Well first off, my computer started acting weird, re-directing me to different pages when i specifically type\ in the one i wanted. it started running very slow, and getting very hot. I would find that there was items downloaded in the control panel that I never did, Now, I have suspected my fiance of cheating on me, so i did a little investigation and it looks like he has put something in my computer and Iphone to link both of them to his account, I have no idea if that has anything to do with this but he denies it, I have synced his Iphone to the computer and you will see there are many items from there, someone telling him to goto github, and other sites, all are coded, just a few are not. there are maps from his Iphone. (George Kisor) He denies all this but ive broken into his phone and have seen in his google drive alot of item, I would either sync, or email all to me and download to my computer to evaluate later, but now I cant even open a page up in chrome, it will take a very long time, and I've noticed other extensions being added on while i would be on that page in chrome. There are messages from this "other side" to him, I have to goto my "C" drive click users my name Tamara, and go from there, I want to open and read all these, but i dont want anything else to mess up my computer, Here is what my scan shows... please I need help .... Thank you.............
now i cannot even copy and paste this from my notes, i cant even attach files, says with a sad face unable resolve DNS server.....
Please help...
thank you Tami
ok ifigured out how to get it pasted on here not sure if both is on here or not
Ran by Tamara (administrator) on TAMARA-HP (25-08-2015 21:21:05)
Running from C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\DesktopLoaded Profiles: Tamara (Available Profiles: Tamara & Teagan & Classic .NET AppPool & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Kromtech) C:\Program Files\Kromtech\Common\AccountService.exe(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe() C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe() C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe
(Mindspark) C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Irrational Number Applications) C:\ProgramData\siwPSKm\bnFKybbr.exe(Microsoft Corporation) C:\Windows\System32\mqtgsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(SlimWare Utilities, Inc.) C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe(Capital Intellect, Inc.) C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\BFHP.exe
(Trusted Software ApS) C:\Program Files (x86)\File Type Assistant\tsassist.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(PC Privacy Dock) C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe(© 2015 Microsoft Corporation) C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe() C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe() C:\Program Files (x86)\OLBPre\OLBPre.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe
(Smart Applications) C:\Program Files (x86)\speed browser\Application\browser.exe() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\ProgramData\Aorewumi\1.0.4.1\bsacsuob.exe() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe() C:\Users\Tamara\AppData\Local\RapidMediaConverter\RapidMediaConverterBrowser.exe
(Farbar) C:\Users\Public\Downloads\Norton\{N360202122-SHPD-FSD31014}\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-31] (IDT, Inc.)HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [298376 2012-09-28] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39179912 2015-08-05] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle Corporation)HKLM-x32\...\Run: [VideoDownloadConverter EPM Support] => C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zmedint.exe [11624 2015-07-24] (Mindspark)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Driver Manager] => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe /applicationMode:systemTray /showWelcome:false
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Facebook Update] => C:\Users\Tamara\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2015-08-10] (Facebook Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22012688 2015-06-20] (Google)HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [PCPrivacyDock] => C:\Program Files (x86)\PC Privacy Dock\PCPrivacyDock.exe [4571472 2015-04-14] (PC Privacy Dock)HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [BingSvc] => C:\Users\Tamara\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [Itibiti.exe] => C:\Program Files (x86)\Itibiti Soft Phone\Itibiti.exeHKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\Run: [GoogleChromeAutoLaunch_F8FE182011A15AC917B8387A39BFDA5F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\...\RunOnce: [Uninstall C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Tamara\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64"HKU\S-1-5-18\...\Run: [] => [X]
AppInit_DLLs-x32: c:\progra~3\{bf845~1\1173~1.1\taci.dll => "c:\progra~3\{bf845~1\1173~1.1\taci.dll" File not foundStartup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2015-07-02]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\OLBPre\OLBPre.exe ()Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RapidMediaConverterApp.lnk [2015-08-24]
ShortcutTarget: RapidMediaConverterApp.lnk -> C:\Program Files (x86)\RapidMediaConverter\RapidMediaConverterApp.exe ()ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-05] (Dropbox, Inc.)GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2578401405-4068804440-3125762638-1006\User: Restriction detected <======= ATTENTIONCHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bir-tr-rhb-30__alt__ddc_dsssyc_bd_com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/p/?LinkId=255141HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.eshield.com/general/newhometab.php?hometab=home&partner=11473&guid={8852908C-DEB4-4535-88DD-654880518ECE}&i=URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn13\yt.dll (Yahoo! Inc.)
URLSearchHook: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 - (No Name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll (Mindspark)SearchScopes: HKLM -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBoxSearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bir-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}SearchScopes: HKLM -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL =SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDFSearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-2/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> OldSearch URL =SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SK2EDF&PC=SK2E&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL =SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL =
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {DD0E625C-C4CE-45C7-B2FD-2535D519C053} URL =
SearchScopes: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> {fcd9f10e-0daa-405f-bca0-0dd3f37c59d9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-w3i&type=W3i_YT,191,8_4,Search,20120208,18370,0,18,0BHO-x32: Toolbar BHO -> {312f84fb-8970-4fd3-bddb-7012eac4afc9} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)
BHO-x32: Search Assistant BHO -> {c547c6c2-561b-4169-a2a5-20ba771ca93b} -> C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2015-07-24] (Mindspark)Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2015-07-24] (Mindspark)
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No FileToolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - No File
Toolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No FileToolbar: HKU\S-1-5-21-2578401405-4068804440-3125762638-1001 -> No Name - {1930E38A-DEEF-4CF4-9BFB-9C4EA3689A9D} - No File
DPF: HKLM-x32 {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dllDPF: HKLM-x32 {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} hxxp://utilities.pcpitstop.com/Exterminate2/pcpitstopAntiVirus.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-07] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1Tcpip\..\Interfaces\{2EBDFDEB-1704-4BAC-875D-80117ADF2E51}: [DhcpNameServer] 66.252.91.254 66.252.95.254
Tcpip\..\Interfaces\{6A4986A7-6AAF-45A0-A3B7-9A20F7E89FAA}: [DhcpNameServer] 172.20.10.1Tcpip\..\Interfaces\{BBC92EF3-C8C4-480A-A8B8-FF391EB9A9FE}: [DhcpNameServer] 192.168.0.1 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exeFireFox:
========
FF ProfilePath: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.defaultFF NewTab: hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: Yahoo Search!FF DefaultSearchEngine.US: Yahoo Search!
FF SearchEngineOrder.3: BingFF SelectedSearchEngine: Yahoo Search!
