Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

My Computer is infected with spyware or something else thats taking it


  • This topic is locked This topic is locked

#1
tami721

tami721

    New Member

  • Member
  • Pip
  • 2 posts

Well first off, my computer started acting weird, re-directing me to different pages when i specifically type\ in the one i wanted.  it started running very slow, and getting very hot.  I would find that there was items downloaded in the control panel that I never did, Now, I have suspected my fiance of cheating on me, so i did a little investigation and it looks like he has put something in my computer and Iphone to link both of them to his account, I have no idea if that has anything to do with this but he denies it, I have synced his Iphone to the computer and you will see there are many items from there, someone telling him to goto github, and other sites, all are coded, just a few are not.  there are maps from his Iphone.  (George Kisor)  He denies all this but ive broken into his phone and have seen in his google drive alot of item, I would either sync, or email all to me and download to my computer to evaluate later, but now I cant even open a page up in chrome, it will take a very long time, and I've noticed other extensions being added on while i would be on that page in chrome.  There are messages from this "other side" to him, I have to goto my "C" drive click users my name Tamara, and go from there, I want to open and read all these, but i dont want anything else to mess up my computer, Here is what my scan shows... please I need help .... Thank you.............

 

 

now i cannot even copy and paste this from my notes, i cant even attach files, says with a sad face unable resolve DNS server.....

Please help...

 

thank you Tami

 

ok ifigured out how to get it pasted on here not sure if both is on here or not

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
Ran by Tamara (administrator) on TAMARA-HP (25-08-2015 21:21:05)
Running from C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\Desktop
Loaded Profiles: Tamara (Available Profiles: Tamara & Teagan & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Kromtech) C:\Program Files\Kromtech\Common\AccountService.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
() C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe
(Mindspark) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Irrational Number Applications) C:\ProgramData\siwPSKm\bnFKybbr.exe
(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
(Trusted Software ApS) C:\Program Files (x86)\File Type Assistant\tsassist.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(PC Privacy Dock) C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe
(© 2015 Microsoft Corporation) C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files (x86)\OLBPre\OLBPre.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\ProgramData\Aorewumi\1.0.4.1\bsacsuob.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
(Farbar) C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\Desktop\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-31] (IDT, Inc.)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)
HKLM-x32\...\Run: [VideoDownloadConverter EPM Support] => C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe [11624 2015-07-24] (Mindspark)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Driver Manager] => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Facebook Update] => C:\Users\Tamara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-08-10] (Facebook Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [PCPrivacyDock] => C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe [4571472 2015-04-14] (PC Privacy Dock)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [BingSvc] => C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleChromeAutoLaunch_F8FE182011A15AC917B8387A39BFDA5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\RunOnce: [Uninstall C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64"
HKU\S-1-5-18\...\Run: [] => [X]
AppInit_DLLs-x32: c:\progra~3\{bf845~1\1173~1.1\taci.dll => "c:\progra~3\{bf845~1\1173~1.1\taci.dll" File not found
Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2015-07-02]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()
Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk [2015-08-24]
ShortcutTarget: RapidMediaConverterApp.lnk -> C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2578401405-4068804440-3125762638-1006\User: Restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-tr-rhb-30__alt__ddc_dsssyc_bd_com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11473&guid={8852908C-DEB4-4535-88DD-654880518ECE}&i=
URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (Mindspark)
SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> OldSearch URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = 
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-w3i&type=W3i_YT,191,8_4,Search,20120208,18370,0,18,0
BHO-x32: Toolbar BHO -> {312f84fb-8970-4fd3-bddb-7012eac4afc9} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)
BHO-x32: Search Assistant BHO -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2015-07-24] (Mindspark)
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} -  No File
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} -  No File
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} -  No File
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: HKLM-x32 {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{2EBDFDEB-1704-4BAC-875D-80117ADF2E51}: [DhcpNameServer] 66.252.91.254 66.252.95.254
Tcpip\..\Interfaces\{6A4986A7-6AAF-45A0-A3B7-9A20F7E89FAA}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{BBC92EF3-C8C4-480A-A8B8-FF391EB9A9FE}: [DhcpNameServer] 192.168.0.1 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default
FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo Search!
FF DefaultSearchEngine.US: Yahoo Search!
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyc_bd_com
FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tamara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @tnt2npapi.com/Plugin -> C:\Users\Tamara\AppData\Local\TNT2\2.0.0.1995\npTNT2.dll [2015-08-04] (Eshield)
FF user.js: detected! => C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\user.js [2015-08-04]
FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\bing-.xml [2015-07-04]
FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\yahoo-search.xml [2015-07-24]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-02-18]
FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]
 
Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-28]
CHR Extension: (Facebook Full-size Profile Pictures) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcgdkfpobnjbhhmmelbojdakpehniof [2015-03-28]
CHR Extension: (Mimecraft PC) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajbhloofjoigjdgaadhonkgeemecoijm [2015-04-03]
CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-28]
CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-28]
CHR Extension: (Record Page) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkbhhlnpdncfkammaaofgmhdmealgmh [2015-07-20]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-04]
CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-03-29]
CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-04]
CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-03-29]
CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-03-31]
CHR Extension: (Popular on Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfhhaffkfckcjcjeoemhjocccdeicidi [2015-03-31]
CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-03-31]
CHR Extension: (HD Movie Center) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncmlfjkhonpilhfcekklkdemnphabhp [2015-04-14]
CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-04-10]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-28]
CHR Extension: (Google Play Movies & TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2015-03-28]
CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghccgmeejadcgmebbfmcmknnhdjkmdkm [2015-07-02]
CHR Extension: (Downloadr - Download Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-03-29]
CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-03-31]
CHR Extension: (Get The Results Hub) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\holighkmkclhlejkfajgfomgjakgdpkj [2015-07-20]
CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-04-14]
CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-04-01]
CHR Extension: (Chrome to Mobile) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2015-03-31]
CHR Extension: (Minicraft 3D) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebmaannmcmihccbmpbcgcpmecgbkaic [2015-04-03]
CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-03-30]
CHR Extension: (Blazer Deals) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkneaeopaflijpnmdifmmachekjmekkd [2015-07-31]
CHR Extension: (List Progress Bar for Trello) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhahganeobopkelbdeljamclomlhhjg [2015-08-09]
CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-28]
CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-04-01]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-28]
CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-03-30]
CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-03-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-31]
CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-30]
CHR Extension: (Google Cast API) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafeflapfdfljijmlienjedomfjfmhpd [2015-03-28]
CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-03-31]
CHR Extension: (Live TV Free - TV 360) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nananoifaaimehnlhoolpggpgkbefdom [2015-03-29]
CHR Extension: (WeatherBug) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-28]
CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-03-28]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-05-31]
CHR Extension: (Radio Homepage) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhinfcomikigclgegiaffddapmdlocg [2015-04-02]
CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-04-02]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-04-13]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-04]
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (JSON Formatter) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2015-06-09]
CHR Extension: (Open with Google Drive™ Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2015-06-11]
CHR Extension: (Tools for Google Maps™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljpanecjjlonmoiofelcmkkpojcalcb [2015-06-10]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-20]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]
CHR Extension: (JSON Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2015-06-09]
CHR Extension: (Drive Files to Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idamojobbhfpcbdnkekoinbmobhkjojk [2015-06-28]
CHR Extension: (FromDocToPDF) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imgmnliijnmlfabhlpajkebggoeicphi [2015-06-14]
CHR Extension: (Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-19]
CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcimnckjiicikfpppcgnjhiflibbnbel [2015-08-25]
CHR Extension: (XML, JSON Viewer with Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnbmejbkgjdhmhbdbfjioejeeojnpkon [2015-06-11]
CHR Extension: (Google Maps API Checker) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlikepnkghhlnkgeejmlkfeheihlehne [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-19]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (CrushArcade) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnhjnmacgahapmnnifmneapinilajfol [2015-06-12]
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-07]
CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-07]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-07]
CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-06-07]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-07]
CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-06-07]
CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-07]
CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-06-07]
CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-06-07]
CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-09]
CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-06-07]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-07]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-06-09]
CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-06-07]
CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-06-07]
CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-06-07]
CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-06-07]
CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-06-07]
CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-06-07]
CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-06-07]
CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-06-07]
CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-06-07]
CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-06-07]
CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-06-07]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]
CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-06-07]
CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-06-07]
CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-06-07]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-07]
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-21]
CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]
CHR Extension: (Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-10]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-10]
CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-10]
CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-10]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-08-10]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-10]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tamara\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-06-06]
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 00977a63; c:\Program Files (x86)\LighterInit\LighterInit.dll [2238976 2015-07-23] () [File not signed]
R2 088c3b28; c:\Program Files (x86)\LibrarySystem\LibrarySystem.dll [2622464 2015-08-09] () [File not signed]
R2 310a2fa8; c:\Program Files (x86)\ReactorRise\ReactorRise.dll [2640384 2015-08-06] () [File not signed]
R2 AccountService; C:\Program Files\Kromtech\Common\AccountService.exe [211248 2015-02-04] (Kromtech) <==== ATTENTION
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [348056 2012-12-05] (Capital Intellect, Inc.)
R2 bnFKybbr; C:\ProgramData\siwPSKm\bnFKybbr.exe [2732024 2015-08-24] (Irrational Number Applications)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 d3a378f6; c:\Program Files (x86)\RelaySubs\RelaySubs.dll [2477056 2015-08-09] () [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)
R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-12] (WildTangent)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-10-31] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 Service Mgr GetTheResultsHub; C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe [1195224 2015-08-25] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 Update Mgr GetTheResultsHub; C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe [704728 2015-08-24] ()
R2 VideoDownloadConverter_4zService; C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [89448 2015-07-24] (Mindspark)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-25] (SlimWare Utilities, Inc.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Tamara\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S1 csfd_1_10_0_17; system32\drivers\csfd_1_10_0_17.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-25 20:59 - 2015-08-25 21:01 - 00000000 ____D C:\ProgramData\Radio
2015-08-25 19:36 - 2015-07-29 03:52 - 03466368 _____ C:\Users\Tamara\Documents\My Videos - Copy.zip
2015-08-25 19:29 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Documents\TimelineRawData-20150801T234304.json
2015-08-25 19:28 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Documents\WebKitSupportLibrary.zip
2015-08-25 19:27 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Documents\WebKitAuxiliaryLibrary.zip
2015-08-25 19:23 - 2015-08-25 19:34 - 00122220 _____ C:\Users\Tamara\Downloads\BonjourSetup.exe
2015-08-25 00:53 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Downloads\WebKitAuxiliaryLibrary.zip
2015-08-25 00:52 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Downloads\WebKitSupportLibrary.zip
2015-08-24 23:57 - 2015-08-24 23:57 - 00000000 ____D C:\WebShield
2015-08-24 23:33 - 2015-08-25 21:04 - 00001858 _____ C:\Users\Public\Desktop\Google  Chrome.lnk
2015-08-24 23:31 - 2015-08-25 21:04 - 00001888 _____ C:\Users\Public\Desktop\speed browser.lnk
2015-08-24 23:31 - 2015-08-25 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\speed browser
2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Program Files (x86)\speed browser
2015-08-24 22:59 - 2015-08-24 22:59 - 00000000 ____D C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.1
2015-08-24 22:30 - 2015-08-24 22:30 - 00000000 ____D C:\Users\Tamara\Downloads\NetworkDeviceMonitor-v1
2015-08-24 21:59 - 2015-08-24 22:50 - 01134048 _____ (Download Assistant) C:\Users\Tamara\Downloads\Notepad  Setup-25985873.exe
2015-08-24 21:37 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Documents\mail.google.com.har
2015-08-24 21:36 - 2015-06-15 15:08 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52 (1).rar
2015-08-24 21:36 - 2015-06-15 12:13 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52.rar
2015-08-24 21:36 - 2015-03-16 21:36 - 75737721 _____ C:\Users\Tamara\Documents\lws220.dmg
2015-08-24 21:30 - 2015-08-24 21:30 - 00002441 _____ C:\Users\Public\Desktop\Bonjour Printer Wizard.lnk
2015-08-24 21:30 - 2015-08-24 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
2015-08-24 20:57 - 2015-08-24 20:57 - 00000000 ____D C:\Users\Tamara\Documents\google-api-java-client-dev (1)
2015-08-24 20:33 - 2015-08-24 16:42 - 00000008 ____H C:\Users\Tamara\Documents\sentinel
2015-08-24 18:29 - 2015-08-24 18:29 - 00003364 _____ C:\Windows\System32\Tasks\{EB8E5C55-830D-4446-8A2A-97ED2AD69720}
2015-08-24 17:57 - 2015-08-24 18:13 - 00017051 _____ C:\Users\Tamara\Downloads\RapidMediaConverter (2).exe
2015-08-24 17:55 - 2015-08-24 18:28 - 00453203 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter (1).exe.7x3ppbx.partial
2015-08-24 17:46 - 2015-08-24 18:28 - 01053643 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter.exe.4echy0u.partial
2015-08-24 16:56 - 2015-08-24 16:56 - 00000000 ____D C:\Program Files (x86)\VideoDownloadConverter_4z
2015-08-24 15:19 - 2015-08-25 01:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\WebShield
2015-08-24 15:15 - 2015-08-25 21:01 - 00003434 _____ C:\Windows\System32\Tasks\Aorewumi
2015-08-24 15:10 - 2015-08-24 15:15 - 00000000 ____D C:\ProgramData\Aorewumi
2015-08-24 15:04 - 2015-08-24 15:18 - 00000000 ____D C:\ProgramData\siwPSKm
2015-08-24 15:04 - 2015-08-24 15:04 - 00000000 ____D C:\ProgramData\WebShield
2015-08-24 14:52 - 2015-08-24 20:15 - 00000000 ____D C:\Users\Tamara\AppData\Local\RapidMediaConverter
2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter
2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Program Files (x86)\RapidMediaConverter
2015-08-24 14:21 - 2015-08-24 14:21 - 00073549 _____ C:\Users\Tamara\originalAddition.txt
2015-08-24 14:13 - 2015-08-24 14:13 - 00139253 _____ C:\Users\Tamara\Shortcut.txt
2015-08-24 14:10 - 2015-08-24 14:13 - 00073549 _____ C:\Users\Tamara\Addition.txt
2015-08-24 14:08 - 2015-08-24 14:13 - 00178146 _____ C:\Users\Tamara\FRST.txt
2015-08-24 14:07 - 2015-08-25 21:21 - 00000000 ____D C:\FRST
2015-08-24 14:03 - 2015-08-24 14:07 - 02186752 _____ (Farbar) C:\Users\Tamara\FRST64.exe
2015-08-24 12:46 - 2015-08-24 21:39 - 00000000 ____D C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html  bullshit_files
2015-08-24 12:46 - 2015-08-24 12:46 - 00092978 _____ C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html  [bleep].html
2015-08-23 00:52 - 2015-08-24 11:46 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForTamara.job
2015-08-23 00:52 - 2015-08-23 00:52 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTamara
2015-08-20 00:13 - 2015-08-20 00:13 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat
2015-08-19 01:04 - 2015-08-19 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 11:28 - 2015-08-12 11:28 - 00004582 _____ C:\Users\Tamara\Documents\scanprivatecalendarDocument.odt
2015-08-12 06:17 - 2015-08-12 06:17 - 00231702 _____ C:\Users\Tamara\Downloads\maps1
2015-08-12 06:01 - 2015-08-12 06:01 - 37214505 _____ C:\Users\Tamara\Downloads\Google Maps 4.7.0.ipa
2015-08-10 13:02 - 2015-08-10 13:12 - 00000000 ____D C:\Users\Tamara\AppData\Local\ISL Online Cache
2015-08-10 10:04 - 2015-08-24 23:18 - 00000000 ____D C:\ProgramData\Browser
2015-08-10 05:57 - 2015-08-10 05:57 - 00000000 ____D C:\CrimeWatch
2015-08-10 05:34 - 2015-08-25 21:04 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-10 04:58 - 2015-08-10 04:58 - 00000000 ____D C:\ProgramData\PC Privacy Dock
2015-08-10 04:52 - 2015-08-10 22:09 - 00003511 _____ C:\Windows\SysWOW64\mlogger.log
2015-08-10 03:38 - 2015-08-10 03:38 - 00003200 _____ C:\Windows\System32\Tasks\PROPCCleaner_Start
2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall
2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Local\PRO_PC_Cleaner
2015-08-10 03:18 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Documents\常用词.html
2015-08-10 01:36 - 2015-08-10 01:36 - 00000000 ____D C:\Spacekace
2015-08-09 20:49 - 2015-08-09 20:49 - 00000000 ____D C:\Program Files (x86)\LibrarySystem
2015-08-09 18:38 - 2015-08-09 18:38 - 00000000 ____D C:\Program Files (x86)\List Progress Bar for Trello
2015-08-09 18:33 - 2015-08-09 18:33 - 00000000 ____D C:\Program Files (x86)\TakeTTheCouupOn
2015-08-09 18:32 - 2015-08-09 18:32 - 00000000 ____D C:\Program Files (x86)\TakeTheeCouponn
2015-08-09 17:52 - 2015-08-09 17:52 - 00000000 ____D C:\Program Files (x86)\RelaySubs
2015-08-06 23:36 - 2015-08-06 23:36 - 00001436 _____ C:\Users\Tamara\Downloads\[email protected] (1) (1).zip
2015-08-06 22:51 - 2015-08-06 22:51 - 00005923 _____ C:\Users\Tamara\Downloads\aolauth.min.js
2015-08-06 22:48 - 2015-08-06 22:48 - 00008797 _____ C:\Users\Tamara\Downloads\map more info
2015-08-06 22:45 - 2015-08-06 22:45 - 00001151 _____ C:\Users\Tamara\Downloads\Store.html
2015-08-06 22:43 - 2015-08-06 22:43 - 00005309 _____ C:\Users\Tamara\Downloads\map more info.ttj
2015-08-06 22:42 - 2015-08-06 22:42 - 00114710 _____ C:\Users\Tamara\Downloads\map with more info moatuac.js
2015-08-06 22:40 - 2015-08-06 22:40 - 00000953 ____R C:\Users\Tamara\Downloads\get time privacy_banner.js
