I seem to have a malware problem. Firefox is randomly 'not responding', fonts on random web pages are overlapping and different sizes, pop-ups galore, numerous redirects. I took this laptop to a local guy recently and it's worse since he fiddled with it. I had a hacking scare and the bank made me take it to someone who could provide a receipt (this is the only way they would unfreeze my accounts). He installed java which I'd never had. Anyway- logs attached.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-05-2016
Ran by Celia (administrator) on CELIA-PC (19-05-2016 18:21:14)
Running from C:\Users\Celia\Downloads\Programs Etc
Loaded Profiles: Celia (Available Profiles: Celia)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Dropbox, Inc.) C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(Fuji Xerox Co., Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Irfan Skiljan) C:\Program Files\IrfanView\i_view32.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Fuji Xerox\BrStMonW.exe [4513280 2014-06-17] (Fuji Xerox Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-10-17] (Apple Inc.)
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\...\Run: [Dropbox Update] => C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-02] (Avast Software s.r.o.)
Startup: C:\Users\Celia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-16]
ShortcutTarget: Dropbox.lnk -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{73FE20E9-1391-44F4-9EB4-2B112372BCE1}: [DhcpNameServer] 192.168.2.1 192.168.0.1
Tcpip\..\Interfaces\{AB134228-DF8D-48AE-BD71-FD0A86931D1C}: [NameServer] 208.67.222.222,4.2.2.1
Tcpip\..\Interfaces\{AB134228-DF8D-48AE-BD71-FD0A86931D1C}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{D1D94B21-0440-49D0-84F0-A572D804475D}: [DhcpNameServer] 10.5.133.45 10.5.136.242
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU
SearchScopes: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU_enAU380
SearchScopes: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSAU_enAU380
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-05] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-02] (Avast Software s.r.o.)
BHO: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-23] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-05] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-27] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF ProfilePath: C:\Users\Celia\AppData\Roaming\Mozilla\Firefox\Profiles\t3ku6f2c.default-1459825182118
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-05] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-05] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-11] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-05-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-10-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-10-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-10-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-10-31] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-10-31] (Apple Inc.)
FF Extension: NoSquint - C:\Users\Celia\AppData\Roaming\Mozilla\Firefox\Profiles\t3ku6f2c.default-1459825182118\extensions\[email protected] [2016-05-02]
FF Extension: LavaFox V2-Blue - C:\Users\Celia\AppData\Roaming\Mozilla\Firefox\Profiles\t3ku6f2c.default-1459825182118\Extensions\[email protected] [2016-04-05]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-01-13]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Google Drive) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Google Search) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-23]
CHR Extension: (Google Docs Offline) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-10-24]
CHR Extension: (Avast Online Security) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-10-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24]
CHR Extension: (Gmail) - C:\Users\Celia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-02] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-07-02] (Avast Software)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [282112 2014-05-26] (Fuji Xerox Co., Ltd.) [File not signed]
S4 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2009-10-28] (TOSHIBA CORPORATION)
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-11] (TOSHIBA CORPORATION)
S4 LMS; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [File not signed]
S3 MSSQL$MSSMLBIZ; c:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
S4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-10-07] (TOSHIBA Corporation)
S4 TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [185712 2009-09-29] (TOSHIBA Corporation)
S4 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2009-11-06] (TOSHIBA Corporation)
S4 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [677232 2009-10-31] (TOSHIBA Corporation)
S4 UNS; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-07-02] ()
R1 aswKbd; C:\windows\system32\Drivers\aswKbd.sys [24408 2012-03-07] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [74976 2015-07-02] (Avast Software s.r.o.)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [81728 2015-07-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-07-02] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787760 2015-07-02] (Avast Software s.r.o.)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [428120 2015-07-02] (Avast Software s.r.o.)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [106912 2015-07-02] (Avast Software s.r.o.)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [209048 2015-07-02] ()
R3 enecirhid; C:\windows\System32\DRIVERS\enecirhid.sys [11776 2009-05-20] (ENE TECHNOLOGY INC.)
R3 enecirhidma; C:\windows\System32\DRIVERS\enecirhidma.sys [5632 2008-04-25] (ENE TECHNOLOGY INC.)
R0 LPCFilter; C:\windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-31] (COMPAL ELECTRONIC INC.)
R3 mod7700; C:\windows\System32\Drivers\dvb7700all.sys [626688 2009-06-12] (DiBcom)
R3 PGEffect; C:\windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-23] (TOSHIBA Corporation)
R2 TVALZFL; C:\windows\System32\DRIVERS\TVALZFL.sys [12920 2009-06-20] (TOSHIBA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-07-02] (Avast Software)
S3 ZTEusbnet; C:\windows\System32\DRIVERS\ZTEusbnet.sys [114688 2009-12-28] (ZTE Corporation)
U5 AppMgmt; C:\windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 cpuz136; \??\C:\Users\Celia\AppData\Local\Temp\cpuz136\cpuz136_x32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-19 18:19 - 2016-05-19 18:21 - 00000000 ____D C:\FRST
2016-05-17 13:59 - 2016-05-17 15:04 - 00000000 ____D C:\Users\Celia\Downloads\Paypal Statements
2016-05-16 10:09 - 2016-05-16 10:09 - 00000000 ____D C:\Users\Celia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-11 09:49 - 2016-04-14 23:49 - 00603648 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 09:49 - 2016-04-09 16:54 - 00306176 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 09:49 - 2016-04-09 15:40 - 02397696 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 09:49 - 2016-04-09 14:20 - 01230848 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-11 09:48 - 2016-04-24 02:24 - 00346312 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-11 09:48 - 2016-04-23 14:20 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-05-11 09:48 - 2016-04-23 14:20 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-05-11 09:48 - 2016-04-23 14:11 - 20350464 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-11 09:48 - 2016-04-23 14:08 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-11 09:48 - 2016-04-23 14:08 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-05-11 09:48 - 2016-04-23 14:08 - 00047616 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-05-11 09:48 - 2016-04-23 14:07 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-05-11 09:48 - 2016-04-23 14:07 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-05-11 09:48 - 2016-04-23 14:04 - 02285568 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-11 09:48 - 2016-04-23 14:02 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-05-11 09:48 - 2016-04-23 14:01 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-05-11 09:48 - 2016-04-23 13:59 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-05-11 09:48 - 2016-04-23 13:58 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-11 09:48 - 2016-04-23 13:58 - 00620032 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-05-11 09:48 - 2016-04-23 13:58 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-05-11 09:48 - 2016-04-23 13:58 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-05-11 09:48 - 2016-04-23 13:53 - 00667648 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-05-11 09:48 - 2016-04-23 13:50 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-05-11 09:48 - 2016-04-23 13:45 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 09:48 - 2016-04-23 13:44 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-05-11 09:48 - 2016-04-23 13:43 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-05-11 09:48 - 2016-04-23 13:41 - 00076288 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-05-11 09:48 - 2016-04-23 13:40 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-05-11 09:48 - 2016-04-23 13:39 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-05-11 09:48 - 2016-04-23 13:36 - 04611072 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-11 09:48 - 2016-04-23 13:33 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-11 09:48 - 2016-04-23 13:31 - 00693248 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-11 09:48 - 2016-04-23 13:31 - 00689664 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-11 09:48 - 2016-04-23 13:30 - 02056192 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-11 09:48 - 2016-04-23 13:30 - 01155072 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-05-11 09:48 - 2016-04-23 13:26 - 13811200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-11 09:48 - 2016-04-23 13:12 - 02121216 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-11 09:48 - 2016-04-23 13:09 - 01312256 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-11 09:48 - 2016-04-23 13:07 - 00710144 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-11 09:48 - 2016-04-09 16:54 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 09:48 - 2016-04-06 20:36 - 00019968 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 09:48 - 2016-03-10 04:34 - 00216064 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 09:31 - 2016-04-09 16:59 - 03998952 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2016-05-11 09:31 - 2016-04-09 16:59 - 03943144 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 09:31 - 2016-04-09 16:59 - 00137960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 09:31 - 2016-04-09 16:59 - 00067304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 09:31 - 2016-04-09 16:57 - 01310528 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 01062400 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00655360 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00644096 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00400896 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00260608 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00251392 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00141312 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 09:31 - 2016-04-09 16:54 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 09:31 - 2016-04-09 15:42 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 09:31 - 2016-04-09 15:42 - 00050688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 09:31 - 2016-04-09 15:42 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 09:31 - 2016-04-09 15:42 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 09:31 - 2016-04-09 15:42 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 09:31 - 2016-04-09 15:40 - 00262656 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 09:31 - 2016-04-09 15:38 - 00226304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 09:31 - 2016-04-09 15:38 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 09:31 - 2016-04-09 15:38 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 09:31 - 2016-04-09 15:37 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 09:31 - 2016-04-09 15:37 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 09:31 - 2016-04-09 15:37 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 09:31 - 2016-04-09 15:37 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 09:29 - 2016-04-09 16:59 - 00730344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 09:29 - 2016-04-09 16:59 - 00218856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 09:29 - 2016-04-09 16:54 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-19 18:21 - 2013-10-01 23:54 - 00000000 ____D C:\Users\Celia\Downloads\Programs Etc
2016-05-19 18:16 - 2015-06-18 21:06 - 00000918 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005UA.job
2016-05-19 17:25 - 2010-07-03 17:13 - 00000886 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-19 17:24 - 2012-08-21 08:50 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-19 16:56 - 2009-07-14 14:34 - 00019248 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-19 16:56 - 2009-07-14 14:34 - 00019248 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-19 10:16 - 2015-06-18 21:06 - 00000866 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005Core.job
2016-05-19 09:24 - 2010-07-03 17:13 - 00000882 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-18 17:21 - 2015-04-01 11:21 - 00000000 ___RD C:\Users\Celia\Dropbox
2016-05-18 17:18 - 2009-07-14 14:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-17 09:35 - 2013-10-01 23:36 - 00000000 ____D C:\Users\Celia\Downloads\My WAC
2016-05-16 10:13 - 2013-10-01 23:54 - 00000000 ____D C:\Users\Celia\Downloads\Business Reg and Dealer Licence
2016-05-16 10:09 - 2015-04-01 11:16 - 00000000 ____D C:\Users\Celia\AppData\Roaming\Dropbox
2016-05-13 09:47 - 2014-12-12 08:59 - 00000000 ____D C:\windows\system32\appraiser
2016-05-12 20:39 - 2016-02-14 09:42 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-11 16:23 - 2009-07-14 12:37 - 00000000 ____D C:\windows\rescache
2016-05-11 14:24 - 2010-04-30 08:20 - 00916538 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-11 14:24 - 2009-07-14 12:37 - 00000000 ____D C:\windows\inf
2016-05-11 14:16 - 2009-07-14 14:33 - 00455728 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-11 14:13 - 2009-07-14 17:49 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 10:28 - 2013-07-16 18:14 - 00000000 ____D C:\windows\system32\MRT
2016-05-11 10:18 - 2010-05-26 22:14 - 136686448 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-07 14:07 - 2014-03-29 18:24 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-07 14:07 - 2012-05-17 13:33 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-06 09:07 - 2015-04-15 01:27 - 00000000 ___SD C:\windows\system32\GWX
2016-04-21 15:05 - 2010-05-23 14:57 - 00374944 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2010-05-22 11:01 - 2010-05-22 11:01 - 127951849 _____ () C:\Program Files\openofficeorg1.cab
2010-05-22 11:05 - 2010-05-22 11:05 - 3093504 _____ () C:\Program Files\openofficeorg32.msi
2010-05-22 10:13 - 2010-05-22 10:13 - 0000290 _____ () C:\Program Files\setup.ini
2011-01-17 12:33 - 2014-04-16 20:55 - 0006144 _____ () C:\Users\Celia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-14 20:29 - 2010-12-14 20:29 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Celia\AppData\Local\Temp\libeay32.dll
C:\Users\Celia\AppData\Local\Temp\msvcr120.dll
C:\Users\Celia\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-18 16:37
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version:18-05-2016
Ran by Celia (2016-05-19 18:23:42)
Running from C:\Users\Celia\Downloads\Programs Etc
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2010-05-23 04:09:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3979224096-2494383751-3139044533-500 - Administrator - Disabled)
Celia (S-1-5-21-3979224096-2494383751-3139044533-1005 - Administrator - Enabled) => C:\Users\Celia
Guest (S-1-5-21-3979224096-2494383751-3139044533-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3979224096-2494383751-3139044533-1006 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 21 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{28ED482A-56DB-47D9-8D9E-990FA8CD7D3D}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk Pixlr (HKLM\...\Autodesk Pixlr) (Version: 1.0.3.0 - Autodesk)
Autodesk Pixlr (Version: 1.0.3.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.01(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
DocuPrint P115 w (HKLM\...\{92EA7FDC-323F-406F-BEE9-601B8EB1E209}) (Version: 1.0.0.0 - Fuji Xerox)
Dolby Control Center (HKLM\...\{87725CEF-1BC6-47C5-B2CD-96DD6D392EE3}) (Version: 2.2.1 - Dolby)
Dropbox (HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
DVD MovieFactory for TOSHIBA (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
DVD MovieFactory for TOSHIBA (Version: 7.0.0 - Corel Corporation) Hidden
ENE CIR Receiver Driver (HKLM\...\D751CB2FD39EE07639D08542EEF9BF77AD1D9696) (Version: 2.7.4.1 - ENE)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version: - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HDMI Control Manager (HKLM\...\{F81AB80B-5BB7-4E36-8BA5-E07541CE1BFC}) (Version: 2.0 - TOSHIBA CORPORATION)
iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.0.1037 - Intel Corporation)
Intel® Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
InterVideo WinDVD BD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.153 - InterVideo Inc.)
InterVideo WinDVD BD for TOSHIBA (Version: 8.0.20.153 - InterVideo Inc.) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{B8032A6B-C4D0-4744-B75F-9DDCB56B5C6F}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.34.2 - JMicron Technology Corp.)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 46.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 46.0.1 (x86 en-GB)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 en-US) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 en-US)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.56.34 - NVIDIA Corporation)
NVIDIA PhysX (HKLM\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{86F2B095-3998-41D5-833D-1C5075300950}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5928 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.11.0 - Synaptics Incorporated)
Telstra Mobile Broadband Manager (HKLM\...\Telstra Mobile Broadband Manager) (Version: 3.0.514 - Telstra)
Telstra Mobile Broadband Manager (Version: 3.0.514 - Telstra) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.12 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM\...\InstallShield_{6B81F4D9-A640-4081-A01D-7CB37F5DF4A4}) (Version: 1.5.05.32 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.25 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.1.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}) (Version: 1.1.12.0 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.16C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.3 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.4 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.0.0 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM\...\InstallShield_{921F22A4-290B-4B6C-9E8E-B50B58F18ED0}) (Version: 1.5.07.32 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1.0 - TOSHIBA CORPORATION)
TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: 1.00.2518 - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
TOSHIBA USB Sleep and Charge Utility (HKLM\...\{E487EE7D-EAAA-4E2A-9116-E3B477D8A74F}) (Version: 1.3.2.0 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.2.32 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.9 - TOSHIBA Corporation)
Utility Common Driver (Version: 1.0.50.27C - TOSHIBA) Hidden
Windows Driver Package - Cmotech (cmusbnet) Net (06/11/2007 2.0.0.9) (HKLM\...\E7E257830CD4614E7CF1B3792DF19B85FE5E7BE7) (Version: 06/11/2007 2.0.0.9 - Cmotech)
Windows Driver Package - Cmotech Modem (12/13/2006 2.0.3.5) (HKLM\...\5E8F128761A9B07EC2DEC909F167D92DB8B3A348) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Driver Package - Cmotech Ports (12/13/2006 2.0.3.5) (HKLM\...\6A032F4180B5A0E8F4BC27384D0A423B2595A785) (Version: 12/13/2006 2.0.3.5 - Cmotech)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Celia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3979224096-2494383751-3139044533-1005_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Celia\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B38A649-9F1E-4712-8144-F630B3FFA3EF} - System32\Tasks\{2B304DAF-75E8-4FD3-B03F-39DF58D79679} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12002
Task: {100C92C3-AE05-4B8A-A7D6-B268F8483060} - System32\Tasks\{FB271578-E767-4C96-91CE-B4C000C33CAE} => pcalua.exe -a C:\Users\Celia\Documents\erunt\ERUNT.EXE -d C:\Users\Celia\Documents\erunt
Task: {20E58FCF-A260-45C3-94C0-A9E72DBF7C83} - System32\Tasks\{55F00A89-B569-4BDD-8552-B5975366E7C1} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12007
Task: {31CFACD6-DBED-4CDF-B6DA-8233C9BA6C16} - System32\Tasks\{54B69217-9D97-4C3E-A327-3C9D6F79C5B5} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12002
Task: {35086492-74B9-4CE1-A89C-4A79505A5523} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-23] (Adobe Systems Incorporated)
Task: {439B1BB6-027E-4252-A0D4-20F91E4231FF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-14] (Adobe Systems Incorporated)
Task: {478E14C3-B8CC-4F1A-9EAD-48BC6ED82405} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {49E12645-39F8-47B5-A988-DC9DCCB4C5FA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005UA => C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {50EA36FF-C896-4BA6-9921-0C2B86B61EEF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-09] (AVAST Software)
Task: {558A8A80-5ABD-4AB2-A9A0-FD934894F016} - System32\Tasks\{A73BF785-3482-41CB-9F03-987DDC76B215} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12007
Task: {678AF2BF-115A-4B36-8764-F808D8F8CC3E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005Core => C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {78206B44-8E2D-49BA-85F4-1BEA4E218FA8} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2009-10-29] (TOSHIBA CORPORATION)
Task: {7E6B6E1A-4C4A-49FE-A76E-CCB4CF2AE46D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DE0F58E-5167-426E-9CAA-AE001F7FF8E6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-06] (Avast Software s.r.o.)
Task: {8F811ACF-3913-4EAA-BAE9-1B32CA4DFFFF} - System32\Tasks\{ECA42B9B-347C-41A3-B74A-63066582EB8F} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {9B73DDB4-B5AE-485E-B7DF-B2A12B35478B} - System32\Tasks\{3A395E62-8C9D-47E0-A386-F6F563BE7108} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12002
Task: {9DA78D71-DE3A-467D-B672-DF2012DAB5CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B4C43DAF-26A8-4683-9F55-1A045F849315} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B8EB98D3-AAFB-4E5A-B617-6D443BAF002B} - System32\Tasks\{75B8B063-98D4-450A-8604-51F18CE5B7FC} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.0.0.152.259&LastError=12007
Task: {CB8D353A-D93A-496F-8E45-57851864164D} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005Core.job => C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3979224096-2494383751-3139044533-1005UA.job => C:\Users\Celia\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-02 09:45 - 2015-07-02 09:45 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-02 09:45 - 2015-07-02 09:45 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-05-18 09:02 - 2016-05-18 09:02 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\16051703\algo.dll
2016-05-19 14:28 - 2016-05-19 14:28 - 02909696 _____ () C:\Program Files\AVAST Software\Avast\defs\16051802\algo.dll
2015-07-02 09:45 - 2015-07-02 09:45 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-16 10:06 - 2016-04-20 05:47 - 00034768 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-05-16 10:09 - 2016-04-20 05:48 - 00019408 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-05-16 10:09 - 2016-04-20 05:47 - 00116688 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-05-16 10:06 - 2016-04-20 05:47 - 00093640 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-05-16 10:05 - 2016-04-20 05:47 - 00018376 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\select.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00019760 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00105928 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-05-16 10:09 - 2016-04-20 05:47 - 00392144 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-05-16 10:05 - 2016-05-07 08:35 - 00381752 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-05-16 10:05 - 2016-04-20 05:47 - 00692688 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00020816 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-05-16 10:05 - 2016-04-20 05:48 - 00121296 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 01682760 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00020808 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-05-16 10:06 - 2016-05-07 08:35 - 00021840 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00038696 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-05-16 10:09 - 2016-04-20 05:49 - 00020936 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00024528 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00114640 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00124880 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-05-16 10:06 - 2016-05-07 08:35 - 00021832 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00024016 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00175560 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00030160 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00043472 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00028616 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00048592 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00026456 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00057808 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00024016 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00117056 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00052024 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-05-16 10:06 - 2016-04-20 05:47 - 00134608 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-05-16 10:09 - 2016-04-20 05:47 - 00134088 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-05-16 10:09 - 2016-04-20 05:48 - 00240584 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00020800 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00021824 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00019776 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00020800 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00024392 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-05-16 10:09 - 2016-04-20 05:50 - 00036296 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\librsync.dll
2016-05-16 10:09 - 2016-05-07 08:34 - 00020280 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00023376 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00350152 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-05-16 10:05 - 2016-05-07 08:35 - 00022352 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00084280 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-05-16 10:09 - 2016-05-07 08:34 - 01826096 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-05-16 10:05 - 2016-04-20 05:48 - 00083912 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\sip.pyd
2016-05-16 10:09 - 2016-05-07 08:35 - 03928880 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 01971504 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00531248 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-05-16 10:09 - 2016-05-07 08:35 - 00132912 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-05-16 10:09 - 2016-05-07 08:35 - 00223544 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-05-16 10:09 - 2016-05-07 08:34 - 00207672 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-05-16 10:05 - 2016-04-20 05:49 - 00060880 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-05-16 10:06 - 2016-05-07 08:35 - 00024904 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-05-16 10:09 - 2016-05-07 08:35 - 00546096 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-05-16 10:09 - 2016-05-07 08:35 - 00357680 _____ () C:\Users\Celia\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-04-14 16:51 - 2016-04-14 16:51 - 19403968 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 12:04 - 2010-11-07 22:47 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3979224096-2494383751-3139044533-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Celia\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.222.222 - 4.2.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: cfWiMAXService => 2
MSCONFIG\Services: ConfigFree Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Thpsrv => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TosCoSrv => 2
MSCONFIG\Services: TOSHIBA Bluetooth Service => 3
MSCONFIG\Services: TOSHIBA eco Utility Service => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: TPCHSrv => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\startupreg: 00TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BigPondWirelessBroadbandCM => "C:\Program Files\Telstra\Mobile Broadband Manager\TelstraUCM.exe" -tsr
MSCONFIG\startupreg: HDMICtrlMan => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: HWSetup => "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KeNotify => C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RESTART_STICKY_NOTES => C:\Windows\System32\StikyNot.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
MSCONFIG\startupreg: SmoothView => %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SVPWUTIL => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Teco => "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
MSCONFIG\startupreg: ThpSrv => C:\windows\system32\thpsrv /logon
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosNC => %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TRCMan => C:\Program Files\TOSHIBA\TRCMan\TRCMan.exe
MSCONFIG\startupreg: TUSBSleepChargeSrv => %ProgramFiles%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{43EE8DAD-6C08-4D4E-A02E-83E87E210F76}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{48E9EF0B-D6A0-4B37-8A77-A0D5E559C069}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5BC84C22-28FA-49B0-B0C2-5618EEF78011}] => (Allow) svchost.exe
FirewallRules: [{0776B301-7894-4F75-AD67-39CE0AA9578E}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{35994984-9113-43EC-B221-897E9FF8093A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{398A4635-3BF2-4AE7-8CE4-E0E6D8CB8A08}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ABAC755B-E812-4608-AB1E-D5F1A55B3B6F}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1A79D5E8-BF8A-4693-B8B7-6BB0D92AB15F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6CF2275A-E7C7-4E74-8ECD-2160CB7C80B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8D3CB989-BD6C-4058-B2DD-D2DA7AAF9CA5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{59AED1AD-95B2-4418-A754-6397BD0854D4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{3F6C9FC6-6D8C-470D-8D4D-455E72FBB786}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{C64A311B-BDEC-4252-8F2E-ED7DE77D3B9E}] => (Allow) C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0595BB65-7C9F-44CC-B383-973AFB9BCD62}] => (Allow) C:\Users\Celia\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7487962A-F6D1-49AB-8E5F-069E7A3D5CE5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AA577E95-76B6-4AF3-89F7-D83164940089}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{95EE430E-0D9F-4742-B9BE-E392A8D4A2D9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B4626FE5-9588-46FC-B459-CBFCF574276E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
==================== Restore Points =========================
11-05-2016 16:22:07 Scheduled Checkpoint
12-05-2016 20:18:25 Windows Update
13-05-2016 09:42:23 Windows Update
16-05-2016 09:58:33 Windows Update
17-05-2016 09:13:57 Windows Update
17-05-2016 15:49:06 Windows Update
18-05-2016 09:01:28 Windows Update
18-05-2016 17:10:35 Windows Update
19-05-2016 08:47:15 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/19/2016 12:37:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9532
Error: (05/19/2016 12:37:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9532
Error: (05/19/2016 12:37:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/19/2016 08:46:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37963124
Error: (05/19/2016 08:46:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37963124
Error: (05/19/2016 08:46:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/19/2016 08:46:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37962048
Error: (05/19/2016 08:46:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 37962048
Error: (05/19/2016 08:46:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/19/2016 08:46:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37961049
System errors:
=============
Error: (05/19/2016 12:24:49 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
Error: (05/19/2016 08:54:22 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3042058).
Error: (05/19/2016 08:50:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3071756).
Error: (05/19/2016 08:50:18 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3080149).
Error: (05/19/2016 08:50:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3068708).
Error: (05/19/2016 08:49:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3126587).
Error: (05/19/2016 08:49:26 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3061518).
Error: (05/19/2016 08:49:17 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Update for Windows 7 (KB3040272).
Error: (05/19/2016 08:49:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80073712: Security Update for Windows 7 (KB3060716).
Error: (05/18/2016 05:26:54 PM) (Source: iaStor) (EventID: 9) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.
==================== Memory info ===========================
Processor: Intel® Core i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 3061.59 MB
Available physical RAM: 821.47 MB
Total Virtual: 6121.51 MB
Available Virtual: 3203.86 MB
==================== Drives ================================
Drive c: (S3A8113D003) (Fixed) (Total:583.45 GB) (Free:431.66 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 230D9B41)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=583.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=17)
==================== End of Addition.txt ============================