FF Homepage: hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=bl-bfr-tr-rhb-30__alt__ddc_dsssyc_bd_comFF Keyword.URL: hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=bl-bfr-tr-rhb-30__alt__ddc_dss_bd_com&p={searchTerms}
FF NetworkProxy: "no_proxies_on", ""FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-20] ()FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-20] ()FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Tamara\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)FF Plugin HKU\S-1-5-21-2578401405-4068804440-3125762638-1001: @tnt2npapi.com/Plugin -> C:\Users\Tamara\AppData\Local\TNT2\2.0.0.1995\npTNT2.dll [2015-08-04] (Eshield)
FF user.js: detected! => C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\user.js [2015-08-04]FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\bing-.xml [2015-07-04]
FF SearchPlugin: C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\searchplugins\yahoo-search.xml [2015-07-24]FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-02-18]FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]
FF Extension: No Name - C:\Users\Tamara\AppData\Roaming\Mozilla\Firefox\Profiles\p0r58nab.default\extensions\[email protected] [not found]Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTIONCHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-28]CHR Extension: (Facebook Full-size Profile Pictures) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcgdkfpobnjbhhmmelbojdakpehniof [2015-03-28]
CHR Extension: (Mimecraft PC) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajbhloofjoigjdgaadhonkgeemecoijm [2015-04-03]CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-28]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-28]CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-03-28]
CHR Extension: (Record Page) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkbhhlnpdncfkammaaofgmhdmealgmh [2015-07-20]CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-05-04]
CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-03-29]CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-05-04]
CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-03-29]CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-03-31]
CHR Extension: (Popular on Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfhhaffkfckcjcjeoemhjocccdeicidi [2015-03-31]CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-03-31]
CHR Extension: (HD Movie Center) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncmlfjkhonpilhfcekklkdemnphabhp [2015-04-14]CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-04-10]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-28]CHR Extension: (Google Play Movies & TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdijeikdkaembjbdobgfkoidjkpbmlkd [2015-03-28]
CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghccgmeejadcgmebbfmcmknnhdjkmdkm [2015-07-02]CHR Extension: (Downloadr - Download Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjihnjejboipjmadkpmknccijhibnpfe [2015-03-30]
CHR Extension: (Bookmark Manager) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-03-29]
CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-03-31]CHR Extension: (Get The Results Hub) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\holighkmkclhlejkfajgfomgjakgdpkj [2015-07-20]
CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-04-14]CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-04-01]
CHR Extension: (Chrome to Mobile) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2015-03-31]CHR Extension: (Minicraft 3D) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kebmaannmcmihccbmpbcgcpmecgbkaic [2015-04-03]
CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-03-30]CHR Extension: (Blazer Deals) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkneaeopaflijpnmdifmmachekjmekkd [2015-07-31]
CHR Extension: (List Progress Bar for Trello) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\klhahganeobopkelbdeljamclomlhhjg [2015-08-09]CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-28]
CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-04-01]CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-28]
CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-03-30]CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-03-28]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-31]CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-05-30]
CHR Extension: (Google Cast API) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafeflapfdfljijmlienjedomfjfmhpd [2015-03-28]CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-03-31]
CHR Extension: (Live TV Free - TV 360) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nananoifaaimehnlhoolpggpgkbefdom [2015-03-29]CHR Extension: (WeatherBug) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco [2015-03-28]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-28]CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-03-28]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-05-31]CHR Extension: (Radio Homepage) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\olhinfcomikigclgegiaffddapmdlocg [2015-04-02]
CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-04-02]CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-04-13]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-05-04]CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-06]
CHR Extension: (JSON Formatter) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bcjindcccaagfpapjjmafapmmgkkhgoa [2015-06-09]CHR Extension: (Open with Google Drive™ Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bdkpinfdldjdngmgfbifbdbgaoampkan [2015-06-11]
CHR Extension: (Tools for Google Maps™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eljpanecjjlonmoiofelcmkkpojcalcb [2015-06-10]CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-06-20]
CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]CHR Extension: (JSON Viewer) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbmdgpbipfallnflgajpaliibnhdgobh [2015-06-09]
CHR Extension: (Drive Files to Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\idamojobbhfpcbdnkekoinbmobhkjojk [2015-06-28]CHR Extension: (FromDocToPDF) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imgmnliijnmlfabhlpajkebggoeicphi [2015-06-14]
CHR Extension: (Dropbox) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-06-19]CHR Extension: (No Name) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcimnckjiicikfpppcgnjhiflibbnbel [2015-08-25]
CHR Extension: (XML, JSON Viewer with Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lnbmejbkgjdhmhbdbfjioejeeojnpkon [2015-06-11]CHR Extension: (Google Maps API Checker) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlikepnkghhlnkgeejmlkfeheihlehne [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-19]CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (CrushArcade) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnhjnmacgahapmnnifmneapinilajfol [2015-06-12]CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-07]CHR Extension: (Google Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-07]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-07]CHR Extension: (TV) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\beobeededemalmllhkmnkinmfembdimh [2015-06-07]
CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-07]CHR Extension: (eBay) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2015-06-07]
CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-07]CHR Extension: (VUDU Movies) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\daomabnenlgkenegngdblacoobnncgib [2015-06-07]
CHR Extension: (Netflix) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\deceagebecbceejblnlcjooeohmmeldh [2015-06-07]CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-09]
CHR Extension: (Google+) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2015-06-07]CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-07]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2015-06-09]CHR Extension: (Flixster) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hgbpjlnkjhllfgfdmieompodgaefjcfh [2015-06-07]
CHR Extension: (Music Player for Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnfeekfpnjbdmelcapngdgkjnhgijjkh [2015-06-07]CHR Extension: (Crackle) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2015-06-07]
CHR Extension: (Google Play Music) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-06-07]CHR Extension: (Yidio) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kenklnagphgeldfpobjachbgpimaopbf [2015-06-07]
CHR Extension: (Google Play) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-06-07]CHR Extension: (DriveTunes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\labgcacinobdnkfndodfkfeabbjckbnj [2015-06-07]
CHR Extension: (Movie Channel) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lgadnchhhnnoaakjmbfcikaejeeagjna [2015-06-07]CHR Extension: (Horoscopes) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkiajkdbeniimalmhnacldmmdndkkmgl [2015-06-07]
CHR Extension: (Google Maps) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-06-07]CHR Extension: (Cloud Drive, URL to ChromeCast™) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mehfijocnmclokiknjjpcbddbekagnik [2015-06-07]
CHR Extension: (Google Wallet) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-07]CHR Extension: (Current Moon Phase -N.Hemisphere) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oampnkjpomgmmphfoedhihefpbjhjamo [2015-06-07]
CHR Extension: (Radio Player Live Stations) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ooflekjlabfkiacfocahkgcdadcnhmjf [2015-06-07]CHR Extension: (Viewster - Watch Free Movies Online) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh [2015-06-07]
CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-07]CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-21]CHR Profile: C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-10]CHR Extension: (Docs) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-10]
CHR Extension: (Google Drive) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-10]CHR Extension: (YouTube) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-10]
CHR Extension: (Google Search) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-10]CHR Extension: (eShield) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dkmjljdbbgogihjcapfhgkonfmccbffp [2015-08-10]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-08-10]CHR Extension: (Google Sheets) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-08-10]CHR Extension: (Gmail) - C:\Users\Tamara\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-10]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crxCHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Tamara\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-06-06]
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.goo...ice/update2/crxCHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crx
CHR HKU\S-1-5-21-2578401405-4068804440-3125762638-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.goo...ice/update2/crxCHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - https://clients2.goo...ice/update2/crxCHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 00977a63; c:\Program Files (x86)\LighterInit\LighterInit.dll [2238976 2015-07-23] () [File not signed]
R2 088c3b28; c:\Program Files (x86)\LibrarySystem\LibrarySystem.dll [2622464 2015-08-09] () [File not signed]R2 310a2fa8; c:\Program Files (x86)\ReactorRise\ReactorRise.dll [2640384 2015-08-06] () [File not signed]
R2 AccountService; C:\Program Files\Kromtech\Common\AccountService.exe [211248 2015-02-04] (Kromtech) <==== ATTENTIONR2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-15] (Advanced Micro Devices, Inc.) [File not signed]R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 BeFrugal.com Service; C:\Program Files (x86)\Common Files\BeFrugal.com\Toolbar\befrgl.exe [348056 2012-12-05] (Capital Intellect, Inc.)R2 bnFKybbr; C:\ProgramData\siwPSKm\bnFKybbr.exe [2732024 2015-08-24] (Irrational Number Applications)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 d3a378f6; c:\Program Files (x86)\RelaySubs\RelaySubs.dll [2477056 2015-08-09] () [File not signed]S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-05-30] (Dropbox, Inc.)R2 ftpsvc; C:\Windows\system32\inetsrv\ftpsvc.dll [350720 2012-06-01] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373824 2015-05-12] (WildTangent)R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-10-31] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]S2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [15872 2010-11-20] (Microsoft Corporation)
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-13] (Microsoft Corporation)R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-13] (Microsoft Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [9216 2009-07-13] (Microsoft Corporation)R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [189440 2010-11-20] (Microsoft Corporation)
R2 Service Mgr GetTheResultsHub; C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541\plugincontainer.exe [1195224 2015-08-25] ()R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 Update Mgr GetTheResultsHub; C:\Program Files (x86)\Common Files\6f66c052-8827-4487-9031-09becb0cf541\updater.exe [704728 2015-08-24] ()R2 VideoDownloadConverter_4zService; C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe [89448 2015-07-24] (Mindspark)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WMSVC; C:\Windows\system32\inetsrv\wmsvc.exe [10752 2009-07-13] (Microsoft Corporation)S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [189440 2009-07-13] (Microsoft Corporation)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16056 2015-08-25] (SlimWare Utilities, Inc.)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Tamara\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]S1 csfd_1_10_0_17; system32\drivers\csfd_1_10_0_17.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 20:59 - 2015-08-25 21:01 - 00000000 ____D C:\ProgramData\Radio
2015-08-25 19:36 - 2015-07-29 03:52 - 03466368 _____ C:\Users\Tamara\Documents\My Videos - Copy.zip
2015-08-25 19:29 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Documents\TimelineRawData-20150801T234304.json2015-08-25 19:28 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Documents\WebKitSupportLibrary.zip
2015-08-25 19:27 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Documents\WebKitAuxiliaryLibrary.zip2015-08-25 19:23 - 2015-08-25 19:34 - 00122220 _____ C:\Users\Tamara\Downloads\BonjourSetup.exe
2015-08-25 00:53 - 2015-08-25 00:53 - 01526267 _____ C:\Users\Tamara\Downloads\WebKitAuxiliaryLibrary.zip2015-08-25 00:52 - 2015-08-25 00:53 - 00941105 _____ C:\Users\Tamara\Downloads\WebKitSupportLibrary.zip
2015-08-24 23:57 - 2015-08-24 23:57 - 00000000 ____D C:\WebShield2015-08-24 23:33 - 2015-08-25 21:04 - 00001858 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-24 23:31 - 2015-08-25 21:04 - 00001888 _____ C:\Users\Public\Desktop\speed browser.lnk2015-08-24 23:31 - 2015-08-25 21:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\speed browser2015-08-24 23:31 - 2015-08-24 23:31 - 00000000 ____D C:\Program Files (x86)\speed browser
2015-08-24 22:59 - 2015-08-24 22:59 - 00000000 ____D C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.12015-08-24 22:30 - 2015-08-24 22:30 - 00000000 ____D C:\Users\Tamara\Downloads\NetworkDeviceMonitor-v1
2015-08-24 21:59 - 2015-08-24 22:50 - 01134048 _____ (Download Assistant) C:\Users\Tamara\Downloads\Notepad Setup-25985873.exe2015-08-24 21:37 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Documents\mail.google.com.har
2015-08-24 21:36 - 2015-06-15 15:08 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52 (1).rar2015-08-24 21:36 - 2015-06-15 12:13 - 00316470 _____ C:\Users\Tamara\Documents\linkinfo_1.52.rar
2015-08-24 21:36 - 2015-03-16 21:36 - 75737721 _____ C:\Users\Tamara\Documents\lws220.dmg2015-08-24 21:30 - 2015-08-24 21:30 - 00002441 _____ C:\Users\Public\Desktop\Bonjour Printer Wizard.lnk
2015-08-24 21:30 - 2015-08-24 21:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour2015-08-24 20:57 - 2015-08-24 20:57 - 00000000 ____D C:\Users\Tamara\Documents\google-api-java-client-dev (1)
2015-08-24 20:33 - 2015-08-24 16:42 - 00000008 ____H C:\Users\Tamara\Documents\sentinel2015-08-24 18:29 - 2015-08-24 18:29 - 00003364 _____ C:\Windows\System32\Tasks\{EB8E5C55-830D-4446-8A2A-97ED2AD69720}
2015-08-24 17:57 - 2015-08-24 18:13 - 00017051 _____ C:\Users\Tamara\Downloads\RapidMediaConverter (2).exe2015-08-24 17:55 - 2015-08-24 18:28 - 00453203 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter (1).exe.7x3ppbx.partial
2015-08-24 17:46 - 2015-08-24 18:28 - 01053643 _____ (Applon ) C:\Users\Tamara\Downloads\RapidMediaConverter.exe.4echy0u.partial2015-08-24 16:56 - 2015-08-24 16:56 - 00000000 ____D C:\Program Files (x86)\VideoDownloadConverter_4z
2015-08-24 15:19 - 2015-08-25 01:31 - 00000000 ____D C:\Users\Tamara\AppData\Local\WebShield2015-08-24 15:15 - 2015-08-25 21:01 - 00003434 _____ C:\Windows\System32\Tasks\Aorewumi
2015-08-24 15:10 - 2015-08-24 15:15 - 00000000 ____D C:\ProgramData\Aorewumi2015-08-24 15:04 - 2015-08-24 15:18 - 00000000 ____D C:\ProgramData\siwPSKm
2015-08-24 15:04 - 2015-08-24 15:04 - 00000000 ____D C:\ProgramData\WebShield2015-08-24 14:52 - 2015-08-24 20:15 - 00000000 ____D C:\Users\Tamara\AppData\Local\RapidMediaConverter
2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter2015-08-24 14:52 - 2015-08-24 14:52 - 00000000 ____D C:\Program Files (x86)\RapidMediaConverter
2015-08-24 14:21 - 2015-08-24 14:21 - 00073549 _____ C:\Users\Tamara\originalAddition.txt2015-08-24 14:13 - 2015-08-24 14:13 - 00139253 _____ C:\Users\Tamara\Shortcut.txt
2015-08-24 14:10 - 2015-08-24 14:13 - 00073549 _____ C:\Users\Tamara\Addition.txt2015-08-24 14:08 - 2015-08-24 14:13 - 00178146 _____ C:\Users\Tamara\FRST.txt
2015-08-24 14:07 - 2015-08-25 21:21 - 00000000 ____D C:\FRST2015-08-24 14:03 - 2015-08-24 14:07 - 02186752 _____ (Farbar) C:\Users\Tamara\FRST64.exe
2015-08-24 12:46 - 2015-08-24 21:39 - 00000000 ____D C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html bullshit_files2015-08-24 12:46 - 2015-08-24 12:46 - 00092978 _____ C:\Users\Tamara\Documents\Malware and Spyware Cleaning Guide - Geeks to Go Forum.html [bleep].html
2015-08-23 00:52 - 2015-08-24 11:46 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForTamara.job2015-08-23 00:52 - 2015-08-23 00:52 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForTamara
2015-08-20 00:13 - 2015-08-20 00:13 - 00000017 _____ C:\Windows\SysWOW64\shortcut_ex.dat2015-08-19 01:04 - 2015-08-19 01:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-12 11:28 - 2015-08-12 11:28 - 00004582 _____ C:\Users\Tamara\Documents\scanprivatecalendarDocument.odt2015-08-12 06:17 - 2015-08-12 06:17 - 00231702 _____ C:\Users\Tamara\Downloads\maps1
2015-08-12 06:01 - 2015-08-12 06:01 - 37214505 _____ C:\Users\Tamara\Downloads\Google Maps 4.7.0.ipa2015-08-10 13:02 - 2015-08-10 13:12 - 00000000 ____D C:\Users\Tamara\AppData\Local\ISL Online Cache
2015-08-10 10:04 - 2015-08-24 23:18 - 00000000 ____D C:\ProgramData\Browser2015-08-10 05:57 - 2015-08-10 05:57 - 00000000 ____D C:\CrimeWatch
2015-08-10 05:34 - 2015-08-25 21:04 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-08-10 04:58 - 2015-08-10 04:58 - 00000000 ____D C:\ProgramData\PC Privacy Dock
2015-08-10 04:52 - 2015-08-10 22:09 - 00003511 _____ C:\Windows\SysWOW64\mlogger.log2015-08-10 03:38 - 2015-08-10 03:38 - 00003200 _____ C:\Windows\System32\Tasks\PROPCCleaner_Start
2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall2015-08-10 03:37 - 2015-08-10 03:37 - 00000000 ____D C:\Users\Tamara\AppData\Local\PRO_PC_Cleaner
2015-08-10 03:18 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Documents\常用词.html2015-08-10 01:36 - 2015-08-10 01:36 - 00000000 ____D C:\Spacekace
2015-08-09 20:49 - 2015-08-09 20:49 - 00000000 ____D C:\Program Files (x86)\LibrarySystem2015-08-09 18:38 - 2015-08-09 18:38 - 00000000 ____D C:\Program Files (x86)\List Progress Bar for Trello
2015-08-09 18:33 - 2015-08-09 18:33 - 00000000 ____D C:\Program Files (x86)\TakeTTheCouupOn2015-08-09 18:32 - 2015-08-09 18:32 - 00000000 ____D C:\Program Files (x86)\TakeTheeCouponn
2015-08-09 17:52 - 2015-08-09 17:52 - 00000000 ____D C:\Program Files (x86)\RelaySubs2015-08-06 23:36 - 2015-08-06 23:36 - 00001436 _____ C:\Users\Tamara\Downloads\[email protected] (1) (1).zip
2015-08-06 22:51 - 2015-08-06 22:51 - 00005923 _____ C:\Users\Tamara\Downloads\aolauth.min.js2015-08-06 22:48 - 2015-08-06 22:48 - 00008797 _____ C:\Users\Tamara\Downloads\map more info
2015-08-06 22:45 - 2015-08-06 22:45 - 00001151 _____ C:\Users\Tamara\Downloads\Store.html2015-08-06 22:43 - 2015-08-06 22:43 - 00005309 _____ C:\Users\Tamara\Downloads\map more info.ttj
2015-08-06 22:42 - 2015-08-06 22:42 - 00114710 _____ C:\Users\Tamara\Downloads\map with more info moatuac.js2015-08-06 22:40 - 2015-08-06 22:40 - 00000953 ____R C:\Users\Tamara\Downloads\get time privacy_banner.js
2015-08-06 22:37 - 2015-08-06 22:37 - 00036804 _____ C:\Users\Tamara\Downloads\adsWrapper.js2015-08-06 22:26 - 2015-08-06 22:26 - 00141993 _____ C:\Users\Tamara\Downloads\map2015
2015-08-06 10:52 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5) - Copy2015-08-06 10:48 - 2015-08-06 10:48 - 00000000 ____D C:\Users\Tamara\Documents\New folder (11)
2015-08-06 07:01 - 2015-08-06 07:01 - 00000000 ____D C:\Program Files (x86)\ReactorRise2015-08-05 20:28 - 2015-08-05 20:28 - 00010403 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_1
2015-08-05 20:26 - 2015-08-05 20:26 - 00113519 _____ C:\Users\Tamara\Downloads\cb=gapi.loaded_02015-08-05 20:25 - 2015-08-05 20:25 - 00000000 ____D C:\Users\Tamara\New folder (8)
2015-08-05 20:21 - 2015-08-05 20:21 - 00068852 _____ C:\Users\Tamara\Downloads\playlistgkyoutube2015-08-05 04:45 - 2015-08-05 04:45 - 00000000 ____D C:\Users\Tamara\AppData\Local\{98FC7EB0-0331-439C-976E-46284944AEB1}
2015-08-05 00:53 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1 (1).jar2015-08-05 00:33 - 1980-01-01 00:00 - 00291037 _____ C:\Users\Tamara\Downloads\httpclient-4.0.1.jar
2015-08-04 21:11 - 2015-08-04 21:11 - 00012048 _____ C:\Users\Tamara\Documents\google-http-client-android-1.20.0.jar2015-08-04 19:13 - 2015-08-05 00:33 - 00813896 _____ (Google Inc.) C:\Users\Tamara\Downloads\chrome.exe
2015-08-04 18:43 - 2015-08-04 18:43 - 00000000 ____D C:\Users\Tamara\Google Drive2015-08-04 13:41 - 2015-08-04 13:41 - 00000000 ____D C:\Program Files (x86)\TNT2
2015-08-03 00:15 - 2015-08-03 00:16 - 00000000 ____D C:\Users\Tamara\AppData\Local\{C4460E98-73DE-47D3-AAD7-CE7DEC77C6AA}2015-08-02 02:43 - 2015-08-02 02:43 - 00000836 ____R C:\Users\Tamara\Downloads\Passport (1).htm
2015-08-02 00:01 - 2015-08-02 00:01 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document (2).jnt2015-08-01 23:43 - 2015-08-01 23:45 - 208172536 _____ C:\Users\Tamara\Downloads\TimelineRawData-20150801T234304.json
2015-08-01 12:13 - 2015-08-01 12:13 - 00000000 ____D C:\Itibiti2015-08-01 03:14 - 2015-08-01 03:14 - 00000593 _____ C:\Users\Tamara\Downloads\7FBE.tmp
2015-08-01 03:10 - 2015-08-01 03:10 - 00000593 _____ C:\Users\Tamara\Downloads\708D.tmp2015-07-31 21:21 - 2015-07-31 21:21 - 00004677 _____ C:\Users\Tamara\Downloads\events_microformats.js
2015-07-31 18:38 - 2015-07-31 18:38 - 02175123 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5 (1).zip2015-07-31 18:25 - 2015-07-31 18:25 - 06607199 _____ C:\Users\Tamara\Documents\client_crm (1).zip
2015-07-31 18:24 - 2015-07-31 18:24 - 00000115 _____ C:\Users\Tamara\Downloads\guava-jdk5-13.0.jar.URL2015-07-31 18:23 - 2015-07-31 18:23 - 00000000 ____D C:\Users\Tamara\Documents\New folder (3)
2015-07-31 03:46 - 2015-07-31 03:46 - 03466368 _____ C:\Users\Tamara\Downloads\C1D2.tmp2015-07-31 02:52 - 2015-07-31 02:52 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1)
2015-07-31 02:44 - 2015-07-31 02:44 - 00000000 ____D C:\Users\Tamara\Documents\Setup (1)2015-07-31 01:44 - 2015-07-31 02:32 - 00000000 ____D C:\Users\Tamara\AppData\6
2015-07-30 23:03 - 2015-07-31 18:01 - 00000000 ____D C:\Users\Tamara\.smplayer2015-07-30 23:03 - 2015-07-30 23:03 - 00001011 _____ C:\Users\Tamara\Documents\SMPlayer.lnk
2015-07-30 23:03 - 2015-07-30 23:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer2015-07-30 22:50 - 2015-07-30 22:50 - 00000000 ____D C:\Users\Tamara\AppData\Local\{19638CB5-8B5F-4F76-95FD-FC0A52B3A83C}
2015-07-30 22:44 - 2015-07-30 22:44 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B.framework2015-07-30 19:27 - 2015-07-30 19:27 - 00001821 _____ C:\Users\Tamara\Downloads\常用词.html
2015-07-30 19:00 - 2015-07-30 19:00 - 00000000 ____D C:\Users\Tamara\Downloads\client_crm2015-07-30 18:21 - 2015-07-30 18:21 - 00000000 ____D C:\Users\Tamara\Documents\New folder (10)
2015-07-30 18:09 - 2015-07-30 18:09 - 00000000 ____D C:\Users\Tamara\Documents\maven12015-07-30 18:09 - 1980-01-01 00:00 - 00002660 _____ C:\Users\Tamara\Documents\New folder (9)
2015-07-30 18:04 - 2015-08-10 16:15 - 00000310 _____ C:\Windows\SysWOW64\ff.bin2015-07-30 18:03 - 2015-08-10 16:10 - 00000552 _____ C:\Windows\SysWOW64\schtasks.bin
2015-07-30 16:04 - 2015-07-30 16:04 - 00000000 _____ C:\Windows\SysWOW64\sho97C8.tmp2015-07-30 14:59 - 2015-07-30 14:59 - 00000000 ____D C:\Users\Tamara\Documents\dependencies
2015-07-30 14:55 - 2015-07-30 14:55 - 00000000 ____D C:\Users\Tamara\Documents\New folder (8)2015-07-30 14:54 - 2015-07-30 14:57 - 11524694 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.0 (1).zip
2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (7)2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (6)
2015-07-30 14:41 - 2015-07-30 14:41 - 00000000 ____D C:\Users\Tamara\Documents\New folder (5)2015-07-30 14:34 - 2015-07-30 14:34 - 00616043 _____ C:\Users\Tamara\Documents\google-api-java-client-dev (1).zip
2015-07-30 14:33 - 2015-07-30 14:33 - 00000000 ____D C:\Users\Tamara\AppData\Local\{E0F3D240-7B23-4E9C-BB51-0386E069E33E}2015-07-30 14:29 - 2015-08-05 00:26 - 00000000 ____D C:\Users\Tamara\Documents\client_crm (1)
2015-07-30 14:26 - 2015-07-30 14:26 - 00000000 ____D C:\Users\Tamara\Documents\json read2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder (2)
2015-07-30 14:19 - 2015-07-30 14:19 - 00000000 ____D C:\Users\Tamara\Downloads\New folder2015-07-30 14:18 - 2015-07-30 14:18 - 03462694 _____ C:\Users\Tamara\Downloads\client_crm.zip
2015-07-30 13:54 - 2015-07-30 13:54 - 00001059 _____ C:\Users\Public\Desktop\SmartPCFixer.lnk2015-07-30 13:54 - 2015-07-30 13:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartPCFixer
2015-07-30 13:54 - 2014-05-10 09:24 - 00000229 _____ C:\Users\Public\Desktop\LionSea Software.url2015-07-30 13:53 - 2015-07-30 13:54 - 00000000 ____D C:\Program Files (x86)\SmartPCFixer
2015-07-30 13:52 - 2015-08-10 16:10 - 00003322 _____ C:\Windows\System32\Tasks\SuperFastPC_AutorunOnStartup2015-07-30 13:25 - 2015-07-30 13:26 - 00033015 _____ C:\Users\Tamara\Downloads\jsr305-1.3.9.jar
2015-07-30 13:17 - 2015-07-30 13:17 - 00100253 _____ C:\Users\Tamara\Downloads\view-source_https___ssl.gstatic.com_gb_js_smm_bfe0afb84c87e8d0836810f23cfa4a68.js2015-07-30 13:15 - 2015-07-30 13:15 - 00100253 _____ C:\Users\Tamara\Downloads\WindowsPreviewPerTab.jsm.js
2015-07-30 07:33 - 2015-07-30 07:33 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1 (1).zip2015-07-30 07:22 - 2015-07-30 19:37 - 00000000 ____D C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1
2015-07-30 07:20 - 2015-07-30 07:20 - 27989226 _____ C:\Users\Tamara\Documents\GoogleMapsM4B-iOS-1.10.1.zip2015-07-30 07:07 - 2015-07-30 07:09 - 27989226 _____ C:\Users\Tamara\Downloads\GoogleMapsM4B-iOS-1.10.1.zip
2015-07-29 17:10 - 2015-07-29 17:10 - 00852190 _____ C:\Users\Tamara\Downloads\E93C.tmp2015-07-29 17:08 - 2015-07-29 17:08 - 00852190 _____ C:\Users\Tamara\Documents\Setup (1).zip
2015-07-29 17:07 - 2015-07-29 17:07 - 00852237 _____ C:\Users\Tamara\Documents\Setup.zip2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\profile.json
2015-07-29 15:34 - 2015-07-29 15:34 - 08204084 _____ C:\Users\Tamara\Documents\audioprofile.json2015-07-29 11:06 - 2015-08-05 00:18 - 00000000 ____D C:\Users\Tamara\Documents\app
2015-07-29 11:06 - 2015-07-31 02:34 - 00000000 ____D C:\Users\Tamara\Documents\example2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\testcase
2015-07-29 11:06 - 2015-07-29 11:06 - 00000000 ____D C:\Users\Tamara\Documents\manual2015-07-29 11:06 - 2012-09-10 16:08 - 00065037 _____ C:\Users\Tamara\Documents\simple_html_dom.php
2015-07-29 11:03 - 2015-07-29 11:03 - 00343783 _____ C:\Users\Tamara\Documents\simplehtmldom_1_5.zip2015-07-29 06:48 - 2015-07-29 06:48 - 00421153 _____ C:\Users\Tamara\Documents\Timeline.html
2015-07-29 06:35 - 2015-08-05 00:08 - 00037189 _____ C:\Windows\system32\ScanResults.xml2015-07-29 06:29 - 2015-08-04 23:53 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-07-29 05:09 - 2015-07-29 05:09 - 00004017 _____ C:\Users\Tamara\Downloads\www.google.com.har2015-07-28 14:05 - 2015-08-03 06:50 - 00000000 ____D C:\Windows\Panther
2015-07-28 11:56 - 2015-07-25 14:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe2015-07-28 11:56 - 2015-07-25 14:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 11:56 - 2015-07-25 14:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll2015-07-28 11:56 - 2015-07-25 14:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll2015-07-28 11:56 - 2015-07-25 14:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 11:56 - 2015-07-25 14:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll2015-07-28 11:56 - 2015-07-25 13:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 07:30 - 2015-08-10 22:08 - 00000000 ____D C:\Users\Tamara\Documents\ProPCCleaner2015-07-28 07:30 - 2015-07-28 07:15 - 00081235 _____ C:\Users\Tamara\Documents\a111
2015-07-28 06:39 - 2015-07-28 06:36 - 07676608 _____ (Microsoft Corporation) C:\Users\Tamara\Downloads\OneDriveSetup(1).exe2015-07-28 05:50 - 2015-07-28 06:42 - 00000000 _____ C:\Users\Tamara\Downloads\OneDrive-2015-07-28.zip
2015-07-27 21:02 - 1980-01-01 00:00 - 00000078 _____ C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-1.20.0.jar.properties2015-07-27 20:10 - 2015-07-27 20:05 - 00004544 _____ C:\Users\Tamara\Documents\New Journal Document.jnt
2015-07-27 07:45 - 2015-07-27 07:47 - 00001436 _____ C:\Users\Tamara\Downloads\google-api-services-translate-v2-rev41-java-1.20.0 (1) (1).zip2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\stlye sheet
2015-07-26 12:05 - 2015-07-26 12:05 - 00000000 _____ C:\Users\Tamara\Downloads\new sheet 32015-07-26 12:04 - 2015-07-26 12:04 - 00000310 _____ C:\Users\Tamara\Downloads\11plaintext.css
2015-07-26 11:34 - 2015-07-26 11:34 - 00005915 _____ C:\Users\Tamara\Downloads\inlinestylesheet2015-07-26 04:52 - 2015-07-26 04:52 - 00000000 ____D C:\Users\Tamara\AppData\Local\{423BD323-F769-402D-8A9A-DBFD96A69F1F}
2015-07-26 02:27 - 2015-07-26 02:27 - 00000310 _____ C:\Users\Tamara\Downloads\plaintext.css2015-07-26 02:27 - 2015-07-26 02:27 - 00000000 _____ C:\Users\Tamara\Downloads\new style sheet
2015-07-26 01:41 - 2015-07-26 01:41 - 00022734 _____ C:\Users\Tamara\Downloads\mail.google.com.har==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-25 21:09 - 2012-02-20 17:01 - 00000340 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 21:09 - 2009-07-14 00:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02015-08-25 21:04 - 2015-07-22 12:31 - 00001982 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 21:04 - 2015-05-27 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome2015-08-25 21:04 - 2014-09-14 00:52 - 00001982 _____ C:\Users\Teagan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-25 21:00 - 2015-06-16 13:12 - 00000000 ____D C:\Users\Tamara\Documents\PCPrivacyDock2015-08-25 21:00 - 2012-01-06 06:05 - 01064337 _____ C:\Windows\WindowsUpdate.log
2015-08-25 20:59 - 2015-05-30 20:07 - 00000908 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job2015-08-25 20:58 - 2015-07-02 16:16 - 00000404 _____ C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-08-25 20:57 - 2012-07-26 19:08 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\Skype2015-08-25 20:56 - 2015-06-16 13:12 - 00003388 _____ C:\Windows\System32\Tasks\PCPrivacyDock_Popup
2015-08-25 20:56 - 2015-06-14 16:47 - 00002848 _____ C:\Windows\System32\Tasks\DriverUpdate Startup2015-08-25 20:56 - 2015-06-14 16:47 - 00000420 _____ C:\Windows\Tasks\DriverUpdate Startup.job
2015-08-25 20:55 - 2015-06-14 16:47 - 00016056 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys2015-08-25 20:55 - 2015-05-30 20:07 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-08-25 20:55 - 2013-04-05 18:28 - 00000430 _____ C:\Windows\Tasks\BeFrugal.com Toolbar.job2015-08-25 20:53 - 2014-12-20 20:41 - 00016850 _____ C:\Windows\setupact.log
2015-08-25 20:53 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT2015-08-25 20:53 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\inetsrv
2015-08-25 20:52 - 2012-05-04 01:31 - 01454228 _____ C:\Windows\PFRO.log2015-08-25 19:44 - 2015-05-30 23:22 - 00000932 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA.job
2015-08-25 19:28 - 2012-05-10 12:35 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2015-08-25 19:18 - 2015-07-20 03:18 - 00000000 ____D C:\ProgramData\6f66c052-8827-4487-9031-09becb0cf541
2015-08-25 18:49 - 2012-02-14 18:09 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6264EE9B-C5D9-4186-BD2F-866C9E938132}2015-08-25 18:36 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-24 22:36 - 2015-06-10 04:20 - 00000000 ____D C:\Users\Tamara\New folder (5)2015-08-24 22:36 - 2012-02-14 18:05 - 00000000 ____D C:\Users\Tamara
2015-08-24 22:12 - 2015-07-02 16:12 - 00000342 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job2015-08-24 21:30 - 2015-05-24 14:34 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-24 21:19 - 2015-03-06 23:03 - 00000000 ____D C:\Users\DefaultAppPool.IIS APPPOOL.0022015-08-24 20:15 - 2012-02-27 23:04 - 00000000 ____D C:\Users\Tamara\AppData\Local\CrashDumps
2015-08-24 16:44 - 2015-05-30 23:22 - 00000910 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core.job2015-08-24 16:32 - 2014-11-24 04:27 - 00000000 ____D C:\Users\HomeGroupUser$
2015-08-24 16:18 - 2015-07-02 16:16 - 00000000 ____D C:\Program Files (x86)\File Type Assistant2015-08-24 15:38 - 2015-07-05 03:46 - 00000000 ____D C:\Users\Tamara\.gimp-2.6
2015-08-24 11:47 - 2015-07-24 04:16 - 00000024 _____ C:\Users\Tamara\AppData\Roaming\appdataFr25.bin2015-08-23 00:53 - 2015-06-15 06:00 - 00000000 ____D C:\Users\Tamara\OneDrive
2015-08-20 00:12 - 2012-03-04 21:51 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\SoftGrid Client2015-08-19 19:38 - 2015-06-15 06:00 - 00002164 _____ C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-08-19 07:37 - 2012-02-22 13:29 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log2015-08-19 01:04 - 2015-05-30 20:07 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-12 05:38 - 2015-07-20 03:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox2015-08-10 23:30 - 2012-03-25 19:05 - 00000000 ____D C:\ProgramData\MFAData
2015-08-10 16:39 - 2015-05-30 23:22 - 00003910 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001UA2015-08-10 16:39 - 2015-05-30 23:22 - 00003542 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2578401405-4068804440-3125762638-1001Core
2015-08-10 02:57 - 2015-07-02 16:06 - 00000621 _____ C:\Users\Tamara\Downloads\freefileviewer-setup (1).website2015-08-09 20:25 - 2015-07-24 04:14 - 00000000 ____D C:\Program Files (x86)\BrowwSeeaNdshopp
2015-08-09 18:39 - 2015-07-24 04:14 - 00000000 ____D C:\ProgramData\27532308902926491592015-08-09 17:39 - 2013-10-22 18:54 - 00000000 ____D C:\Users\Tamara\AppData\Roaming\WildTangent
2015-08-09 17:39 - 2011-10-26 00:16 - 00000000 ____D C:\ProgramData\WildTangent2015-08-06 20:24 - 2009-07-14 01:08 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-06 10:59 - 2015-05-30 20:07 - 00000000 ____D C:\Users\Tamara\AppData\Local\Dropbox2015-08-06 10:42 - 2015-07-04 21:28 - 00000000 ____D C:\Users\Tamara\Documents\New folder
2015-08-05 05:03 - 2009-07-14 01:13 - 00882368 _____ C:\Windows\system32\PerfStringBackup.INI2015-08-04 18:52 - 2015-07-04 20:52 - 00000000 ____D C:\Users\Tamara\Downloads\7Bing Maps_files
2015-08-04 13:41 - 2015-06-09 02:11 - 00000000 ____D C:\Users\Tamara\AppData\Local\TNT22015-08-04 09:03 - 2015-05-30 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-03 06:44 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT2015-08-02 20:18 - 2012-05-04 01:18 - 00000000 ____D C:\Users\Tamara\AppData\Local\LogMeIn Rescue Calling Card
2015-08-02 07:18 - 2015-03-16 00:13 - 00005824 _____ C:\Users\Tamara\ipconfig.all.txt2015-08-02 04:24 - 2015-07-24 04:12 - 00000000 ____D C:\ProgramData\{4ebbcc12-b465-cb48-4ebb-bcc12b46304a}
2015-08-02 01:25 - 2015-07-24 05:48 - 00000000 ____D C:\Program Files (x86)\RDS bar seo pagerank dmoz alexa pr2015-08-02 01:20 - 2015-04-09 00:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
2015-08-01 03:05 - 2011-10-26 00:38 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information2015-08-01 03:04 - 2011-10-26 00:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-07-31 19:07 - 2015-07-20 23:36 - 00000000 ____D C:\Users\Tamara\Documents\google-api-services-translate-v2-rev41-java-1.20.02015-07-31 15:35 - 2015-07-07 06:29 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2015-07-30 23:03 - 2012-03-25 12:42 - 00000000 ____D C:\Program Files (x86)\SMPlayer2015-07-30 18:36 - 2011-08-31 14:05 - 00000000 ___HD C:\HP
2015-07-30 14:04 - 2014-11-25 02:55 - 00000000 ___RD C:\Users\Tamara\Documents\Notes2015-07-30 06:41 - 2015-07-03 20:12 - 00000924 _____ C:\Users\Tamara\Downloads\dBpowerampMusicConverterSetup-2719021 (1).website
2015-07-29 16:20 - 2015-07-20 04:28 - 00000000 ____D C:\ProgramData\Oracle2015-07-29 16:20 - 2012-04-23 21:46 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-29 09:53 - 2015-05-12 04:48 - 00000000 ___SD C:\Windows\system32\GWX2015-07-29 03:52 - 2015-07-07 15:31 - 03466368 _____ C:\Users\Tamara\Documents\My Videos.zip
2015-07-29 03:01 - 2014-05-28 14:53 - 00000000 ___SD C:\Windows\system32\CompatTel2015-07-29 02:22 - 2012-02-22 19:57 - 00000000 ____D C:\Users\Tamara\AppData\Local\Google
==================== Files in the root of some directories =======
2015-07-07 02:17 - 2015-07-07 02:29 - 6420480 _____ () C:\Program Files (x86)\GUTAD75.tmp
2015-07-23 20:53 - 2015-07-23 20:53 - 0000079 _____ () C:\Program Files (x86)\prefs.js2015-07-24 04:16 - 2015-08-24 11:47 - 0000024 _____ () C:\Users\Tamara\AppData\Roaming\appdataFr25.bin
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filter2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Filters
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\Users\Tamara\AppData\Roaming\Flags2015-05-27 19:49 - 2015-05-31 01:46 - 0000115 _____ () C:\Users\Tamara\AppData\Roaming\LogFile.txt
2014-12-03 06:25 - 2014-12-05 00:51 - 0000002 _____ () C:\Users\Tamara\AppData\Roaming\QWInstall.log2015-06-16 14:10 - 2015-06-27 23:10 - 0000125 _____ () C:\Users\Tamara\AppData\Roaming\WB.CFG
2012-02-15 18:16 - 2015-07-03 01:01 - 0013312 _____ () C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini2015-01-27 15:38 - 2015-01-27 15:38 - 0000088 _____ () C:\Users\Tamara\AppData\Local\fd085c24e1db67146ef33388fc5e490b
2014-09-19 16:58 - 2014-12-03 04:42 - 0007609 _____ () C:\Users\Tamara\AppData\Local\Resmon.ResmonCfg2012-02-18 18:20 - 2012-02-18 18:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flanger2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Flowers
2012-05-06 00:29 - 2012-05-06 00:29 - 0000268 ___RH () C:\ProgramData\Folder Actions2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Generic
2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Grapher2012-05-06 00:29 - 2012-05-06 00:29 - 0000012 ___RH () C:\ProgramData\Guides
2012-05-06 00:29 - 2015-06-15 17:59 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT2012-05-06 00:29 - 2015-07-24 21:50 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2012-05-06 00:29 - 2015-07-05 05:47 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT2015-07-03 20:50 - 2015-07-03 20:50 - 0001672 _____ () C:\ProgramData\tempimage.bmp
Files to move or delete:
====================C:\Users\Tamara\api.js
C:\Users\Tamara\FRST64.exe
Some files in TEMP:
====================C:\Users\Tamara\AppData\Local\Temp\035c0b5da1cfe02625a814e7698b8cbe-install_reader11_en_mssd_aaa_aih.exe
C:\Users\Tamara\AppData\Local\Temp\AdobeReaderUpdateSetup.exeC:\Users\Tamara\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Tamara\AppData\Local\Temp\BSvcUpdater.exeC:\Users\Tamara\AppData\Local\Temp\cct.dll
C:\Users\Tamara\AppData\Local\Temp\dealup.exeC:\Users\Tamara\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\Tamara\AppData\Local\Temp\DRHelper_installStart.exeC:\Users\Tamara\AppData\Local\Temp\DRHelper_uninstallComplete.exe
C:\Users\Tamara\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbt4c5m.dllC:\Users\Tamara\AppData\Local\Temp\ICReinstall_JSE_install_app-1438382652219.exe
C:\Users\Tamara\AppData\Local\Temp\JavaIC.dllC:\Users\Tamara\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379113737.exeC:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379125754.exe
C:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379445486.exeC:\Users\Tamara\AppData\Local\Temp\JSE_install_app-1437379456885.exe
C:\Users\Tamara\AppData\Local\Temp\msscct32.dllC:\Users\Tamara\AppData\Local\Temp\Player Setup.exe
C:\Users\Tamara\AppData\Local\Temp\rad020D8.tmp-1437585890582.exeC:\Users\Tamara\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Tamara\AppData\Local\Temp\res.dllC:\Users\Tamara\AppData\Local\Temp\Setup-1438279205634.exe
C:\Users\Tamara\AppData\Local\Temp\SkypeSetup.exeC:\Users\Tamara\AppData\Local\Temp\SMPlayerUpdateSetup.exe
C:\Users\Tamara\AppData\Local\Temp\sp64126.exeC:\Users\Tamara\AppData\Local\Temp\SpOrder.dll
C:\Users\Tamara\AppData\Local\Temp\sqlite3.exeC:\Users\Tamara\AppData\Local\Temp\supoptsetup.exe
C:\Users\Tamara\AppData\Local\Temp\UninstallHPSA.exeC:\Users\Tamara\AppData\Local\Temp\YSearchUtil.dll
C:\Users\Tamara\AppData\Local\Temp\{87CAD8CA-F0C3-41C3-9413-0916A2597929}-43.0.2357.132_43.0.2357.130_chrome_updater.exeC:\Users\Tamara\AppData\Local\Temp\{9CB978D1-4662-4F48-8F72-86D7C27901FC}-43.0.2357.130_43.0.2357.124_chrome_updater.exe
C:\Users\Tamara\AppData\Local\Temp\{B83C1F7E-534B-43DF-9734-AF72BD38F24C}-43.0.2357.132_43.0.2357.130_chrome_updater.exeC:\Users\Tamara\AppData\Local\Temp\{F864D147-A485-4AF4-B64E-B52E70659FFA}-44.0.2403.89_43.0.2357.134_chrome_updater.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-24 17:10
==================== End of FRST.txt ============================
Edited by tami721, 25 August 2015 - 11:26 PM.