2015-08-06 22:37 - 2015-08-06 22:37 - 00036804 _____ C:\Users\Tamara\Downloads\adsWrapper.js
2015-08-06 22:26 - 2015-08-06 22:26 - 00141993 _____ C:\Users\Tamara\Downloads\map2015
2015-08-06 10:52 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5) - Copy
2015-08-06 10:48 - 2015-08-06 10:48 - 00000000 ____D C:\Users\Tamara\Documents\New folder (11)
2015-08-06 07:01 - 2015-08-06 07:01 - 00000000 ____D C:\Program Files (x86)\ReactorRise
2015-08-05 20:28 - 2015-08-05 20:28 - 00010403 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_1
2015-08-05 20:26 - 2015-08-05 20:26 - 00113519 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_0
2015-08-05 20:25 - 2015-08-05 20:25 - 00000000 ____D C:\Users\Tamara\New folder (8)
2015-08-05 20:21 - 2015-08-05 20:21 - 00068852 _____ C:\Users\Tamara\Downloads\playlistgkyoutube
2015-08-05 04:45 - 2015-08-05 04:45 - 00000000 ____D C:\Users\Tamara\AppData\Local\{98FC7EB0-0331-439C-976E-46284944AEB1}
2015-08-05 00:53 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1 (1).jar
2015-08-05 00:33 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1.jar
2015-08-04 21:11 - 2015-08-04 21:11 - 00012048 _____ C:\Users\Tamara\Documents\google-http-client-android-1.20.0.jar
2015-08-04 19:13 - 2015-08-05 00:33 - 00813896 _____ (Google Inc.) C:\Users\Tamara\Downloads\chrome.exe
2015-08-04 18:43 - 2015-08-04 18:43 - 00000000 ____D C:\Users\Tamara\Google Drive
2015-08-04 13:41 - 2015-08-04 13:41 - 00000000 ____D C:\Program Files (x86)\TNT2
2015-08-03 00:15 - 2015-08-03 00:16 - 00000000 ____D C:\Users\Tamara\AppData\Local\{C4460E98-73DE-47D3-AAD7-CE7DEC77C6AA}
2015-08-02 02:43 - 2015-08-02 02:43 - 00000836 ____R C:\Users\Tamara\Downloads\Passport (1).htm
2015-08-02 00:01 - 2015-08-02 00:01 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document (2).jnt
2015-08-01 23:43 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Downloads\TimelineRawData-20150801T234304.json
2015-08-01 12:13 - 2015-08-01 12:13 - 00000000 ____D C:\Itibiti
2015-08-01 03:14 - 2015-08-01 03:14 - 00000593 _____ C:\Users\Tamara\Downloads\7FBE.tmp
2015-08-01 03:10 - 2015-08-01 03:10 - 00000593 _____ C:\Users\Tamara\Downloads\708D.tmp
2015-07-31 21:21 - 2015-07-31 21:21 - 00004677 _____ C:\Users\Tamara\Downloads\events_microformats.js
2015-07-31 18:38 - 2015-07-31 18:38 - 02175123 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5 (1).zip
2015-07-31 18:25 - 2015-07-31 18:25 - 06607199 _____ C:\Users\Tamara\Documents\client_crm (1).zip
2015-07-31 18:24 - 2015-07-31 18:24 - 00000115 _____ C:\Users\Tamara\Downloads\guava-jdk5-13.0.jar.URL
2015-07-31 18:23 - 2015-07-31 18:23 - 00000000 ____D C:\Users\Tamara\Documents\New folder (3)
2015-07-31 03:46 - 2015-07-31 03:46 - 03466368 _____ C:\Users\Tamara\Downloads\C1D2.tmp
2015-07-31 02:52 - 2015-07-31 02:52 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1)
2015-07-31 02:44 - 2015-07-31 02:44 - 00000000 ____D C:\Users\Tamara\Documents\Setup (1)
2015-07-31 01:44 - 2015-07-31 02:32 - 00000000 ____D C:\Users\Tamara\AppData\6
2015-07-30 23:03 - 2015-07-31 18:01 - 00000000 ____D C:\Users\Tamara\.smplayer
2015-07-30 23:03 - 2015-07-30 23:03 - 00001011 _____ C:\Users\Tamara\Documents\SMPlayer.lnk
2015-07-30 23:03 - 2015-07-30 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2015-07-30 22:50 - 2015-07-30 22:50 - 00000000 ____D C:\Users\Tamara\AppData\Local\{19638CB5-8B5F-4F76-95FD-FC0A52B3A83C}
2015-07-30 22:44 - 2015-07-30 22:44 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B.framework
2015-07-30 19:27 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Downloads\常用词.html
2015-07-30 19:00 - 2015-07-30 19:00 - 00000000 ____D C:\Users\Tamara\Downloads\client_crm
2015-07-30 18:21 - 2015-07-30 18:21 - 00000000 ____D C:\Users\Tamara\Documents\New folder (10)
2015-07-30 18:09 - 2015-07-30 18:09 - 00000000 ____D C:\Users\Tamara\Documents\maven1
2015-07-30 18:09 - 1980-01-01 00:00 - 00002660 _____ C:\Users\Tamara\Documents\New folder (9)
2015-07-30 18:04 - 2015-08-10 16:15 - 00000310 _____ C:\Windows\SysWOW64\ff.bin
2015-07-30 18:03 - 2015-08-10 16:10 - 00000552 _____ C:\Windows\SysWOW64\schtasks.bin
2015-07-30 16:04 - 2015-07-30 16:04 - 00000000 _____ C:\Windows\SysWOW64\sho97C8.tmp
2015-07-30 14:59 - 2015-07-30 14:59 - 00000000 ____D C:\Users\Tamara\Documents\dependencies
2015-07-30 14:55 - 2015-07-30 14:55 - 00000000 ____D C:\Users\Tamara\Documents\New folder (8)
2015-07-30 14:54 - 2015-07-30 14:57 - 11524694 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.0 (1).zip
2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (7)
2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (6)
2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5)
2015-07-30 14:34 - 2015-07-30 14:34 - 00616043 _____ C:\Users\Tamara\Documents\google-api-java-client-dev (1).zip
2015-07-30 14:33 - 2015-07-30 14:33 - 00000000 ____D C:\Users\Tamara\AppData\Local\{E0F3D240-7B23-4E9C-BB51-0386E069E33E}
2015-07-30 14:29 - 2015-08-05 00:26 - 00000000 ____D C:\Users\Tamara\Documents\client_crm (1)
2015-07-30 14:26 - 2015-07-30 14:26 - 00000000 ____D C:\Users\Tamara\Documents\json read
2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder (2)
2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder
2015-07-30 14:18 - 2015-07-30 14:18 - 03462694 _____ C:\Users\Tamara\Downloads\client_crm.zip
2015-07-30 13:54 - 2015-07-30 13:54 - 00001059 _____ C:\Users\Public\Desktop\SmartPCFixer.lnk
2015-07-30 13:54 - 2015-07-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
2015-07-30 13:54 - 2014-05-10 09:24 - 00000229 _____ C:\Users\Public\Desktop\LionSea Software.url
2015-07-30 13:53 - 2015-07-30 13:54 - 00000000 ____D C:\Program Files (x86)\SmartPCFixer
2015-07-30 13:52 - 2015-08-10 16:10 - 00003322 _____ C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup
2015-07-30 13:25 - 2015-07-30 13:26 - 00033015 _____ C:\Users\Tamara\Downloads\jsr305-1.3.9.jar
2015-07-30 13:17 - 2015-07-30 13:17 - 00100253 _____ C:\Users\Tamara\Downloads\view-source_https___ssl.gstatic.com_gb_js_smm_bfe0afb84c87e8d0836810f23cfa4a68.js
2015-07-30 13:15 - 2015-07-30 13:15 - 00100253 _____ C:\Users\Tamara\Downloads\WindowsPreviewPerTab.jsm.js
2015-07-30 07:33 - 2015-07-30 07:33 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1).zip
2015-07-30 07:22 - 2015-07-30 19:37 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1
2015-07-30 07:20 - 2015-07-30 07:20 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1.zip
2015-07-30 07:07 - 2015-07-30 07:09 - 27989226 _____ C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.1.zip
2015-07-29 17:10 - 2015-07-29 17:10 - 00852190 _____ C:\Users\Tamara\Downloads\E93C.tmp
2015-07-29 17:08 - 2015-07-29 17:08 - 00852190 _____ C:\Users\Tamara\Documents\Setup (1).zip
2015-07-29 17:07 - 2015-07-29 17:07 - 00852237 _____ C:\Users\Tamara\Documents\Setup.zip
2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\profile.json
2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\audioprofile.json
2015-07-29 11:06 - 2015-08-05 00:18 - 00000000 ____D C:\Users\Tamara\Documents\app
2015-07-29 11:06 - 2015-07-31 02:34 - 00000000 ____D C:\Users\Tamara\Documents\example
2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\testcase
2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\manual
2015-07-29 11:06 - 2012-09-10 16:08 - 00065037 _____ C:\Users\Tamara\Documents\simple_html_dom.php
2015-07-29 11:03 - 2015-07-29 11:03 - 00343783 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5.zip
2015-07-29 06:48 - 2015-07-29 06:48 - 00421153 _____ C:\Users\Tamara\Documents\Timeline.html
2015-07-29 06:35 - 2015-08-05 00:08 - 00037189 _____ C:\Windows\system32\ScanResults.xml
2015-07-29 06:29 - 2015-08-04 23:53 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-29 05:09 - 2015-07-29 05:09 - 00004017 _____ C:\Users\Tamara\Downloads\www.google.com.har
2015-07-28 14:05 - 2015-08-03 06:50 - 00000000 ____D C:\Windows\Panther
2015-07-28 11:56 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 11:56 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 11:56 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 11:56 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 07:30 - 2015-08-10 22:08 - 00000000 ____D C:\Users\Tamara\Documents\ProPCCleaner
2015-07-28 07:30 - 2015-07-28 07:15 - 00081235 _____ C:\Users\Tamara\Documents\a111
2015-07-28 06:39 - 2015-07-28 06:36 - 07676608 _____ (Microsoft Corporation) C:\Users\Tamara\Downloads\OneDriveSetup(1).exe
2015-07-28 05:50 - 2015-07-28 06:42 - 00000000 _____ C:\Users\Tamara\Downloads\OneDrive-2015-07-28.zip
2015-07-27 21:02 - 1980-01-01 00:00 - 00000078 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-1.20.0.jar.properties
2015-07-27 20:10 - 2015-07-27 20:05 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document.jnt
2015-07-27 07:45 - 2015-07-27 07:47 - 00001436 _____ C:\Users\Tamara\Downloads\google-api-services-translate-v2-rev41-java-1.20.0 (1) (1).zip
2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\stlye sheet
2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\new sheet 3
2015-07-26 12:04 - 2015-07-26 12:04 - 00000310 _____ C:\Users\Tamara\Downloads\11plaintext.css
2015-07-26 11:34 - 2015-07-26 11:34 - 00005915 _____ C:\Users\Tamara\Downloads\inlinestylesheet
2015-07-26 04:52 - 2015-07-26 04:52 - 00000000 ____D C:\Users\Tamara\AppData\Local\{423BD323-F769-402D-8A9A-DBFD96A69F1F}
2015-07-26 02:27 - 2015-07-26 02:27 - 00000310 _____ C:\Users\Tamara\Downloads\plaintext.css
2015-07-26 02:27 - 2015-07-26 02:27 - 00000000 _____ C:\Users\Tamara\Downloads\new style sheet
2015-07-26 01:41 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Downloads\mail.google.com.har
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-25 21:09 - 2012-02-20 17:01 - 00000340 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 21:04 - 2015-07-22 12:31 - 00001982 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 21:04 - 2015-05-27 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-25 21:04 - 2014-09-14 00:52 - 00001982 _____ C:\Users\Teagan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 21:00 - 2015-06-16 13:12 - 00000000 ____D C:\Users\Tamara\Documents\PCPrivacyDock
2015-08-25 21:00 - 2012-01-06 06:05 - 01064337 _____ C:\Windows\WindowsUpdate.log
2015-08-25 20:59 - 2015-05-30 20:07 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-08-25 20:58 - 2015-07-02 16:16 - 00000404 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-08-25 20:57 - 2012-07-26 19:08 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Skype
2015-08-25 20:56 - 2015-06-16 13:12 - 00003388 _____ C:\Windows\System32\Tasks\PCPrivacyDock_Popup
2015-08-25 20:56 - 2015-06-14 16:47 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup
2015-08-25 20:56 - 2015-06-14 16:47 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job
2015-08-25 20:55 - 2015-06-14 16:47 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-08-25 20:55 - 2015-05-30 20:07 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-08-25 20:55 - 2013-04-05 18:28 - 00000430 _____ C:\Windows\Tasks\BeFrugal.com Toolbar.job
2015-08-25 20:53 - 2014-12-20 20:41 - 00016850 _____ C:\Windows\setupact.log
2015-08-25 20:53 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 20:53 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-08-25 20:52 - 2012-05-04 01:31 - 01454228 _____ C:\Windows\PFRO.log
2015-08-25 19:44 - 2015-05-30 23:22 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA.job
2015-08-25 19:28 - 2012-05-10 12:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 19:18 - 2015-07-20 03:18 - 00000000 ____D C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541
2015-08-25 18:49 - 2012-02-14 18:09 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6264EE9B-C5D9-4186-BD2F-866C9E938132}
2015-08-25 18:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-24 22:36 - 2015-06-10 04:20 - 00000000 ____D C:\Users\Tamara\New folder (5)
2015-08-24 22:36 - 2012-02-14 18:05 - 00000000 ____D C:\Users\Tamara
2015-08-24 22:12 - 2015-07-02 16:12 - 00000342 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job
2015-08-24 21:30 - 2015-05-24 14:34 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-24 21:19 - 2015-03-06 23:03 - 00000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL.002
2015-08-24 20:15 - 2012-02-27 23:04 - 00000000 ____D C:\Users\Tamara\AppData\Local\CrashDumps
2015-08-24 16:44 - 2015-05-30 23:22 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core.job
2015-08-24 16:32 - 2014-11-24 04:27 - 00000000 ____D C:\Users\HomeGroupUser$
2015-08-24 16:18 - 2015-07-02 16:16 - 00000000 ____D C:\Program Files (x86)\File Type Assistant
2015-08-24 15:38 - 2015-07-05 03:46 - 00000000 ____D C:\Users\Tamara\.gimp-2.6
2015-08-24 11:47 - 2015-07-24 04:16 - 00000024 _____ C:\Users\Tamara\AppData\Roaming\appdataFr25.bin
2015-08-23 00:53 - 2015-06-15 06:00 - 00000000 ____D C:\Users\Tamara\OneDrive
2015-08-20 00:12 - 2012-03-04 21:51 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\SoftGrid Client
2015-08-19 19:38 - 2015-06-15 06:00 - 00002164 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-08-19 07:37 - 2012-02-22 13:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-19 01:04 - 2015-05-30 20:07 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-12 05:38 - 2015-07-20 03:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-10 23:30 - 2012-03-25 19:05 - 00000000 ____D C:\ProgramData\MFAData
2015-08-10 16:39 - 2015-05-30 23:22 - 00003910 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA
2015-08-10 16:39 - 2015-05-30 23:22 - 00003542 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core
2015-08-10 02:57 - 2015-07-02 16:06 - 00000621 _____ C:\Users\Tamara\Downloads\freefileviewer-setup (1).website
2015-08-09 20:25 - 2015-07-24 04:14 - 00000000 ____D C:\Program Files (x86)\BrowwSeeaNdshopp
2015-08-09 18:39 - 2015-07-24 04:14 - 00000000 ____D C:\ProgramData\2753230890292649159
2015-08-09 17:39 - 2013-10-22 18:54 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\WildTangent
2015-08-09 17:39 - 2011-10-26 00:16 - 00000000 ____D C:\ProgramData\WildTangent
2015-08-06 20:24 - 2009-07-14 01:08 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-06 10:59 - 2015-05-30 20:07 - 00000000 ____D C:\Users\Tamara\AppData\Local\Dropbox
2015-08-06 10:42 - 2015-07-04 21:28 - 00000000 ____D C:\Users\Tamara\Documents\New folder
2015-08-05 05:03 - 2009-07-14 01:13 - 00882368 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 18:52 - 2015-07-04 20:52 - 00000000 ____D C:\Users\Tamara\Downloads\7Bing Maps_files
2015-08-04 13:41 - 2015-06-09 02:11 - 00000000 ____D C:\Users\Tamara\AppData\Local\TNT2
2015-08-04 09:03 - 2015-05-30 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-03 06:44 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT
2015-08-02 20:18 - 2012-05-04 01:18 - 00000000 ____D C:\Users\Tamara\AppData\Local\LogMeIn Rescue Calling Card
2015-08-02 07:18 - 2015-03-16 00:13 - 00005824 _____ C:\Users\Tamara\ipconfig.all.txt
2015-08-02 04:24 - 2015-07-24 04:12 - 00000000 ____D C:\ProgramData\{4ebbcc12-b465-cb48-4ebb-bcc12b46304a}
2015-08-02 01:25 - 2015-07-24 05:48 - 00000000 ____D C:\Program Files (x86)\RDS bar seo pagerank dmoz alexa pr
2015-08-02 01:20 - 2015-04-09 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2015-08-01 03:05 - 2011-10-26 00:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-01 03:04 - 2011-10-26 00:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-07-31 19:07 - 2015-07-20 23:36 - 00000000 ____D C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.0
2015-07-31 15:35 - 2015-07-07 06:29 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2015-07-30 23:03 - 2012-03-25 12:42 - 00000000 ____D C:\Program Files (x86)\SMPlayer
2015-07-30 18:36 - 2011-08-31 14:05 - 00000000 ___HD C:\HP
2015-07-30 14:04 - 2014-11-25 02:55 - 00000000 ___RD C:\Users\Tamara\Documents\Notes
2015-07-30 06:41 - 2015-07-03 20:12 - 00000924 _____ C:\Users\Tamara\Downloads\dBpowerampMusicConverterSetup-2719021 (1).website
2015-07-29 16:20 - 2015-07-20 04:28 - 00000000 ____D C:\ProgramData\Oracle
2015-07-29 16:20 - 2012-04-23 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-29 09:53 - 2015-05-12 04:48 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-29 03:52 - 2015-07-07 15:31 - 03466368 _____ C:\Users\Tamara\Documents\My Videos.zip
2015-07-29 03:01 - 2014-05-28 14:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 02:22 - 2012-02-22 19:57 - 00000000 ____D C:\Users\Tamara\AppData\Local\Google
 
==================== Files in the root of some directories =======
 
2015-07-07 02:17 - 2015-07-07 02:29 - 6420480 _____ () C:\Program Files (x86)\GUTAD75.tmp
2015-07-23 20:53 - 2015-07-23 20:53 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-07-24 04:16 - 2015-08-24 11:47 - 0000024 _____ () C:\Users\Tamara\AppData\Roaming\appdataFr25.bin
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filter
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filters
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Flags
2015-05-27 19:49 - 2015-05-31 01:46 - 0000115 _____ () C:\Users\Tamara\AppData\Roaming\LogFile.txt
2014-12-03 06:25 - 2014-12-05 00:51 - 0000002 _____ () C:\Users\Tamara\AppData\Roaming\QWInstall.log
2015-06-16 14:10 - 2015-06-27 23:10 - 0000125 _____ () C:\Users\Tamara\AppData\Roaming\WB.CFG
2012-02-15 18:16 - 2015-07-03 01:01 - 0013312 _____ () C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-27 15:38 - 2015-01-27 15:38 - 0000088 _____ () C:\Users\Tamara\AppData\Local\fd085c24e1db67146ef33388fc5e490b
2014-09-19 16:58 - 2014-12-03 04:42 - 0007609 _____ () C:\Users\Tamara\AppData\Local\Resmon.ResmonCfg
2012-02-18 18:20 - 2012-02-18 18:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flanger
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flowers
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Folder Actions
2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Generic
2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Grapher
2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Guides
2012-05-06 00:29 - 2015-06-15 17:59 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2012-05-06 00:29 - 2015-07-24 21:50 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-05-06 00:29 - 2015-07-05 05:47 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-07-03 20:50 - 2015-07-03 20:50 - 0001672 _____ () C:\ProgramData\tempimage.bmp
 
Files to move or delete:
====================
C:\Users\Tamara\api.js
C:\Users\Tamara\FRST64.exe
 
 
Some files in TEMP:
====================
C:\Users\Tamara\AppData\Local\Temp\035c0b5da1cfe02625a814e7698b8cbe-install_reader11_en_mssd_aaa_aih.exe
C:\Users\Tamara\AppData\Local\Temp\AdobeReaderUpdateSetup.exe
C:\Users\Tamara\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Tamara\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Tamara\AppData\Local\Temp\cct.dll
C:\Users\Tamara\AppData\Local\Temp\dealup.exe
C:\Users\Tamara\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Tamara\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\Tamara\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Tamara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbt4c5m.dll
C:\Users\Tamara\AppData\Local\Temp\ICReinstall_JSE_install_app-1438382652219.exe
C:\Users\Tamara\AppData\Local\Temp\JavaIC.dll
C:\Users\Tamara\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379113737.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379125754.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379445486.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379456885.exe
C:\Users\Tamara\AppData\Local\Temp\msscct32.dll
C:\Users\Tamara\AppData\Local\Temp\Player Setup.exe
C:\Users\Tamara\AppData\Local\Temp\rad020D8.tmp-1437585890582.exe
C:\Users\Tamara\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Tamara\AppData\Local\Temp\res.dll
C:\Users\Tamara\AppData\Local\Temp\Setup-1438279205634.exe
C:\Users\Tamara\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tamara\AppData\Local\Temp\SMPlayerUpdateSetup.exe
C:\Users\Tamara\AppData\Local\Temp\sp64126.exe
C:\Users\Tamara\AppData\Local\Temp\SpOrder.dll
C:\Users\Tamara\AppData\Local\Temp\sqlite3.exe
C:\Users\Tamara\AppData\Local\Temp\supoptsetup.exe
C:\Users\Tamara\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Tamara\AppData\Local\Temp\YSearchUtil.dll
C:\Users\Tamara\AppData\Local\Temp\{87CAD8CA-F0C3-41C3-9413-0916A2597929}-43.0.2357.132_43.0.2357.130_chrome_updater.exe
C:\Users\Tamara\AppData\Local\Temp\{9CB978D1-4662-4F48-8F72-86D7C27901FC}-43.0.2357.130_43.0.2357.124_chrome_updater.exe
C:\Users\Tamara\AppData\Local\Temp\{B83C1F7E-534B-43DF-9734-AF72BD38F24C}-43.0.2357.132_43.0.2357.130_chrome_updater.exe
C:\Users\Tamara\AppData\Local\Temp\{F864D147-A485-4AF4-B64E-B52E70659FFA}-44.0.2403.89_43.0.2357.134_chrome_updater.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-24 17:10
 
==================== End of FRST.txt ============================
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015

Ran by Tamara (administrator) on TAMARA-HP (25-08-2015 21:21:05)

Running from C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\Desktop

Loaded Profiles: Tamara (Available Profiles: Tamara & Teagan & Classic .NET AppPool & DefaultAppPool)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser not detected!)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Kromtech) C:\Program Files\Kromtech\Common\AccountService.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe

(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Windows\System32\CISVC.EXE

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

() C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE

(Microsoft Corporation) C:\Windows\System32\snmp.exe

() C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe

(Mindspark) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Irrational Number Applications) C:\ProgramData\siwPSKm\bnFKybbr.exe

(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe

(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe

(Trusted Software ApS) C:\Program Files (x86)\File Type Assistant\tsassist.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

(PC Privacy Dock) C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe

(© 2015 Microsoft Corporation) C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe

(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

() C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

() C:\Program Files (x86)\OLBPre\OLBPre.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe

(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe

(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe

(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe

(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\ProgramData\Aorewumi\1.0.4.1\bsacsuob.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe

(Farbar) C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\Desktop\FRST64 (1).exe

 

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-31] (IDT, Inc.)

HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)

HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)

HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)

HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-05] (Dropbox, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)

HKLM-x32\...\Run: [VideoDownloadConverter EPM Support] => C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe [11624 2015-07-24] (Mindspark)

Winlogon\Notify\ScCertProp: wlnotify.dll [X]

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Driver Manager] => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Facebook Update] => C:\Users\Tamara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-08-10] (Facebook Inc.)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [PCPrivacyDock] => C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe [4571472 2015-04-14] (PC Privacy Dock)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [BingSvc] => C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exe

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleChromeAutoLaunch_F8FE182011A15AC917B8387A39BFDA5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\RunOnce: [Uninstall C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64"

HKU\S-1-5-18\...\Run: [] => [X]

AppInit_DLLs-x32: c:\progra~3\{bf845~1\1173~1.1\taci.dll => "c:\progra~3\{bf845~1\1173~1.1\taci.dll" File not found

Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2015-07-02]

ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()

Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk [2015-08-24]

ShortcutTarget: RapidMediaConverterApp.lnk -> C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe ()

ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-2578401405-4068804440-3125762638-1006\User: Restriction detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-tr-rhb-30__alt__ddc_dsssyc_bd_com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs

HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11473&guid={8852908C-DEB4-4535-88DD-654880518ECE}&i=

URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll (Yahoo! Inc.)

URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (Mindspark)

SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =

SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKLM -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKLM-x32 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> OldSearch URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL =

SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-w3i&type=W3i_YT,191,8_4,Search,20120208,18370,0,18,0

BHO-x32: Toolbar BHO -> {312f84fb-8970-4fd3-bddb-7012eac4afc9} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)

BHO-x32: Search Assistant BHO -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2015-07-24] (Mindspark)

Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)

Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} -  No File

Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} -  No File

Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} -  No File

DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: HKLM-x32 {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)

Tcpip\Parameters: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{2EBDFDEB-1704-4BAC-875D-80117ADF2E51}: [DhcpNameServer] 66.252.91.254 66.252.95.254

Tcpip\..\Interfaces\{6A4986A7-6AAF-45A0-A3B7-9A20F7E89FAA}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{BBC92EF3-C8C4-480A-A8B8-FF391EB9A9FE}: [DhcpNameServer] 192.168.0.1 192.168.0.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF ProfilePath: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default

FF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyctab_bd_com

FF DefaultSearchEngine: Yahoo Search!

FF DefaultSearchEngine.US: Yahoo Search!

FF SearchEngineOrder.3: Bing

FF SelectedSearchEngine: Yahoo Search!

FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyc_bd_com

FF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}

FF NetworkProxy: "no_proxies_on", ""

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)

FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tamara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @tnt2npapi.com/Plugin -> C:\Users\Tamara\AppData\Local\TNT2\2.0.0.1995\npTNT2.dll [2015-08-04] (Eshield)

FF user.js: detected! => C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\user.js [2015-08-04]

FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\bing-.xml [2015-07-04]

FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\yahoo-search.xml [2015-07-24]

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension

FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-02-18]

FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]

FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]

 

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-28]

CHR Extension: (Facebook Full-size Profile Pictures) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcgdkfpobnjbhhmmelbojdakpehniof [2015-03-28]

CHR Extension: (Mimecraft PC) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajbhloofjoigjdgaadhonkgeemecoijm [2015-04-03]

CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]

CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-28]

CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-28]

CHR Extension: (Record Page) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkbhhlnpdncfkammaaofgmhdmealgmh [2015-07-20]

CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-04]

CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-03-29]

CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-04]

CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-03-29]

CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-03-31]

CHR Extension: (Popular on Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfhhaffkfckcjcjeoemhjocccdeicidi [2015-03-31]

CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-03-31]

CHR Extension: (HD Movie Center) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncmlfjkhonpilhfcekklkdemnphabhp [2015-04-14]

CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-04-10]

CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-28]

CHR Extension: (Google Play Movies & TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2015-03-28]

CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghccgmeejadcgmebbfmcmknnhdjkmdkm [2015-07-02]

CHR Extension: (Downloadr - Download Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-03-30]

CHR Extension: (Bookmark Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]

CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-03-29]

CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-03-31]

CHR Extension: (Get The Results Hub) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\holighkmkclhlejkfajgfomgjakgdpkj [2015-07-20]

CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-04-14]

CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-04-01]

CHR Extension: (Chrome to Mobile) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2015-03-31]

CHR Extension: (Minicraft 3D) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebmaannmcmihccbmpbcgcpmecgbkaic [2015-04-03]

CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-03-30]

CHR Extension: (Blazer Deals) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkneaeopaflijpnmdifmmachekjmekkd [2015-07-31]

CHR Extension: (List Progress Bar for Trello) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhahganeobopkelbdeljamclomlhhjg [2015-08-09]

CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-28]

CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-04-01]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-28]

CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-03-30]

CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-03-28]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-31]

CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-30]

CHR Extension: (Google Cast API) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafeflapfdfljijmlienjedomfjfmhpd [2015-03-28]

CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-03-31]

CHR Extension: (Live TV Free - TV 360) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nananoifaaimehnlhoolpggpgkbefdom [2015-03-29]

CHR Extension: (WeatherBug) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-03-28]

CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-28]

CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-03-28]

CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-05-31]

CHR Extension: (Radio Homepage) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhinfcomikigclgegiaffddapmdlocg [2015-04-02]

CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-04-02]

CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-04-13]

CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-04]

CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1

CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]

CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]

CHR Extension: (JSON Formatter) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2015-06-09]

CHR Extension: (Open with Google Drive™ Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2015-06-11]

CHR Extension: (Tools for Google Maps™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljpanecjjlonmoiofelcmkkpojcalcb [2015-06-10]

CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-20]

CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]

CHR Extension: (JSON Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2015-06-09]

CHR Extension: (Drive Files to Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idamojobbhfpcbdnkekoinbmobhkjojk [2015-06-28]

CHR Extension: (FromDocToPDF) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imgmnliijnmlfabhlpajkebggoeicphi [2015-06-14]

CHR Extension: (Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-19]

CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcimnckjiicikfpppcgnjhiflibbnbel [2015-08-25]

CHR Extension: (XML, JSON Viewer with Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnbmejbkgjdhmhbdbfjioejeeojnpkon [2015-06-11]

CHR Extension: (Google Maps API Checker) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlikepnkghhlnkgeejmlkfeheihlehne [2015-06-09]

CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-19]

CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]

CHR Extension: (CrushArcade) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnhjnmacgahapmnnifmneapinilajfol [2015-06-12]

CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2

CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-07]

CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-07]

CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-07]

CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-06-07]

CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-07]

CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-06-07]

CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-07]

CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-06-07]

CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-06-07]

CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-09]

CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-06-07]

CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-07]

CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-06-09]

CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-06-07]

CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-06-07]

CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-06-07]

CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-06-07]

CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-06-07]

CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-06-07]

CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-06-07]

CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-06-07]

CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-06-07]

CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-06-07]

CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-06-07]

CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]

CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-06-07]

CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-06-07]

CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-06-07]

CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-07]

CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3

CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-21]

CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4

CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]

CHR Extension: (Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]

CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-10]

CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-10]

CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-10]

CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-10]

CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-08-10]

CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]

CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-10]

CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]

CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx

CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tamara\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-06-06]

CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.goo...ice/update2/crx

CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx

CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - https://clients2.goo...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 00977a63; c:\Program Files (x86)\LighterInit\LighterInit.dll [2238976 2015-07-23] () [File not signed]

R2 088c3b28; c:\Program Files (x86)\LibrarySystem\LibrarySystem.dll [2622464 2015-08-09] () [File not signed]

R2 310a2fa8; c:\Program Files (x86)\ReactorRise\ReactorRise.dll [2640384 2015-08-06] () [File not signed]

R2 AccountService; C:\Program Files\Kromtech\Common\AccountService.exe [211248 2015-02-04] (Kromtech) <==== ATTENTION

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [File not signed]

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)

R2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [348056 2012-12-05] (Capital Intellect, Inc.)

R2 bnFKybbr; C:\ProgramData\siwPSKm\bnFKybbr.exe [2732024 2015-08-24] (Irrational Number Applications)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)

R2 d3a378f6; c:\Program Files (x86)\RelaySubs\RelaySubs.dll [2477056 2015-08-09] () [File not signed]

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)

R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)

S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-12] (WildTangent)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-10-31] (Realsil Microelectronics Inc.) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)

R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)

R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)

R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)

R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)

R2 Service Mgr GetTheResultsHub; C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe [1195224 2015-08-25] ()

R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)

R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)

R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)

R2 Update Mgr GetTheResultsHub; C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe [704728 2015-08-24] ()

R2 VideoDownloadConverter_4zService; C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [89448 2015-07-24] (Mindspark)

R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)

S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]

S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

 

===================== Drivers (Whitelisted) ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-25] (SlimWare Utilities, Inc.)

S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]

S3 clwvd; system32\DRIVERS\clwvd.sys [X]

S3 cpuz134; \??\C:\Users\Tamara\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

S1 csfd_1_10_0_17; system32\drivers\csfd_1_10_0_17.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-08-25 20:59 - 2015-08-25 21:01 - 00000000 ____D C:\ProgramData\Radio

2015-08-25 19:36 - 2015-07-29 03:52 - 03466368 _____ C:\Users\Tamara\Documents\My Videos - Copy.zip

2015-08-25 19:29 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Documents\TimelineRawData-20150801T234304.json

2015-08-25 19:28 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Documents\WebKitSupportLibrary.zip

2015-08-25 19:27 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Documents\WebKitAuxiliaryLibrary.zip

2015-08-25 19:23 - 2015-08-25 19:34 - 00122220 _____ C:\Users\Tamara\Downloads\BonjourSetup.exe

2015-08-25 00:53 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Downloads\WebKitAuxiliaryLibrary.zip

2015-08-25 00:52 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Downloads\WebKitSupportLibrary.zip

2015-08-24 23:57 - 2015-08-24 23:57 - 00000000 ____D C:\WebShield

2015-08-24 23:33 - 2015-08-25 21:04 - 00001858 _____ C:\Users\Public\Desktop\Google  Chrome.lnk

2015-08-24 23:31 - 2015-08-25 21:04 - 00001888 _____ C:\Users\Public\Desktop\speed browser.lnk

2015-08-24 23:31 - 2015-08-25 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser

2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\speed browser

2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Program Files (x86)\speed browser

2015-08-24 22:59 - 2015-08-24 22:59 - 00000000 ____D C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.1

2015-08-24 22:30 - 2015-08-24 22:30 - 00000000 ____D C:\Users\Tamara\Downloads\NetworkDeviceMonitor-v1

2015-08-24 21:59 - 2015-08-24 22:50 - 01134048 _____ (Download Assistant) C:\Users\Tamara\Downloads\Notepad  Setup-25985873.exe

2015-08-24 21:37 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Documents\mail.google.com.har

2015-08-24 21:36 - 2015-06-15 15:08 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52 (1).rar

2015-08-24 21:36 - 2015-06-15 12:13 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52.rar

2015-08-24 21:36 - 2015-03-16 21:36 - 75737721 _____ C:\Users\Tamara\Documents\lws220.dmg

2015-08-24 21:30 - 2015-08-24 21:30 - 00002441 _____ C:\Users\Public\Desktop\Bonjour Printer Wizard.lnk

2015-08-24 21:30 - 2015-08-24 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour

2015-08-24 20:57 - 2015-08-24 20:57 - 00000000 ____D C:\Users\Tamara\Documents\google-api-java-client-dev (1)

2015-08-24 20:33 - 2015-08-24 16:42 - 00000008 ____H C:\Users\Tamara\Documents\sentinel

2015-08-24 18:29 - 2015-08-24 18:29 - 00003364 _____ C:\Windows\System32\Tasks\{EB8E5C55-830D-4446-8A2A-97ED2AD69720}

2015-08-24 17:57 - 2015-08-24 18:13 - 00017051 _____ C:\Users\Tamara\Downloads\RapidMediaConverter (2).exe

2015-08-24 17:55 - 2015-08-24 18:28 - 00453203 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter (1).exe.7x3ppbx.partial

2015-08-24 17:46 - 2015-08-24 18:28 - 01053643 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter.exe.4echy0u.partial

2015-08-24 16:56 - 2015-08-24 16:56 - 00000000 ____D C:\Program Files (x86)\VideoDownloadConverter_4z

2015-08-24 15:19 - 2015-08-25 01:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\WebShield

2015-08-24 15:15 - 2015-08-25 21:01 - 00003434 _____ C:\Windows\System32\Tasks\Aorewumi

2015-08-24 15:10 - 2015-08-24 15:15 - 00000000 ____D C:\ProgramData\Aorewumi

2015-08-24 15:04 - 2015-08-24 15:18 - 00000000 ____D C:\ProgramData\siwPSKm

2015-08-24 15:04 - 2015-08-24 15:04 - 00000000 ____D C:\ProgramData\WebShield

2015-08-24 14:52 - 2015-08-24 20:15 - 00000000 ____D C:\Users\Tamara\AppData\Local\RapidMediaConverter

2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter

2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Program Files (x86)\RapidMediaConverter

2015-08-24 14:21 - 2015-08-24 14:21 - 00073549 _____ C:\Users\Tamara\originalAddition.txt

2015-08-24 14:13 - 2015-08-24 14:13 - 00139253 _____ C:\Users\Tamara\Shortcut.txt

2015-08-24 14:10 - 2015-08-24 14:13 - 00073549 _____ C:\Users\Tamara\Addition.txt

2015-08-24 14:08 - 2015-08-24 14:13 - 00178146 _____ C:\Users\Tamara\FRST.txt

2015-08-24 14:07 - 2015-08-25 21:21 - 00000000 ____D C:\FRST

2015-08-24 14:03 - 2015-08-24 14:07 - 02186752 _____ (Farbar) C:\Users\Tamara\FRST64.exe

2015-08-24 12:46 - 2015-08-24 21:39 - 00000000 ____D C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html  bullshit_files

2015-08-24 12:46 - 2015-08-24 12:46 - 00092978 _____ C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html  [bleep].html

2015-08-23 00:52 - 2015-08-24 11:46 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForTamara.job

2015-08-23 00:52 - 2015-08-23 00:52 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTamara

2015-08-20 00:13 - 2015-08-20 00:13 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat

2015-08-19 01:04 - 2015-08-19 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-08-12 11:28 - 2015-08-12 11:28 - 00004582 _____ C:\Users\Tamara\Documents\scanprivatecalendarDocument.odt

2015-08-12 06:17 - 2015-08-12 06:17 - 00231702 _____ C:\Users\Tamara\Downloads\maps1

2015-08-12 06:01 - 2015-08-12 06:01 - 37214505 _____ C:\Users\Tamara\Downloads\Google Maps 4.7.0.ipa

2015-08-10 13:02 - 2015-08-10 13:12 - 00000000 ____D C:\Users\Tamara\AppData\Local\ISL Online Cache

2015-08-10 10:04 - 2015-08-24 23:18 - 00000000 ____D C:\ProgramData\Browser

2015-08-10 05:57 - 2015-08-10 05:57 - 00000000 ____D C:\CrimeWatch

2015-08-10 05:34 - 2015-08-25 21:04 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-10 04:58 - 2015-08-10 04:58 - 00000000 ____D C:\ProgramData\PC Privacy Dock

2015-08-10 04:52 - 2015-08-10 22:09 - 00003511 _____ C:\Windows\SysWOW64\mlogger.log

2015-08-10 03:38 - 2015-08-10 03:38 - 00003200 _____ C:\Windows\System32\Tasks\PROPCCleaner_Start

2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall

2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Local\PRO_PC_Cleaner

2015-08-10 03:18 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Documents\常用词.html

2015-08-10 01:36 - 2015-08-10 01:36 - 00000000 ____D C:\Spacekace

2015-08-09 20:49 - 2015-08-09 20:49 - 00000000 ____D C:\Program Files (x86)\LibrarySystem

2015-08-09 18:38 - 2015-08-09 18:38 - 00000000 ____D C:\Program Files (x86)\List Progress Bar for Trello

2015-08-09 18:33 - 2015-08-09 18:33 - 00000000 ____D C:\Program Files (x86)\TakeTTheCouupOn

2015-08-09 18:32 - 2015-08-09 18:32 - 00000000 ____D C:\Program Files (x86)\TakeTheeCouponn

2015-08-09 17:52 - 2015-08-09 17:52 - 00000000 ____D C:\Program Files (x86)\RelaySubs

2015-08-06 23:36 - 2015-08-06 23:36 - 00001436 _____ C:\Users\Tamara\Downloads\[email protected] (1) (1).zip

2015-08-06 22:51 - 2015-08-06 22:51 - 00005923 _____ C:\Users\Tamara\Downloads\aolauth.min.js

2015-08-06 22:48 - 2015-08-06 22:48 - 00008797 _____ C:\Users\Tamara\Downloads\map more info

2015-08-06 22:45 - 2015-08-06 22:45 - 00001151 _____ C:\Users\Tamara\Downloads\Store.html

2015-08-06 22:43 - 2015-08-06 22:43 - 00005309 _____ C:\Users\Tamara\Downloads\map more info.ttj

2015-08-06 22:42 - 2015-08-06 22:42 - 00114710 _____ C:\Users\Tamara\Downloads\map with more info moatuac.js

2015-08-06 22:40 - 2015-08-06 22:40 - 00000953 ____R C:\Users\Tamara\Downloads\get time privacy_banner.js

2015-08-06 22:37 - 2015-08-06 22:37 - 00036804 _____ C:\Users\Tamara\Downloads\adsWrapper.js

2015-08-06 22:26 - 2015-08-06 22:26 - 00141993 _____ C:\Users\Tamara\Downloads\map2015

2015-08-06 10:52 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5) - Copy

2015-08-06 10:48 - 2015-08-06 10:48 - 00000000 ____D C:\Users\Tamara\Documents\New folder (11)

2015-08-06 07:01 - 2015-08-06 07:01 - 00000000 ____D C:\Program Files (x86)\ReactorRise

2015-08-05 20:28 - 2015-08-05 20:28 - 00010403 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_1

2015-08-05 20:26 - 2015-08-05 20:26 - 00113519 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_0

2015-08-05 20:25 - 2015-08-05 20:25 - 00000000 ____D C:\Users\Tamara\New folder (8)

2015-08-05 20:21 - 2015-08-05 20:21 - 00068852 _____ C:\Users\Tamara\Downloads\playlistgkyoutube

2015-08-05 04:45 - 2015-08-05 04:45 - 00000000 ____D C:\Users\Tamara\AppData\Local\{98FC7EB0-0331-439C-976E-46284944AEB1}

2015-08-05 00:53 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1 (1).jar

2015-08-05 00:33 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1.jar

2015-08-04 21:11 - 2015-08-04 21:11 - 00012048 _____ C:\Users\Tamara\Documents\google-http-client-android-1.20.0.jar

2015-08-04 19:13 - 2015-08-05 00:33 - 00813896 _____ (Google Inc.) C:\Users\Tamara\Downloads\chrome.exe

2015-08-04 18:43 - 2015-08-04 18:43 - 00000000 ____D C:\Users\Tamara\Google Drive

2015-08-04 13:41 - 2015-08-04 13:41 - 00000000 ____D C:\Program Files (x86)\TNT2

2015-08-03 00:15 - 2015-08-03 00:16 - 00000000 ____D C:\Users\Tamara\AppData\Local\{C4460E98-73DE-47D3-AAD7-CE7DEC77C6AA}

2015-08-02 02:43 - 2015-08-02 02:43 - 00000836 ____R C:\Users\Tamara\Downloads\Passport (1).htm

2015-08-02 00:01 - 2015-08-02 00:01 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document (2).jnt

2015-08-01 23:43 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Downloads\TimelineRawData-20150801T234304.json

2015-08-01 12:13 - 2015-08-01 12:13 - 00000000 ____D C:\Itibiti

2015-08-01 03:14 - 2015-08-01 03:14 - 00000593 _____ C:\Users\Tamara\Downloads\7FBE.tmp

2015-08-01 03:10 - 2015-08-01 03:10 - 00000593 _____ C:\Users\Tamara\Downloads\708D.tmp

2015-07-31 21:21 - 2015-07-31 21:21 - 00004677 _____ C:\Users\Tamara\Downloads\events_microformats.js

2015-07-31 18:38 - 2015-07-31 18:38 - 02175123 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5 (1).zip

2015-07-31 18:25 - 2015-07-31 18:25 - 06607199 _____ C:\Users\Tamara\Documents\client_crm (1).zip

2015-07-31 18:24 - 2015-07-31 18:24 - 00000115 _____ C:\Users\Tamara\Downloads\guava-jdk5-13.0.jar.URL

2015-07-31 18:23 - 2015-07-31 18:23 - 00000000 ____D C:\Users\Tamara\Documents\New folder (3)

2015-07-31 03:46 - 2015-07-31 03:46 - 03466368 _____ C:\Users\Tamara\Downloads\C1D2.tmp

2015-07-31 02:52 - 2015-07-31 02:52 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1)

2015-07-31 02:44 - 2015-07-31 02:44 - 00000000 ____D C:\Users\Tamara\Documents\Setup (1)

2015-07-31 01:44 - 2015-07-31 02:32 - 00000000 ____D C:\Users\Tamara\AppData\6

2015-07-30 23:03 - 2015-07-31 18:01 - 00000000 ____D C:\Users\Tamara\.smplayer

2015-07-30 23:03 - 2015-07-30 23:03 - 00001011 _____ C:\Users\Tamara\Documents\SMPlayer.lnk

2015-07-30 23:03 - 2015-07-30 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer

2015-07-30 22:50 - 2015-07-30 22:50 - 00000000 ____D C:\Users\Tamara\AppData\Local\{19638CB5-8B5F-4F76-95FD-FC0A52B3A83C}

2015-07-30 22:44 - 2015-07-30 22:44 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B.framework

2015-07-30 19:27 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Downloads\常用词.html

2015-07-30 19:00 - 2015-07-30 19:00 - 00000000 ____D C:\Users\Tamara\Downloads\client_crm

2015-07-30 18:21 - 2015-07-30 18:21 - 00000000 ____D C:\Users\Tamara\Documents\New folder (10)

2015-07-30 18:09 - 2015-07-30 18:09 - 00000000 ____D C:\Users\Tamara\Documents\maven1

2015-07-30 18:09 - 1980-01-01 00:00 - 00002660 _____ C:\Users\Tamara\Documents\New folder (9)

2015-07-30 18:04 - 2015-08-10 16:15 - 00000310 _____ C:\Windows\SysWOW64\ff.bin

2015-07-30 18:03 - 2015-08-10 16:10 - 00000552 _____ C:\Windows\SysWOW64\schtasks.bin

2015-07-30 16:04 - 2015-07-30 16:04 - 00000000 _____ C:\Windows\SysWOW64\sho97C8.tmp

2015-07-30 14:59 - 2015-07-30 14:59 - 00000000 ____D C:\Users\Tamara\Documents\dependencies

2015-07-30 14:55 - 2015-07-30 14:55 - 00000000 ____D C:\Users\Tamara\Documents\New folder (8)

2015-07-30 14:54 - 2015-07-30 14:57 - 11524694 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.0 (1).zip

2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (7)

2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (6)

2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5)

2015-07-30 14:34 - 2015-07-30 14:34 - 00616043 _____ C:\Users\Tamara\Documents\google-api-java-client-dev (1).zip

2015-07-30 14:33 - 2015-07-30 14:33 - 00000000 ____D C:\Users\Tamara\AppData\Local\{E0F3D240-7B23-4E9C-BB51-0386E069E33E}

2015-07-30 14:29 - 2015-08-05 00:26 - 00000000 ____D C:\Users\Tamara\Documents\client_crm (1)

2015-07-30 14:26 - 2015-07-30 14:26 - 00000000 ____D C:\Users\Tamara\Documents\json read

2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder (2)

2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder

2015-07-30 14:18 - 2015-07-30 14:18 - 03462694 _____ C:\Users\Tamara\Downloads\client_crm.zip

2015-07-30 13:54 - 2015-07-30 13:54 - 00001059 _____ C:\Users\Public\Desktop\SmartPCFixer.lnk

2015-07-30 13:54 - 2015-07-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer

2015-07-30 13:54 - 2014-05-10 09:24 - 00000229 _____ C:\Users\Public\Desktop\LionSea Software.url

2015-07-30 13:53 - 2015-07-30 13:54 - 00000000 ____D C:\Program Files (x86)\SmartPCFixer

2015-07-30 13:52 - 2015-08-10 16:10 - 00003322 _____ C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup

2015-07-30 13:25 - 2015-07-30 13:26 - 00033015 _____ C:\Users\Tamara\Downloads\jsr305-1.3.9.jar

2015-07-30 13:17 - 2015-07-30 13:17 - 00100253 _____ C:\Users\Tamara\Downloads\view-source_https___ssl.gstatic.com_gb_js_smm_bfe0afb84c87e8d0836810f23cfa4a68.js

2015-07-30 13:15 - 2015-07-30 13:15 - 00100253 _____ C:\Users\Tamara\Downloads\WindowsPreviewPerTab.jsm.js

2015-07-30 07:33 - 2015-07-30 07:33 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1).zip

2015-07-30 07:22 - 2015-07-30 19:37 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1

2015-07-30 07:20 - 2015-07-30 07:20 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1.zip

2015-07-30 07:07 - 2015-07-30 07:09 - 27989226 _____ C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.1.zip

2015-07-29 17:10 - 2015-07-29 17:10 - 00852190 _____ C:\Users\Tamara\Downloads\E93C.tmp

2015-07-29 17:08 - 2015-07-29 17:08 - 00852190 _____ C:\Users\Tamara\Documents\Setup (1).zip

2015-07-29 17:07 - 2015-07-29 17:07 - 00852237 _____ C:\Users\Tamara\Documents\Setup.zip

2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\profile.json

2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\audioprofile.json

2015-07-29 11:06 - 2015-08-05 00:18 - 00000000 ____D C:\Users\Tamara\Documents\app

2015-07-29 11:06 - 2015-07-31 02:34 - 00000000 ____D C:\Users\Tamara\Documents\example

2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\testcase

2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\manual

2015-07-29 11:06 - 2012-09-10 16:08 - 00065037 _____ C:\Users\Tamara\Documents\simple_html_dom.php

2015-07-29 11:03 - 2015-07-29 11:03 - 00343783 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5.zip

2015-07-29 06:48 - 2015-07-29 06:48 - 00421153 _____ C:\Users\Tamara\Documents\Timeline.html

2015-07-29 06:35 - 2015-08-05 00:08 - 00037189 _____ C:\Windows\system32\ScanResults.xml

2015-07-29 06:29 - 2015-08-04 23:53 - 00000464 _____ C:\Windows\system32\ScannerSettings

2015-07-29 05:09 - 2015-07-29 05:09 - 00004017 _____ C:\Users\Tamara\Downloads\www.google.com.har

2015-07-28 14:05 - 2015-08-03 06:50 - 00000000 ____D C:\Windows\Panther

2015-07-28 11:56 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-28 11:56 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-28 11:56 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-28 11:56 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-28 11:56 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-28 11:56 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-28 11:56 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-28 11:56 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-28 07:30 - 2015-08-10 22:08 - 00000000 ____D C:\Users\Tamara\Documents\ProPCCleaner

2015-07-28 07:30 - 2015-07-28 07:15 - 00081235 _____ C:\Users\Tamara\Documents\a111

2015-07-28 06:39 - 2015-07-28 06:36 - 07676608 _____ (Microsoft Corporation) C:\Users\Tamara\Downloads\OneDriveSetup(1).exe

2015-07-28 05:50 - 2015-07-28 06:42 - 00000000 _____ C:\Users\Tamara\Downloads\OneDrive-2015-07-28.zip

2015-07-27 21:02 - 1980-01-01 00:00 - 00000078 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-1.20.0.jar.properties

2015-07-27 20:10 - 2015-07-27 20:05 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document.jnt

2015-07-27 07:45 - 2015-07-27 07:47 - 00001436 _____ C:\Users\Tamara\Downloads\google-api-services-translate-v2-rev41-java-1.20.0 (1) (1).zip

2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\stlye sheet

2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\new sheet 3

2015-07-26 12:04 - 2015-07-26 12:04 - 00000310 _____ C:\Users\Tamara\Downloads\11plaintext.css

2015-07-26 11:34 - 2015-07-26 11:34 - 00005915 _____ C:\Users\Tamara\Downloads\inlinestylesheet

2015-07-26 04:52 - 2015-07-26 04:52 - 00000000 ____D C:\Users\Tamara\AppData\Local\{423BD323-F769-402D-8A9A-DBFD96A69F1F}

2015-07-26 02:27 - 2015-07-26 02:27 - 00000310 _____ C:\Users\Tamara\Downloads\plaintext.css

2015-07-26 02:27 - 2015-07-26 02:27 - 00000000 _____ C:\Users\Tamara\Downloads\new style sheet

2015-07-26 01:41 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Downloads\mail.google.com.har

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-08-25 21:09 - 2012-02-20 17:01 - 00000340 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job

2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-08-25 21:04 - 2015-07-22 12:31 - 00001982 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-08-25 21:04 - 2015-05-27 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-25 21:04 - 2014-09-14 00:52 - 00001982 _____ C:\Users\Teagan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-08-25 21:00 - 2015-06-16 13:12 - 00000000 ____D C:\Users\Tamara\Documents\PCPrivacyDock

2015-08-25 21:00 - 2012-01-06 06:05 - 01064337 _____ C:\Windows\WindowsUpdate.log

2015-08-25 20:59 - 2015-05-30 20:07 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job

2015-08-25 20:58 - 2015-07-02 16:16 - 00000404 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job

2015-08-25 20:57 - 2012-07-26 19:08 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Skype

2015-08-25 20:56 - 2015-06-16 13:12 - 00003388 _____ C:\Windows\System32\Tasks\PCPrivacyDock_Popup

2015-08-25 20:56 - 2015-06-14 16:47 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup

2015-08-25 20:56 - 2015-06-14 16:47 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job

2015-08-25 20:55 - 2015-06-14 16:47 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys

2015-08-25 20:55 - 2015-05-30 20:07 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

2015-08-25 20:55 - 2013-04-05 18:28 - 00000430 _____ C:\Windows\Tasks\BeFrugal.com Toolbar.job

2015-08-25 20:53 - 2014-12-20 20:41 - 00016850 _____ C:\Windows\setupact.log

2015-08-25 20:53 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-08-25 20:53 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\inetsrv

2015-08-25 20:52 - 2012-05-04 01:31 - 01454228 _____ C:\Windows\PFRO.log

2015-08-25 19:44 - 2015-05-30 23:22 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA.job

2015-08-25 19:28 - 2012-05-10 12:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-08-25 19:18 - 2015-07-20 03:18 - 00000000 ____D C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541

2015-08-25 18:49 - 2012-02-14 18:09 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6264EE9B-C5D9-4186-BD2F-866C9E938132}

2015-08-25 18:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF

2015-08-24 22:36 - 2015-06-10 04:20 - 00000000 ____D C:\Users\Tamara\New folder (5)

2015-08-24 22:36 - 2012-02-14 18:05 - 00000000 ____D C:\Users\Tamara

2015-08-24 22:12 - 2015-07-02 16:12 - 00000342 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job

2015-08-24 21:30 - 2015-05-24 14:34 - 00000000 ____D C:\Program Files (x86)\Bonjour

2015-08-24 21:19 - 2015-03-06 23:03 - 00000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL.002

2015-08-24 20:15 - 2012-02-27 23:04 - 00000000 ____D C:\Users\Tamara\AppData\Local\CrashDumps

2015-08-24 16:44 - 2015-05-30 23:22 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core.job

2015-08-24 16:32 - 2014-11-24 04:27 - 00000000 ____D C:\Users\HomeGroupUser$

2015-08-24 16:18 - 2015-07-02 16:16 - 00000000 ____D C:\Program Files (x86)\File Type Assistant

2015-08-24 15:38 - 2015-07-05 03:46 - 00000000 ____D C:\Users\Tamara\.gimp-2.6

2015-08-24 11:47 - 2015-07-24 04:16 - 00000024 _____ C:\Users\Tamara\AppData\Roaming\appdataFr25.bin

2015-08-23 00:53 - 2015-06-15 06:00 - 00000000 ____D C:\Users\Tamara\OneDrive

2015-08-20 00:12 - 2012-03-04 21:51 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\SoftGrid Client

2015-08-19 19:38 - 2015-06-15 06:00 - 00002164 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk

2015-08-19 07:37 - 2012-02-22 13:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log

2015-08-19 01:04 - 2015-05-30 20:07 - 00000000 ____D C:\Program Files (x86)\Dropbox

2015-08-12 05:38 - 2015-07-20 03:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-08-10 23:30 - 2012-03-25 19:05 - 00000000 ____D C:\ProgramData\MFAData

2015-08-10 16:39 - 2015-05-30 23:22 - 00003910 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA

2015-08-10 16:39 - 2015-05-30 23:22 - 00003542 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core

2015-08-10 02:57 - 2015-07-02 16:06 - 00000621 _____ C:\Users\Tamara\Downloads\freefileviewer-setup (1).website

2015-08-09 20:25 - 2015-07-24 04:14 - 00000000 ____D C:\Program Files (x86)\BrowwSeeaNdshopp

2015-08-09 18:39 - 2015-07-24 04:14 - 00000000 ____D C:\ProgramData\2753230890292649159

2015-08-09 17:39 - 2013-10-22 18:54 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\WildTangent

2015-08-09 17:39 - 2011-10-26 00:16 - 00000000 ____D C:\ProgramData\WildTangent

2015-08-06 20:24 - 2009-07-14 01:08 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2015-08-06 10:59 - 2015-05-30 20:07 - 00000000 ____D C:\Users\Tamara\AppData\Local\Dropbox

2015-08-06 10:42 - 2015-07-04 21:28 - 00000000 ____D C:\Users\Tamara\Documents\New folder

2015-08-05 05:03 - 2009-07-14 01:13 - 00882368 _____ C:\Windows\system32\PerfStringBackup.INI

2015-08-04 18:52 - 2015-07-04 20:52 - 00000000 ____D C:\Users\Tamara\Downloads\7Bing Maps_files

2015-08-04 13:41 - 2015-06-09 02:11 - 00000000 ____D C:\Users\Tamara\AppData\Local\TNT2

2015-08-04 09:03 - 2015-05-30 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2015-08-03 06:44 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT

2015-08-02 20:18 - 2012-05-04 01:18 - 00000000 ____D C:\Users\Tamara\AppData\Local\LogMeIn Rescue Calling Card

2015-08-02 07:18 - 2015-03-16 00:13 - 00005824 _____ C:\Users\Tamara\ipconfig.all.txt

2015-08-02 04:24 - 2015-07-24 04:12 - 00000000 ____D C:\ProgramData\{4ebbcc12-b465-cb48-4ebb-bcc12b46304a}

2015-08-02 01:25 - 2015-07-24 05:48 - 00000000 ____D C:\Program Files (x86)\RDS bar seo pagerank dmoz alexa pr

2015-08-02 01:20 - 2015-04-09 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore

2015-08-01 03:05 - 2011-10-26 00:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2015-08-01 03:04 - 2011-10-26 00:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2015-07-31 19:07 - 2015-07-20 23:36 - 00000000 ____D C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.0

2015-07-31 15:35 - 2015-07-07 06:29 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan

2015-07-30 23:03 - 2012-03-25 12:42 - 00000000 ____D C:\Program Files (x86)\SMPlayer

2015-07-30 18:36 - 2011-08-31 14:05 - 00000000 ___HD C:\HP

2015-07-30 14:04 - 2014-11-25 02:55 - 00000000 ___RD C:\Users\Tamara\Documents\Notes

2015-07-30 06:41 - 2015-07-03 20:12 - 00000924 _____ C:\Users\Tamara\Downloads\dBpowerampMusicConverterSetup-2719021 (1).website

2015-07-29 16:20 - 2015-07-20 04:28 - 00000000 ____D C:\ProgramData\Oracle

2015-07-29 16:20 - 2012-04-23 21:46 - 00000000 ____D C:\Program Files (x86)\Java

2015-07-29 09:53 - 2015-05-12 04:48 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-29 03:52 - 2015-07-07 15:31 - 03466368 _____ C:\Users\Tamara\Documents\My Videos.zip

2015-07-29 03:01 - 2014-05-28 14:53 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-29 02:22 - 2012-02-22 19:57 - 00000000 ____D C:\Users\Tamara\AppData\Local\Google

==================== Files in the root of some directories =======

2015-07-07 02:17 - 2015-07-07 02:29 - 6420480 _____ () C:\Program Files (x86)\GUTAD75.tmp

2015-07-23 20:53 - 2015-07-23 20:53 - 0000079 _____ () C:\Program Files (x86)\prefs.js

2015-07-24 04:16 - 2015-08-24 11:47 - 0000024 _____ () C:\Users\Tamara\AppData\Roaming\appdataFr25.bin

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filter

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filters

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Flags

2015-05-27 19:49 - 2015-05-31 01:46 - 0000115 _____ () C:\Users\Tamara\AppData\Roaming\LogFile.txt

2014-12-03 06:25 - 2014-12-05 00:51 - 0000002 _____ () C:\Users\Tamara\AppData\Roaming\QWInstall.log

2015-06-16 14:10 - 2015-06-27 23:10 - 0000125 _____ () C:\Users\Tamara\AppData\Roaming\WB.CFG

2012-02-15 18:16 - 2015-07-03 01:01 - 0013312 _____ () C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-01-27 15:38 - 2015-01-27 15:38 - 0000088 _____ () C:\Users\Tamara\AppData\Local\fd085c24e1db67146ef33388fc5e490b

2014-09-19 16:58 - 2014-12-03 04:42 - 0007609 _____ () C:\Users\Tamara\AppData\Local\Resmon.ResmonCfg

2012-02-18 18:20 - 2012-02-18 18:20 - 0000057 _____ () C:\ProgramData\Ament.ini

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flanger

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flowers

2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Folder Actions

2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Generic

2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Grapher

2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Guides

2012-05-06 00:29 - 2015-06-15 17:59 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT

2012-05-06 00:29 - 2015-07-24 21:50 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT

2012-05-06 00:29 - 2015-07-05 05:47 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT

2015-07-03 20:50 - 2015-07-03 20:50 - 0001672 _____ () C:\ProgramData\tempimage.bmp

Files to move or delete:

====================

C:\Users\Tamara\api.js

C:\Users\Tamara\FRST64.exe

 

Some files in TEMP:

====================

C:\Users\Tamara\AppData\Local\Temp\035c0b5da1cfe02625a814e7698b8cbe-install_reader11_en_mssd_aaa_aih.exe

C:\Users\Tamara\AppData\Local\Temp\AdobeReaderUpdateSetup.exe

C:\Users\Tamara\AppData\Local\Temp\BSvcProcessor.exe

C:\Users\Tamara\AppData\Local\Temp\BSvcUpdater.exe

C:\Users\Tamara\AppData\Local\Temp\cct.dll

C:\Users\Tamara\AppData\Local\Temp\dealup.exe

C:\Users\Tamara\AppData\Local\Temp\DRHelper_installFinish.exe

C:\Users\Tamara\AppData\Local\Temp\DRHelper_installStart.exe

C:\Users\Tamara\AppData\Local\Temp\DRHelper_uninstallComplete.exe

C:\Users\Tamara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbt4c5m.dll

C:\Users\Tamara\AppData\Local\Temp\ICReinstall_JSE_install_app-1438382652219.exe

C:\Users\Tamara\AppData\Local\Temp\JavaIC.dll

C:\Users\Tamara\AppData\Local\Temp\jre-8u51-windows-au.exe

C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379113737.exe

C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379125754.exe

C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379445486.exe

C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379456885.exe

C:\Users\Tamara\AppData\Local\Temp\msscct32.dll

C:\Users\Tamara\AppData\Local\Temp\Player Setup.exe

C:\Users\Tamara\AppData\Local\Temp\rad020D8.tmp-1437585890582.exe

C:\Users\Tamara\AppData\Local\Temp\ReimagePackage.exe

C:\Users\Tamara\AppData\Local\Temp\res.dll

C:\Users\Tamara\AppData\Local\Temp\Setup-1438279205634.exe

C:\Users\Tamara\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Tamara\AppData\Local\Temp\SMPlayerUpdateSetup.exe

C:\Users\Tamara\AppData\Local\Temp\sp64126.exe

C:\Users\Tamara\AppData\Local\Temp\SpOrder.dll

C:\Users\Tamara\AppData\Local\Temp\sqlite3.exe

C:\Users\Tamara\AppData\Local\Temp\supoptsetup.exe

C:\Users\Tamara\AppData\Local\Temp\UninstallHPSA.exe

C:\Users\Tamara\AppData\Local\Temp\YSearchUtil.dll

C:\Users\Tamara\AppData\Local\Temp\{87CAD8CA-F0C3-41C3-9413-0916A2597929}-43.0.2357.132_43.0.2357.130_chrome_updater.exe

C:\Users\Tamara\AppData\Local\Temp\{9CB978D1-4662-4F48-8F72-86D7C27901FC}-43.0.2357.130_43.0.2357.124_chrome_updater.exe

C:\Users\Tamara\AppData\Local\Temp\{B83C1F7E-534B-43DF-9734-AF72BD38F24C}-43.0.2357.132_43.0.2357.130_chrome_updater.exe

C:\Users\Tamara\AppData\Local\Temp\{F864D147-A485-4AF4-B64E-B52E70659FFA}-44.0.2403.89_43.0.2357.134_chrome_updater.exe

 

==================== Bamital & volsnap =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2015-08-24 17:10

 

==================== End of FRST.txt ============================

Edited by tami721, 25 August 2015 - 11:26 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Hi there this system is badly infested with adware, lets try and clean you up

Re-install Chrome
Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.
1. If you have bookmarks, let's save them by exporting them - Export Bookmarks
2. Then I need you to go Google Sync and sign into your account
3. Scroll down until you see the "Stop and Clear" button and click on the button. At the prompt click on "Ok"
4. Now we need to uninstall chrome. Note: When asked about user data or settings you must remove this also so please check the box.
5. Restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome
6. Import your bookmarks back into Chrome
7. Sign back in to your Chrome browser so that your bookmarks sync with your online account.

NEXT

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Download Farbar Recovery Scan Tool and save it to your Desktop.
Download the attached Fixlist.txt to your desktop
Attached File  fixlist.txt   12.63KB   97 downloads
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[CX].txt as well.

FINALLY

Please download Junkware Removal Tool to your desktop.

  • Right-mouse click JRT.exe and select "Run as Administrator" the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • post the contents of JRT.txt into your next message.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP