-1ACF-4587-8FB1-FCF856DB8149}) (Version: - )

PowerDVD (HKLM\...\{281ECE39-F043-492B-8337-F2E546B5604A}) (Version: 7.0 - Dell)

Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)

QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

ROBLOX Player for Shayla Potter (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)

ROBLOX Studio 2013 for Shayla Potter (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)

Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)

Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)

Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)

Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)

Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)

Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)

Roxio MyDVD DE (HKLM\...\{D639085F-4B6E-4105-9F37-A0DBB023E2FB}) (Version: 9.0.116 - Roxio, Inc.)

Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)

Scan (Version: 8.1.0.0 - Hewlett-Packard) Hidden

Softonic for Windows (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Softonic for Windows) (Version: 1.5.11 - Softonic International S.L.) <==== ATTENTION

SolutionCenter (Version: 82.0.188.000 - Hewlett-Packard) Hidden

Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden

Stepvoice Recorder 1.8.0.206 (HKLM\...\Stepvoice Recorder_is1) (Version: - )

SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )

teenSMART UAC (HKLM\...\{443e579d-41ad-4f89-8680-2dd410815800}.sdb) (Version: - )

teenSMART v3 (HKLM\...\teenSMART v3 2012.03.06.i_v3) (Version: 2012.03.06.i_v3 - ADEPT)

TrayApp (Version: 82.0.188.000 - Hewlett-Packard) Hidden

Unity Web Player (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Updater Service (HKLM\...\Updater Service) (Version: 14,1,1,3 - ) <==== ATTENTION

User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

Video Viewer (HKLM\...\Video Viewer) (Version: 0.1.5.0 - )

VideoPad Video Editor (HKLM\...\VideoPad) (Version: 3.29 - NCH Software)

VoiceSupport 1.2.01 (HKLM\...\TC-Helicon VoiceSupport_is1) (Version: 1.2.01 build 38 - TC-Helicon Vocal Technologies Inc.)

WebReg (Version: 82.0.173.000 - Hewlett-Packard) Hidden

Webroot SecureAnywhere (HKLM\...\WRUNINST) (Version: 8.0.8.88 - Webroot)

Windows Driver Package - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)

Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)

Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)

Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinX DVD Ripper 5.5.12 (HKLM\...\WinX DVD Ripper_is1) (Version: - Digiarty Software, Inc.)

Yahoo! Browser Services (HKLM\...\Yahoo! Extras) (Version: - )

Yahoo! BrowserPlus 2.9.8 (HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Yahoo! BrowserPlus) (Version: - Yahoo! Inc.)

Yahoo! Internet Mail (HKLM\...\Yahoo! Mail) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Shayla Potter\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{738CD606-129D-45db-86D6-6C9739C750CA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Local\Roblox\Versions\version-c04585a2d58a4f29\RobloxProxy.dll (ROBLOX Corporation)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.exe (InstallShield Software Corporation)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\localserver32 -> C:\Windows\Downloaded Program Files\dwusplay.exe (InstallShield Software Corporation)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)

==================== Restore Points =========================

17-05-2015 03:00:15 Windows Update

18-05-2015 03:00:15 Windows Update

19-05-2015 03:00:15 Windows Update

20-05-2015 03:00:17 Windows Update

20-05-2015 08:24:55 avast! antivirus system restore point

21-05-2015 03:00:13 Windows Update

22-05-2015 03:00:14 Windows Update

23-05-2015 03:00:18 Windows Update

24-05-2015 03:00:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 05:23 - 2011-06-27 07:39 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

::1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03355EE0-16B5-4F55-83C0-8246D6182C05} - System32\Tasks\{21ABCF18-A105-4A65-AD41-D5AD2C4BD073} => pcalua.exe -a "C:\Users\Shayla Potter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RKG1HMTY\Oil-hydraulics and Pneumatics.exe" -d "C:\Users\Shayla Potter\Desktop"

Task: {062C4F4C-8FB5-425A-9408-296D3EBAA594} - System32\Tasks\avastBCLRestartS-1-5-21-1260561122-373576474-2963483527-1005 => Chrome.exe

Task: {0C6DF14F-9D21-4096-A449-D6E3964A0948} - System32\Tasks\{45671976-48C0-4B2E-BF6B-316085BF803E} => pcalua.exe -a E:\Setup.EXE -d E:\

Task: {165CB006-52E8-41D7-A24B-E9A308C76F61} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\MatSvc\DataUpload => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RetryDataUpload

Task: {3C817959-645A-44D8-AFBE-FCF3A93A0A53} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION

Task: {456EE45A-4B28-41D4-8D6C-AD888CDA4656} - System32\Tasks\{9034CA5D-3868-440B-86CC-25C69343364C} => pcalua.exe -a "C:\Users\Shayla Potter\Desktop\OOo_3.3.0_Win_x86_install-wJRE_en-US.exe" -d "C:\Program Files\OpenOffice.org 3\program"

Task: {46FFC801-6837-49F6-8C1D-B04A4BAD8186} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)

Task: {49375187-C007-489A-96FD-A4331B62CAA7} - System32\Tasks\{C8563973-8E65-4A6A-BD02-D5B9A3C53F34} => pcalua.exe -a "C:\Users\Shayla Potter\Downloads\DesignPro5_4_Limited.exe" -d "C:\Program Files\Mozilla Firefox"

Task: {51B45166-C42C-4D32-BEEE-57D03E6E90B2} - System32\Tasks\{A4F70E4C-DCD9-4BD1-9A74-05EC7CAE49FC} => pcalua.exe -a C:\Windows\UninstallWSST.exe -c C:\Windows\UninstallLog0.log

Task: {54C60829-63CA-4F9F-9EC5-6D8404816914} - System32\Tasks\{EAFD04C2-A123-4CFF-B1F3-9CB4BE8C264A} => pcalua.exe -a "C:\Users\Shayla Potter\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClientOCX.exe" -d "C:\Users\Shayla Potter\AppData\Roaming\Juniper Networks\Setup Client"

Task: {54CABFE2-787C-42EF-B335-0C6CDC2F147B} - System32\Tasks\{3C8083DF-4F53-4A31-A3EB-F969F7824170} => pcalua.exe -a "C:\Users\Shayla Potter\AppData\Local\Temp\Temp1_SolveigMM_AVI_Trimmer_1_6.zip\SolveigMM AVI Trimmer 1.6.1004.1.exe"

Task: {54F403D9-FC9A-4DAB-B396-3AD998C41E44} - System32\Tasks\{50958F2E-F646-4D8D-8E98-15E6B196B038} => pcalua.exe -a "E:\Setup\SmartSound\SmartSound Pinnacle Music.exe" -d E:\Setup\SmartSound

Task: {741DFBC8-7F9B-4971-9F65-67D1F1913E6B} - System32\Tasks\{FDA6F372-7FB8-441A-8819-BE9BD048413C} => pcalua.exe -a C:\Users\Mason\Downloads\tremulous-gpp1-installer.exe -d "C:\Program Files\Mozilla Firefox"

Task: {752E18DC-EE40-4A9E-8BF8-0D303F149432} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATTENTION

Task: {75BF9F2D-C582-441B-B90E-5C38A5A3A42A} - System32\Tasks\{ED4D5BE0-EA6C-4C9B-B997-5EC5FD4D0293} => pcalua.exe -a C:\Windows\system32\spool\drivers\w32x86\3\LXBKUN5C.EXE -c -dLexmark X1100 Series

Task: {7C0B4593-099D-4250-B068-34E23B7E8F2C} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - John => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)

Task: {7E4A1DF3-9143-466F-9E36-4CCCD05EA138} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1260561122-373576474-2963483527-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {8F1CAA9C-3433-4988-A755-A090D6A4A0CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)

Task: {9E2E6518-A90A-4A86-8EB9-A9102BEB6485} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1260561122-373576474-2963483527-1005 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {A2426F58-A4A4-4B9B-8C0F-4EDC3D08DD4A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {A48BE931-597A-4DAB-A4E1-09FA0A3E562C} - System32\Tasks\{C02B8D0C-1162-40AF-BE6C-63EC2AC5F650} => pcalua.exe -a "C:\Users\Shayla Potter\AppData\Local\Temp\Temp1_NokiaFREE_v310_Nokia_unlock_codes_calculator.zip\NokiaFREE_v310_Setup.exe"

Task: {A5FDC1D4-062A-4D85-9118-1BAA915FC980} - System32\Tasks\{41C22683-681B-47FF-9397-8FD2479D50AA} => pcalua.exe -a "C:\Remote Programs\Cradle of Rome\GPlrLanc.exe" -c -LOpCode 2 /RemoveContent cid=554750;name=Cradle of Rome;dir=C:\Remote Programs\Cradle of Rome\;prvid=143;cmdid=1;prvdir=Default

Task: {AA406F1B-464D-453A-92EA-EE7034CBE763} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\ConfigExec => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunCollectConfigurationInfo

Task: {B21A0D53-D398-4DC4-9FD5-9D4D3982566C} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe

Task: {B8FECB13-473F-421C-AB70-E4CA7AB02702} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-06] (Google)

Task: {C4D40DC6-1BE5-4C0F-93DF-D826422DBBE3} - System32\Tasks\ASC6_AutoClean => C:\Program Files\IObit\Advanced SystemCare 6\AutoSweep.exe

Task: {CED9A2C2-17F5-4000-9EC0-FE7C55E932A5} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Shayla Potter => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)

Task: {D15D7662-D7F0-4EC1-BAA9-43730788AB69} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)

Task: {D18E439B-CB86-4ABF-A540-D57FA4C67AE6} - System32\Tasks\Microsoft\Support\Microsoft Fix it Center\OSUpgrade => Rundll32.exe "C:\Program Files\Microsoft Fix it Center\MatsApi.dll",RunHandleOSUpgrade

Task: {DBA60EE5-FD45-4F8D-915B-63B7914576AB} - System32\Tasks\{D676CE09-B41A-4987-A399-30C5FD39FBD5} => pcalua.exe -a "E:\Setup\SmartSound\Quicktracks Installer.exe" -d E:\Setup\SmartSound

Task: {DC8A53C9-9AC3-4B83-9A73-2C60B51686DC} - System32\Tasks\{CC778C55-1B0F-45F6-8EDB-B61CF4D59627} => pcalua.exe -a C:\DELL\E-Center\UninstallTB.exe -d C:\Windows\system32

Task: {EDC61C3C-3C8E-43E5-98BF-E3D87E739FA4} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION

Task: {F3E8BD86-FB5F-48D0-97E0-3735989215EB} - System32\Tasks\{2204B856-631C-4373-A2EF-97C58CFBDAB7} => pcalua.exe -a "C:\Live! Cam\WCVista_1_11_01\VfwUpd.EXE" -d "C:\Live! Cam\WCVista_1_11_01"

Task: {FD573624-6E72-4FEF-9B56-71DF8A4F476F} - System32\Tasks\{77747B11-1225-42CF-B24A-54846703B0D7} => pcalua.exe -a C:\Windows\system32\javacpl.cpl -c Java

Task: {FE177C28-BD05-45B6-BA0D-BAF8FBDFCF07} - System32\Tasks\{086D66E6-23E3-4FA5-8CE0-046817135B3D} => pcalua.exe -a C:\Users\Mason\Desktop\dotnetfx3setup.exe -d C:\Users\Mason\Desktop

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2007-12-07 13:59 - 2006-10-06 07:06 - 00045056 _____ () C:\Windows\System32\DLPRMON.DLL

2007-12-07 13:59 - 2006-10-06 07:24 - 00016384 _____ () C:\Program Files\Dell PC Fax\DlCtrStr.dll

2007-12-07 13:59 - 2006-10-06 07:04 - 00032768 _____ () C:\Program Files\Dell PC Fax\ipcmt.dll

2009-06-29 10:22 - 2009-06-29 10:23 - 00051716 _____ () C:\Windows\System32\pdf995mon.dll

2007-12-07 14:04 - 2006-10-20 00:33 - 00117760 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dlcxdrpp.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

2006-11-05 10:28 - 2006-11-05 10:28 - 04587520 ____R () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll

2013-01-21 19:09 - 2012-11-09 06:02 - 01752576 _____ () C:\Program Files\File Shredder\fsshell.dll

2007-11-21 11:21 - 2010-06-22 16:47 - 00034816 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll

2007-12-07 14:00 - 2007-01-12 11:57 - 00292336 _____ () C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe

2007-12-07 14:00 - 2006-08-08 14:54 - 00278528 _____ () C:\Program Files\Dell Photo AIO Printer 926\dlcxscw.dll

2007-12-07 14:00 - 2006-09-06 05:13 - 00073728 _____ () C:\Program Files\Dell Photo AIO Printer 926\dlcxcfg.dll

2007-12-07 14:00 - 2006-11-03 17:04 - 00304008 _____ () C:\Program Files\Dell Photo AIO Printer 926\memcard.exe

2013-11-14 19:48 - 2013-11-14 19:48 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe

2013-11-14 19:49 - 2013-11-14 19:49 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll

2012-06-26 14:11 - 2012-06-26 14:11 - 02302040 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\QtCore4.dll

2012-06-26 14:11 - 2012-06-26 14:11 - 08197208 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\QtGui4.dll

2012-06-26 14:11 - 2012-06-26 14:11 - 00345688 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\QtXml4.dll

2013-07-10 18:57 - 2009-10-07 15:42 - 00061440 ____N () C:\Windows\system32\wintab32.dll

2012-06-26 14:10 - 2012-06-26 14:10 - 00202328 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\imageformats\qjpeg4.dll

2012-06-26 14:10 - 2012-06-26 14:10 - 00027736 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\imageformats\qsvg4.dll

2012-06-26 14:11 - 2012-06-26 14:11 - 00282200 _____ () C:\Users\Shayla Potter\Desktop\Kierans folder\Nokia PC Suite 7\QtSvg4.dll

2013-09-28 20:14 - 2013-09-28 20:14 - 03369922 _____ () C:\Program Files\NETGEAR Genie\bin\icuin51.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00544817 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00989805 _____ () C:\Program Files\NETGEAR Genie\bin\libstdc++-6.dll

2013-09-28 20:14 - 2013-09-28 20:14 - 01978690 _____ () C:\Program Files\NETGEAR Genie\bin\icuuc51.dll

2013-09-28 20:14 - 2013-09-28 20:14 - 22378434 _____ () C:\Program Files\NETGEAR Genie\bin\icudt51.dll

2013-09-28 20:14 - 2013-09-28 20:14 - 01233408 _____ () C:\Program Files\NETGEAR Genie\bin\platforms\qwindows.dll

2015-01-09 01:40 - 2015-01-09 01:40 - 00640000 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll

2014-12-19 01:03 - 2014-12-19 01:03 - 01686016 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll

2015-01-09 01:01 - 2015-01-09 01:01 - 00192512 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll

2014-11-05 02:37 - 2014-11-05 02:37 - 00632832 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll

2015-01-09 01:03 - 2015-01-09 01:03 - 06477824 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll

2014-06-29 20:55 - 2014-06-29 20:55 - 00068608 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll

2014-06-29 21:05 - 2014-06-29 21:05 - 01183232 _____ () C:\Program Files\NETGEAR Genie\bin\qwt.dll

2015-01-07 20:57 - 2015-01-07 20:57 - 02493952 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll

2012-10-15 15:27 - 2012-10-15 15:27 - 00111616 _____ () C:\Program Files\NETGEAR Genie\bin\libvlc.dll

2012-10-15 15:28 - 2012-10-15 15:28 - 02286592 _____ () C:\Program Files\NETGEAR Genie\bin\libvlccore.dll

2014-12-05 00:32 - 2014-12-05 00:32 - 01056768 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll

2014-09-11 03:39 - 2014-09-11 03:39 - 00144896 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll

2015-01-09 01:03 - 2015-01-09 01:03 - 01195008 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll

2015-01-14 00:45 - 2015-01-14 00:45 - 10388480 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll

2015-01-14 22:04 - 2015-01-14 22:04 - 02545664 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll

2014-12-18 02:49 - 2014-12-18 02:49 - 00177152 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll

2014-12-05 00:35 - 2014-12-05 00:35 - 00890368 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll

2014-11-05 03:00 - 2014-11-05 03:00 - 00435712 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00052224 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00261120 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qsvg.dll

2014-06-29 20:55 - 2014-06-29 20:55 - 00081408 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll

2014-11-03 03:23 - 2014-11-03 03:23 - 00143360 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll

2014-06-18 21:22 - 2014-06-18 21:22 - 02177405 _____ () C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll

2014-09-04 01:00 - 2014-09-04 01:00 - 00072192 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.dll

2014-09-04 01:00 - 2014-09-04 01:00 - 00074240 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll

2014-09-04 01:00 - 2014-09-04 01:00 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll

2012-10-15 15:28 - 2012-10-15 15:28 - 00219648 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll

2012-10-15 15:28 - 2012-10-15 15:28 - 00049664 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll

2012-10-15 15:28 - 2012-10-15 15:28 - 00051200 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll

2012-10-15 15:28 - 2012-10-15 15:28 - 00070144 _____ () C:\Program Files\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll

2013-09-28 20:13 - 2013-09-28 20:13 - 00040960 _____ () C:\Program Files\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll

2010-01-18 23:58 - 2007-01-25 13:25 - 00117248 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\hpzpi4wm.DLL

2014-11-05 02:59 - 2014-11-05 02:59 - 00642048 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll

2014-11-05 03:01 - 2014-11-05 03:01 - 00458752 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll

2014-06-29 21:33 - 2014-06-29 21:33 - 00046080 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll

2014-09-04 01:00 - 2014-09-04 01:00 - 00066560 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll

2015-05-20 14:08 - 2015-05-20 14:08 - 00043008 _____ () c:\Users\Shayla Potter\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptpwcn5.dll

2015-03-04 16:45 - 2015-03-04 16:45 - 00750080 _____ () C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 16:45 - 2015-03-04 16:45 - 00047616 _____ () C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 16:45 - 2015-03-04 16:45 - 00865280 _____ () C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 16:45 - 2015-03-04 16:45 - 00200704 _____ () C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00020572 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\javaw.exe

2007-04-03 16:58 - 2007-04-03 16:58 - 00802901 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hotspot\jvm.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00028776 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\hpi.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00053342 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\verify.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00094308 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\java.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00053349 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\zip.dll

2007-04-03 16:58 - 2007-04-03 16:58 - 00032864 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\net.dll

2004-08-20 07:02 - 2004-08-20 07:02 - 00102400 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\PMLJNI.dll

2005-02-03 11:31 - 2005-02-03 11:31 - 00032768 _____ () C:\Program Files\Hewlett-Packard\Toolbox\jre\bin\compJNI.dll

2014-12-14 21:27 - 2014-12-14 21:27 - 00105216 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe

2013-07-11 13:33 - 2013-07-11 13:33 - 00988160 _____ () C:\Program Files\OpenOffice 4\program\libxml2.dll

2013-07-10 22:08 - 2013-07-10 22:08 - 00170496 _____ () C:\Program Files\OpenOffice 4\program\libxslt.dll

2013-07-10 22:08 - 2013-07-10 22:08 - 00136192 _____ () C:\Program Files\OpenOffice 4\program\libxmlsec-mscrypto.dll

2013-07-10 22:08 - 2013-07-10 22:08 - 00303616 _____ () C:\Program Files\OpenOffice 4\program\libxmlsec.dll

2015-05-20 19:37 - 2015-05-13 11:48 - 14982472 _____ () C:\Program Files\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:08AC8A76

AlternateDataStreams: C:\ProgramData\TEMP:376AEA88

AlternateDataStreams: C:\ProgramData\TEMP:69F4A9BE

AlternateDataStreams: C:\ProgramData\TEMP:819BEFD3

AlternateDataStreams: C:\ProgramData\TEMP:81A5201B

AlternateDataStreams: C:\ProgramData\TEMP:8EC55520

AlternateDataStreams: C:\ProgramData\TEMP:A52C3C4A

AlternateDataStreams: C:\ProgramData\TEMP:AA3339BE

AlternateDataStreams: C:\ProgramData\TEMP:AD6273E0

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

AlternateDataStreams: C:\ProgramData\TEMP:E33EA293

AlternateDataStreams: C:\ProgramData\TEMP:EA031481

AlternateDataStreams: C:\ProgramData\TEMP:FE53E4F7

AlternateDataStreams: C:\Users\Shayla Potter\Downloads\Fireworks Soundtrack 2012(Final2).mp3:TOC.WMV

AlternateDataStreams: C:\Users\Shayla Potter\Downloads\The.Event.S01E09.HDTV.XviD-LOL.avi:TOC.WMV

AlternateDataStreams: C:\Users\Shayla Potter\Downloads\The.Event.S01E10.HDTV.XviD-LOL.avi:TOC.WMV

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTRSupport => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\1001movie.com -> 1001movie.com

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\1001night.biz -> 1001night.biz

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\100gal.net -> 100gal.net

IE restricted site: HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1260561122-373576474-2963483527-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Shayla Potter\Pictures\pics fpr screen saver\6toes.jpg

DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe

FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe

FirewallRules: [{3A9BE981-441E-4189-BACF-E5819B128C8A}] => (Allow) LPort=5500

FirewallRules: [{58B87AC9-0464-412B-9CCB-AC4BA07A473A}] => (Allow) LPort=5800

FirewallRules: [{320054C4-DEB8-4917-8C4B-A1733FCF603B}] => (Allow) LPort=5900

FirewallRules: [TCP Query User{24D4599C-C072-4D0B-9FBD-0E458620D486}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{3186032E-8748-4002-ACBF-8857533B79D8}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe

FirewallRules: [{5D127D00-8459-4860-B615-586AD6CA3746}] => (Allow) C:\Program Files\Dell Photo AIO Printer 926\dlcxaiox.exe

FirewallRules: [{77E7AB39-D552-40FC-9E32-A45840AB6CEA}] => (Allow) C:\Program Files\Dell Photo AIO Printer 926\dlcxaiox.exe

FirewallRules: [{A87FD550-32E3-4F0F-BC1C-47B55B3B3B4B}] => (Allow) LPort=135

FirewallRules: [{0AD58039-680E-490D-BF66-34028BF77850}] => (Allow) LPort=5000

FirewallRules: [{C1B08FC5-7838-49CE-BB00-D0C0AB9DF7AD}] => (Allow) LPort=5001

FirewallRules: [{29CE1D4B-0B59-4C54-9653-DDAFFB740CB2}] => (Allow) LPort=5002

FirewallRules: [{706662D2-F4C6-47AB-AEFC-9736034DFA6F}] => (Allow) LPort=5003

FirewallRules: [{13A4D1AF-FFDD-42BC-8AE4-60E8AE0CF8A8}] => (Allow) LPort=5004

FirewallRules: [{4E2B0263-67A2-4470-A3B2-67ED7D8BF6CB}] => (Allow) LPort=5005

FirewallRules: [{B4D621D2-7AFB-4E79-8A76-B36A2D02A61B}] => (Allow) LPort=5006

FirewallRules: [{5CE508DF-71C7-4616-8441-3FBFA3AD1313}] => (Allow) LPort=5007

FirewallRules: [{3E2F141C-71B3-4AF5-91BE-7F72E308ECB7}] => (Allow) LPort=5008

FirewallRules: [{0D3DEC16-FC11-4A90-AED0-20DE7D0C036D}] => (Allow) LPort=5009

FirewallRules: [{25DF0357-1CFA-4BBE-8AD2-918D5F501D35}] => (Allow) LPort=5010

FirewallRules: [{A99E3085-ACB1-4DDB-A2D9-2685FF10540A}] => (Allow) LPort=5011

FirewallRules: [{53DEC965-B95E-426C-A0DE-4BE9EC11BB7F}] => (Allow) LPort=5012

FirewallRules: [{68BC4BB3-EDAF-4989-80FF-F506E718F13E}] => (Allow) LPort=5013

FirewallRules: [{BEE7137B-19A3-4AD1-B974-4E131413DC63}] => (Allow) LPort=5014

FirewallRules: [{3E356141-4DC0-416B-9510-017A0D9FB53C}] => (Allow) LPort=5015

FirewallRules: [{FA2BD1D6-96C4-46DA-9931-A52F4F0852DC}] => (Allow) LPort=5016

FirewallRules: [{BCDC9A8B-9D78-47B7-A756-2F26593BF6C5}] => (Allow) LPort=5017

FirewallRules: [{001762D0-4C4E-4A25-A61C-9AAD6D7C0AB0}] => (Allow) LPort=5018

FirewallRules: [{C5FFE75E-3AD0-4B0B-9AB2-0146F4F6E223}] => (Allow) LPort=5019

FirewallRules: [{9ED89B40-CA25-4E41-AFDD-3B23D7598C5E}] => (Allow) LPort=5020

FirewallRules: [TCP Query User{03377708-7AA7-4AFB-93E0-884D368DA5D4}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{FCA6B8BB-D1B1-43BF-BA25-EC5E7F2FD8BF}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe

FirewallRules: [{CF3F1C2E-12B5-47B5-8614-EEA33474929F}] => (Allow) C:\Program Files\AVG\AVG8\avgemc.exe

FirewallRules: [{C27A2989-753C-4545-96EC-06E5B89D85B9}] => (Allow) C:\Program Files\AVG\AVG8\avgupd.exe

FirewallRules: [{CDE64441-851E-4950-9086-D36CED50AF12}] => (Allow) C:\Program Files\AVG\AVG8\avgnsx.exe

FirewallRules: [TCP Query User{8D7C38D2-21C3-46D9-9661-A82E89AFBE70}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe] => (Allow) C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe

FirewallRules: [UDP Query User{2A5BC021-2D22-4643-82FE-DCD281942E2F}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe] => (Allow) C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe

FirewallRules: [TCP Query User{BC94B49A-88ED-4BBA-9A50-62021F9065E7}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [UDP Query User{138757B8-CB9B-4030-8527-B3CD9959604F}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe

FirewallRules: [{B3126AE1-D2C2-4A1D-BE57-D46BB2E7AEE7}] => (Allow) C:\Program Files\RealVNC\VNC4\vncviewer.exe

FirewallRules: [{50B98344-50AC-4A0C-ADEE-1A4E26C88D3E}] => (Allow) C:\Program Files\RealVNC\VNC4\vncviewer.exe

FirewallRules: [TCP Query User{A367A5EE-4A01-431B-AD71-5E30E127811E}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files\yahoo!\messenger\yahoomessenger.exe

FirewallRules: [UDP Query User{2AA150C8-3FF6-41C0-8A4A-B50B6C9C8854}C:\program files\yahoo!\messenger\yahoomessenger.exe] => (Allow) C:\program files\yahoo!\messenger\yahoomessenger.exe

FirewallRules: [{1BE1B989-8549-489D-91EB-5DD7EDCC87ED}] => (Allow) C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe

FirewallRules: [{66411175-1426-41E1-93AA-64B83B25236E}] => (Allow) C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe

FirewallRules: [{900F444D-979D-477E-B4BE-DB59F94F95DA}] => (Allow) LPort=5225

FirewallRules: [{72376B2E-0624-439C-A013-EB2EBD676A54}] => (Allow) LPort=5225

FirewallRules: [TCP Query User{0953E3C5-8959-49AF-9DBE-BE59A3050DB6}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe] => (Allow) C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe

FirewallRules: [UDP Query User{4B0FF1CB-1D13-4732-8A72-E80B0EF9AC57}C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe] => (Allow) C:\program files\hewlett-packard\toolbox\jre\bin\javaw.exe

FirewallRules: [TCP Query User{77666501-3BDC-45D9-B0CE-69F1FB5742BC}C:\program files\java\jre1.6.0\bin\java.exe] => (Block) C:\program files\java\jre1.6.0\bin\java.exe

FirewallRules: [UDP Query User{B17062E3-2543-4DB6-893F-C9512144B9E8}C:\program files\java\jre1.6.0\bin\java.exe] => (Block) C:\program files\java\jre1.6.0\bin\java.exe

FirewallRules: [{ECA43E07-17DD-4C05-B171-746120C337E0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{FA47773A-8DF9-4057-A4DB-E6A15E6E1AFA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{7895B3EC-DEE2-4A4F-B71F-68DD7B2A7980}] => (Allow) C:\Windows\System32\dlcxcoms.exe

FirewallRules: [{4BE5E731-F4D1-4982-A9E4-CDBBC1AE6ED6}] => (Allow) C:\Windows\System32\dlcxcoms.exe

FirewallRules: [{16620345-D660-4F83-A157-D6A550481CAA}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe

FirewallRules: [{B7C507E3-79E6-4FB5-82D5-3D12B43976DF}] => (Allow) C:\Program Files\Yahoo!\Messenger\YServer.exe

FirewallRules: [{D47F953B-0260-463C-BCF2-2AC9803E3C10}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{E2996B45-E2E6-46ED-BD32-20811C1E172A}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{CD116ACA-3788-47AD-B827-3761FAED4DB8}] => (Allow) C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe

FirewallRules: [{B6810223-1757-4AAB-B794-3B92F7825FC9}] => (Allow) C:\Program Files\Yahoo!\Yahoo! Music Jukebox\YahooMusicEngine.exe

FirewallRules: [{5A019ABC-883E-47E4-BA41-3F3CE3A42EC3}] => (Allow) C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe

FirewallRules: [{6116FC38-AD5D-4A39-9ED6-EF6606412FCD}] => (Allow) C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe

FirewallRules: [TCP Query User{0CFA288E-2F72-49CB-ADB4-C77FD4ACA2E8}C:\windows\system32\notepad.exe] => (Allow) C:\windows\system32\notepad.exe

FirewallRules: [UDP Query User{A9CFD4DA-6A14-4EE3-8291-6FF544161FC3}C:\windows\system32\notepad.exe] => (Allow) C:\windows\system32\notepad.exe

FirewallRules: [TCP Query User{E4467E63-334B-4AE8-BF25-7BEE8235CA9A}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe

FirewallRules: [UDP Query User{DF4A6181-866D-43BF-9FC7-577CA8AF19D7}C:\program files\google\google earth\plugin\geplugin.exe] => (Block) C:\program files\google\google earth\plugin\geplugin.exe

FirewallRules: [{B0888647-0174-4BDE-8B14-7D7E62DF5344}] => (Allow) LPort=80

FirewallRules: [{288FEDC6-0B73-40CF-AB4B-B9A013F91CB8}] => (Allow) LPort=80

FirewallRules: [{3ADB8FE2-EC6A-4440-A2B7-DFFA09FD84DE}] => (Allow) LPort=80

FirewallRules: [TCP Query User{DD49B455-91A7-447A-A147-86754DB4AEBF}C:\program files\team17\worms armageddon\wa.exe] => (Allow) C:\program files\team17\worms armageddon\wa.exe

FirewallRules: [UDP Query User{C812A600-96BB-4D24-88CA-E1D63224E64B}C:\program files\team17\worms armageddon\wa.exe] => (Allow) C:\program files\team17\worms armageddon\wa.exe

FirewallRules: [{4C72611F-769D-483D-AD1B-DA52358E9DD7}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\RM.exe

FirewallRules: [{7FCBF118-5344-41FC-93D9-4FD35E1BC8F9}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\RM.exe

FirewallRules: [{AF036FE1-D9A2-42DA-92AE-4BF5D3CD2DAD}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe

FirewallRules: [{4B6D640A-2938-4EB4-8FCB-617C179F5E0E}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe

FirewallRules: [{A3065E18-DD4B-407B-9CF5-E1664CDACF22}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\RM.exe

FirewallRules: [{0AA081F3-B548-4787-BAC3-457C6E3340ED}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\RM.exe

FirewallRules: [{8E8CA268-7C0A-4B7F-9DE3-D9F14EF177CE}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe

FirewallRules: [{96DB8F73-6CAD-4F86-B9A0-1C5EDE61B83F}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe

FirewallRules: [{9D50495F-2108-4648-BCA0-03BB03ED3E21}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe

FirewallRules: [{6970A4D6-F35B-44FC-A15E-A094E203ABFF}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\PMSRegisterFile.exe

FirewallRules: [{EEA71786-1D86-4154-ACD7-7A41581CC210}] => (Allow) C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe

FirewallRules: [{B3C5C46C-9762-44B1-849B-C8B6DBEFF408}] => (Allow) C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe

FirewallRules: [{6E1B3C88-641E-4168-A2AF-93FC222BE9DB}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\umi.exe

FirewallRules: [{9A5210EB-2829-4809-A21B-2A9FF6027EAE}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\umi.exe

FirewallRules: [TCP Query User{92E11C77-8470-4748-BCCE-0E850A28E516}C:\program files\pinnacle\shared files\programs\mediamanager\pmsmanager.exe] => (Allow) C:\program files\pinnacle\shared files\programs\mediamanager\pmsmanager.exe

FirewallRules: [UDP Query User{FAFC9B9B-A91F-464E-B2BE-862D8C57A791}C:\program files\pinnacle\shared files\programs\mediamanager\pmsmanager.exe] => (Allow) C:\program files\pinnacle\shared files\programs\mediamanager\pmsmanager.exe

FirewallRules: [TCP Query User{CBB45A30-67A4-4BE3-8B2F-BEB07056CB2A}C:\program files\videoviewer\videoviewer.exe] => (Block) C:\program files\videoviewer\videoviewer.exe

FirewallRules: [UDP Query User{23F744A0-717C-405A-B48E-BC34D0170158}C:\program files\videoviewer\videoviewer.exe] => (Block) C:\program files\videoviewer\videoviewer.exe

FirewallRules: [{5746ED1C-3542-4082-9717-59520FE697DE}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_52.decrpt

FirewallRules: [{7710437B-2E16-4F8E-B989-E674C02E97D7}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_138.decrpt

FirewallRules: [{06C4CF6A-8D7D-4479-8288-72149D5EFB16}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_71.decrpt

FirewallRules: [TCP Query User{C44B8311-88EE-43F3-8EAF-886F27BE8F91}C:\program files\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{29C0C165-6753-43C3-AC94-6F458D587E9F}C:\program files\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files\netgear genie\bin\netgeargenie.exe

FirewallRules: [{04671719-1204-47B5-8CE0-3766BA80447B}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\dyq9vwst418qg7qvx408\component_1.decrpt

FirewallRules: [TCP Query User{300522B8-B9B1-4DBF-B1F8-55AA486C3244}C:\program files\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files\netgear genie\bin\netgeargenie.exe

FirewallRules: [UDP Query User{5D00D852-6AFD-487E-82A7-1E83E1F18701}C:\program files\netgear genie\bin\netgeargenie.exe] => (Block) C:\program files\netgear genie\bin\netgeargenie.exe

FirewallRules: [TCP Query User{720FB80F-2E0D-4D90-A249-D7CF054DE729}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{7CB2C5FE-D42A-4A87-883C-11E9CEFF2C4D}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe

FirewallRules: [TCP Query User{CC3A7C5D-5267-43DE-8CE5-8A2567DEF4B5}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe

FirewallRules: [UDP Query User{0743C5E9-351F-41CB-B430-7014DF0F5136}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe

FirewallRules: [{A104D517-3E9B-4F61-BF2C-82AC188FB153}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{960A0CF4-CF46-4C96-A8E0-5B3B9AC97E26}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{44399A32-BA2F-4FC0-BC70-8A0E8FD0FBF7}] => (Allow) C:\Program Files\iWin Games\iWinGames.exe

FirewallRules: [{A489724F-5A4A-4FA7-8C44-D41D8032F469}] => (Allow) C:\Program Files\iWin Games\iWinGames.exe

FirewallRules: [{5CB2FD23-1816-4740-BBAB-D416D55EB5DE}] => (Allow) C:\Program Files\iWin Games\WebUpdater.exe

FirewallRules: [{ED69E852-B26F-479B-8E00-B98B5044B0FC}] => (Allow) C:\Program Files\iWin Games\WebUpdater.exe

FirewallRules: [{AA15602D-9D18-4CB5-9762-720B79C11F61}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe

FirewallRules: [{87026E34-24B2-459A-8669-393E8EBAFF45}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\Studio.exe

FirewallRules: [TCP Query User{B8DFEA0F-4D12-4138-AFB3-A2419BD5D474}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe

FirewallRules: [UDP Query User{C9B631DF-944E-4873-91F6-B28CACD9C6C3}C:\program files\tmnationsforever\tmforever.exe] => (Allow) C:\program files\tmnationsforever\tmforever.exe

FirewallRules: [{170550A7-709A-47E0-BB98-DB67EDF19D8E}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\umi.exe

FirewallRules: [{6395D1B7-EC14-4ED0-8018-4F6FB8669AB6}] => (Allow) C:\Program Files\Pinnacle\Studio 10\programs\umi.exe

FirewallRules: [{614328DD-1303-4FAE-919F-520C8B373F5E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

FirewallRules: [{3EE83CD5-60FC-4928-B36D-63FB3E017386}] => (Allow) C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{6F11EE63-D815-421B-9D6A-48764294CF02}] => (Allow) C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{1ED680D5-CD81-4090-B014-002305E1CE5C}] => (Allow) C:\Users\Shayla Potter\Downloads\VideoPerformerSetup.exe

FirewallRules: [{D978B5B8-F77F-4D65-82A7-2BEC012FB9A4}] => (Allow) C:\Users\Shayla Potter\Downloads\VideoPerformerSetup.exe

FirewallRules: [{E084AF18-FF72-4B40-AFD1-28CF6C9B3AD8}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\SearchProtectInstaller

FirewallRules: [{1CAADD01-D900-4F4B-81C4-3728AEC3A1FD}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\SpeedanAlysisSetup

FirewallRules: [{69F7B8D1-BC9C-468A-A406-3E9CA38FE1C2}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\CloudBackupSetup

FirewallRules: [{9A8265F4-AB80-4342-93D1-487B6E7F4E58}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\PCPerformerSetup

FirewallRules: [{6B94B505-5AC5-46B1-9DCF-ED83303DC1EB}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\ZulaGamesSetup

FirewallRules: [{0C7EC599-D3E8-4DCD-8D2B-F7C63628CC75}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\VideoPerformerSetup

FirewallRules: [{F0FD8D67-C74D-4018-8745-55FCD6F11674}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [TCP Query User{023FD972-61BE-42E2-989C-B7672CE6E1D0}G:\simplisafewizard.exe] => (Allow) G:\simplisafewizard.exe

FirewallRules: [UDP Query User{10E89B64-ADCD-4ADE-A595-15A1D55E9FEF}G:\simplisafewizard.exe] => (Allow) G:\simplisafewizard.exe

FirewallRules: [{0E46D030-C9ED-42E0-B41C-C4E264D44BF7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (05/24/2015 09:25:23 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 09:20:24 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 09:20:21 AM) (Source: MatSvc) (EventID: 15) (User: )

Description: The scheduled MATS task encountered a failure when collecting configuration data. hr=0xC004F00E

Error: (05/24/2015 09:20:19 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 06:51:52 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 06:46:55 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 02:02:51 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/24/2015 01:57:52 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/23/2015 09:44:50 PM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

Error: (05/23/2015 09:39:52 PM) (Source: MatSvc) (EventID: 3) (User: )

Description: The MATS service encountered a web service failure. hr=0x80072EFE

System errors:

=============

Error: (05/24/2015 03:03:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: 0x80070103nVidia - Display - NVIDIA GeForce 6150SE nForce 430{1D38688E-F7C7-4448-8ED3-CF4D30DC746B}101

Error: (05/23/2015 03:04:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: 0x80070103nVidia - Display - NVIDIA GeForce 6150SE nForce 430{1D38688E-F7C7-4448-8ED3-CF4D30DC746B}101

Error: (05/22/2015 03:05:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: 0x80070103nVidia - Display - NVIDIA GeForce 6150SE nForce 430{1D38688E-F7C7-4448-8ED3-CF4D30DC746B}101

Error: (05/21/2015 03:05:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: 0x80070103nVidia - Display - NVIDIA GeForce 6150SE nForce 430{1D38688E-F7C7-4448-8ED3-CF4D30DC746B}101

Error: (05/21/2015 01:32:31 AM) (Source: Dhcp) (EventID: 1002) (User: )

Description: The IP address lease 192.168.1.10 for the Network Card with network address 001AA06945F1 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

Error: (05/20/2015 02:06:12 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1096) (User: BNSS-LEASED)

Description: The processing of Group Policy failed. Windows could not apply the registry-based policy settings for the Group Policy object LocalGPO. Group Policy settings will not be resolved until this event is resolved. View the event details for more information on the file name and path that caused the failure.

Error: (05/20/2015 01:33:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Parallel port driver%%1058

Error: (05/20/2015 01:33:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: WINBOND W55U01 USB%%1058

Error: (05/20/2015 01:32:56 PM) (Source: LSM) (EventID: 1048) (User: )

Description: Terminal Service start failed. The relevant status code was The configuration data for this product is corrupt. Contact your support personnel.

Error: (05/20/2015 01:27:18 PM) (Source: Service Control Manager) (EventID: 7043) (User: )

Description: WRSVC

Microsoft Office:

=========================

Error: (05/24/2015 09:25:23 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/24/2015 09:20:24 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/24/2015 09:20:21 AM) (Source: MatSvc) (EventID: 15) (User: )

Description: hr=0xC004F00E

Error: (05/24/2015 09:20:19 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEISapCatalogService::GetFullSapCatalog

Error: (05/24/2015 06:51:52 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/24/2015 06:46:55 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/24/2015 02:02:51 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/24/2015 01:57:52 AM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/23/2015 09:44:50 PM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

Error: (05/23/2015 09:39:52 PM) (Source: MatSvc) (EventID: 3) (User: )

Description: hr=0x80072EFEIDataUploadService::UploadResult

CodeIntegrity Errors:

===================================

Date: 2014-07-15 23:50:24.151

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-15 23:50:23.129

Date: 2014-07-15 23:50:22.105

Date: 2014-07-15 23:50:21.065

Date: 2014-07-15 23:49:03.129

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-15 23:49:02.037

Date: 2014-07-15 23:49:00.931

Date: 2014-07-15 23:48:59.846

Date: 2014-02-28 22:23:21.033

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\Spigot\Search Settings\wth178.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-02-28 22:23:19.937

==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 4000+

Percentage of memory in use: 88%

Total physical RAM: 1981.76 MB

Available physical RAM: 228.77 MB

Total Pagefile: 5430.23 MB

Available Pagefile: 2685.16 MB

Total Virtual: 2047.88 MB

Available Virtual: 1913.73 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:222.78 GB) (Free:8.54 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.8 GB) (Disk ID: 08000000)

Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Active) - (Size=222.8 GB) - (Type=07 NTFS)

==================== End of log ============================

#2
zep516

Posted 24 May 2015 - 02:10 PM

Trusted Helper

Malware Removal
8,090 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

First
Please remove these programs from your programs an features list, Start > Control panel > Programs an features. In the list find the program listed below and uninstall it.

Adobe Reader 8.3.1
Updater Service

If a program will not remove skip it and keep following instructions please.

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [iLivid] => "C:\Users\Shayla Potter\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-1260561122-373576474-2963483527-1005\...\Run: [Itibiti.exe] => C:\Program Files\Itibiti Soft Phone\Itibiti.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1010\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1005\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1260561122-373576474-2963483527-1000\User: Group Policy Restriction detected <======= ATTENTION
CHR HKU\S-1-5-21-1260561122-373576474-2963483527-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
URLSearchHook: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 - (No Name) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} -  No File
SearchScopes: HKLM -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.goonsearc...q={searchTerms}
SearchScopes: HKLM -> {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www1.delta-se...13_246&tsp=4981
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.goonsearc...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {54ACE04D-52D8-4E32-97D3-0E379B1128F0} URL = http://groovorio.com...r=885083894&ir=
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {9bd172ba-3f40-4303-bca1-0484b5ba2a7b} URL = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = http://toolbar.inbox...id=80051&lng=en
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO: AccelerateTab -> {48A789BF-F6D6-4930-9C8B-77855A63EDE1} -> C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll [2014-05-26] (Secure Speed Dial)
BHO: No Name -> {6C8DB2EC-499B-4897-A784-0E3186C97E9D} ->  No File
BHO: No Name -> {CA6319C0-31B7-401E-A518-A07C3DB8F777} ->  No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM - No Name - {8660E5B3-6C41-44DE-8503-98D99BBECD41} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1260561122-373576474-2963483527-1005 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
FF Plugin: @movenetworks.com/Quantum Media Player -> C:\Users\Shayla Potter\AppData\Roaming\Move Networks\plugins\npqmp071504000001.dll No File
FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF HKLM\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
CHR HKLM\...\Chrome\Extension: [cnpkmcjgpcihgfnkcjapiaabbbplkcmf] - C:\Program Files\Coupons.com CouponBar\chrome\Coupons.com.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Shayla Potter\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2580304 2014-05-28] () <==== ATTENTION
C:\Program Files\Secure Speed Dial
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 easytether; system32\DRIVERS\easytthr.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 vieieerh; \??\C:\Windows\system32\drivers\vieieerh.sys [X]
C:\Users\Kids\jagex_runescape_preferences.dat
C:\Users\Kids\jagex_runescape_preferences2.dat
C:\Users\Kieran\jagex_runescape_preferences.dat
C:\Users\Kieran\jagex_runescape_preferences2.dat
C:\Users\Shayla Potter\jagex_runescape_preferences.dat
C:\Users\Shayla Potter\jagex_runescape_preferences2.dat
MarketResearch (Version: 82.0.174.000 - Hewlett-Packard) Hidden  
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Shayla Potter\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{738CD606-129D-45db-86D6-6C9739C750CA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{76D50904-6780-4c8b-8986-1A7EE0B1716D}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Local\Roblox\Versions\version-c04585a2d58a4f29\RobloxProxy.dll (ROBLOX Corporation)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.exe (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\localserver32 -> C:\Windows\Downloaded Program Files\dwusplay.exe (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Shayla Potter\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe No File
CustomCLSID: HKU\S-1-5-21-1260561122-373576474-2963483527-1005_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll No File
Task: {3C817959-645A-44D8-AFBE-FCF3A93A0A53} - System32\Tasks\ProPCCleaner_Start => C:\Program Files\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
C:\Program Files\Pro PC Cleaner
Task: {752E18DC-EE40-4A9E-8BF8-0D303F149432} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {EDC61C3C-3C8E-43E5-98BF-E3D87E739FA4} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files\MyPC Backup
AlternateDataStreams: C:\ProgramData\TEMP:08AC8A76
AlternateDataStreams: C:\ProgramData\TEMP:376AEA88
AlternateDataStreams: C:\ProgramData\TEMP:69F4A9BE
AlternateDataStreams: C:\ProgramData\TEMP:819BEFD3
AlternateDataStreams: C:\ProgramData\TEMP:81A5201B
AlternateDataStreams: C:\ProgramData\TEMP:8EC55520
AlternateDataStreams: C:\ProgramData\TEMP:A52C3C4A
AlternateDataStreams: C:\ProgramData\TEMP:AA3339BE
AlternateDataStreams: C:\ProgramData\TEMP:AD6273E0
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
AlternateDataStreams: C:\ProgramData\TEMP:E33EA293
AlternateDataStreams: C:\ProgramData\TEMP:EA031481
AlternateDataStreams: C:\ProgramData\TEMP:FE53E4F7
AlternateDataStreams: C:\Users\Shayla Potter\Downloads\Fireworks Soundtrack 2012(Final2).mp3:TOC.WMV
AlternateDataStreams: C:\Users\Shayla Potter\Downloads\The.Event.S01E09.HDTV.XviD-LOL.avi:TOC.WMV
AlternateDataStreams: C:\Users\Shayla Potter\Downloads\The.Event.S01E10.HDTV.XviD-LOL.avi:TOC.WMV
FirewallRules: [{CF3F1C2E-12B5-47B5-8614-EEA33474929F}] => (Allow) C:\Program Files\AVG\AVG8\avgemc.exe
FirewallRules: [{C27A2989-753C-4545-96EC-06E5B89D85B9}] => (Allow) C:\Program Files\AVG\AVG8\avgupd.exe
FirewallRules: [{CDE64441-851E-4950-9086-D36CED50AF12}] => (Allow) C:\Program Files\AVG\AVG8\avgnsx.exe
FirewallRules: [{5746ED1C-3542-4082-9717-59520FE697DE}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_52.decrpt
FirewallRules: [{7710437B-2E16-4F8E-B989-E674C02E97D7}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_138.decrpt
FirewallRules: [{06C4CF6A-8D7D-4479-8288-72149D5EFB16}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\ibtmpe88488\component_71.decrpt
FirewallRules: [{04671719-1204-47B5-8CE0-3766BA80447B}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\dyq9vwst418qg7qvx408\component_1.decrpt
FirewallRules: [{E084AF18-FF72-4B40-AFD1-28CF6C9B3AD8}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\SearchProtectInstaller
FirewallRules: [{1CAADD01-D900-4F4B-81C4-3728AEC3A1FD}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\SpeedanAlysisSetup
FirewallRules: [{69F7B8D1-BC9C-468A-A406-3E9CA38FE1C2}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\CloudBackupSetup
FirewallRules: [{9A8265F4-AB80-4342-93D1-487B6E7F4E58}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\PCPerformerSetup
FirewallRules: [{6B94B505-5AC5-46B1-9DCF-ED83303DC1EB}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\ZulaGamesSetup
FirewallRules: [{0C7EC599-D3E8-4DCD-8D2B-F7C63628CC75}] => (Allow) C:\Users\SHAYLA~1\AppData\Local\Temp\0qvruq1t\VideoPerformerSetup
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
hosts:
Emptytemp:

#3
crybaby

Posted 25 May 2015 - 10:08 AM

Member

Topic Starter
Member
175 posts

Hi zep516,

Thank you for taking the time to review my issue. I have run into a few problems while following your instruction. First, the Adobe Reader 8.3.1 would not uninstall; Second, I saw nothing entitled Updater Service; third, the FRST fix began, but is now no longer responding. What should I do?

#4
zep516

Posted 25 May 2015 - 11:11 AM

Trusted Helper

Malware Removal
8,090 posts

Reboot the computer and retry FRST fix again.

#5
crybaby

Posted 25 May 2015 - 11:29 AM

Member

Topic Starter
Member
175 posts

OK. After my last post, the program resumed, and Adobe Reader 8.3.1 was successfully uninstalled, and the computer was rebooted. Here is the Fixlog.txt you requested.

Fix result of Farbar Recovery Scan Tool (x86) Version: 24-05-2015 01

Ran by Shayla Potter at 2015-05-25 10:31:44 Run:1

Running from C:\Users\Shayla Potter\Desktop

Loaded Profiles: Shayla Potter (Available Profiles: Mason & Shayla Potter & Kieran & Administrator & Guest)

Boot Mode: Normal

==============================================

fixlist content:

*****************

start

CloseProcesses:

CreateRestorePoint: