I have been trying to get rid of an virus or malware called pckeeper from my computer...Looking for help.
Thank you.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Bonnie (administrator) on BONNIESDESKTOP on 28-09-2014 22:10:50
Running from C:\Users\Bonnie\Desktop
Loaded Profiles: Bonnie & AdministratorBonnie & UpdatusUser & (Available profiles: Bonnie & AdministratorBonnie & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-05] (KARPOLAN)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-15] (Glarysoft Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\MountPoints2: {0158e630-0acd-11e1-a35f-f80f411ea9c3} - I:\LaunchU3.exe -a
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-05] (KARPOLAN)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-15] (Glarysoft Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0158e630-0acd-11e1-a35f-f80f411ea9c3} - I:\LaunchU3.exe -a
HKU\S-1-5-21-771612026-841732212-226713872-1005\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()
HKU\S-1-5-21-771612026-841732212-226713872-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x804D056B3ED5CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/we...&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {C050A3B4-59E7-42B1-9956-369806F31D20} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Bonnie\AppData\Roaming\Mozilla\Firefox\Profiles\nq483etu.default-1411263639149
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Bonnie\AppData\Roaming\Mozilla\Firefox\Profiles\nq483etu.default-1411263639149\searchplugins\safesearch.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-24]
Chrome:
=======
CHR Profile: C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\Exts\Chrome.crx [2014-09-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-18] (SurfRight B.V.)
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
S4 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-19] (Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-09-09] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140926.003\IDSvia64.sys [633560 2014-09-19] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140928.002\ENG64.SYS [129752 2014-09-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140928.002\EX64.SYS [2137304 2014-09-22] (Symantec Corporation)
S3 PcdrNdisuio; No ImagePath
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2014-09-24] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 22:10 - 2014-09-28 22:11 - 00017131 _____ () C:\Users\Bonnie\Desktop\FRST.txt
2014-09-28 22:10 - 2014-09-28 22:10 - 00000000 ____D () C:\FRST
2014-09-28 22:06 - 2014-09-28 22:07 - 02108928 _____ (Farbar) C:\Users\Bonnie\Desktop\FRST64.exe
2014-09-28 21:41 - 2014-09-28 21:41 - 00001898 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-28 01:10 - 2014-09-28 01:10 - 00000831 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-25 02:27 - 2014-09-25 02:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 20:19 - 2014-09-24 20:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnie\Downloads\SpyHunter-Installer.exe
2014-09-24 16:13 - 2014-09-24 16:13 - 00000020 _____ () C:\Windows\system32\Drivers\SMR430.dat
2014-09-24 15:34 - 2014-09-24 16:13 - 00108216 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR430.SYS
2014-09-24 15:33 - 2014-09-24 15:34 - 03060320 ____N (Symantec Corporation) C:\Users\Bonnie\Downloads\NPE.exe
2014-09-22 22:59 - 2014-09-28 13:55 - 00147873 ____N () C:\Windows\WindowsUpdate.log
2014-09-20 21:40 - 2014-09-20 21:40 - 00000000 ____D () C:\Users\Bonnie\Desktop\Old Firefox Data
2014-09-20 21:27 - 2014-09-24 19:49 - 00000000 ____D () C:\Users\Bonnie\Desktop\Logs removing pckeeper.app.zeobit virus
2014-09-20 21:15 - 2014-09-20 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrayStatus
2014-09-20 21:15 - 2014-09-20 21:15 - 00000000 ____D () C:\Program Files (x86)\TrayStatus
2014-09-20 21:13 - 2014-09-20 21:13 - 00647080 _____ (Binary Fortress Software ) C:\Users\Bonnie\Downloads\TrayStatusSetup-1.2.3.exe
2014-09-20 21:11 - 2014-09-20 21:11 - 00699016 _____ (CNET Download.com) C:\Users\Bonnie\Downloads\cbsidlm-cbsi213-TrayStatus-SEO-75167720(1).exe
2014-09-20 21:09 - 2014-09-20 21:09 - 00699016 _____ (CNET Download.com) C:\Users\Bonnie\Downloads\cbsidlm-cbsi213-TrayStatus-SEO-75167720.exe
2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 23:33 - 2014-09-19 23:33 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-09-19 23:22 - 2014-09-19 23:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-09-19 23:22 - 2014-09-19 23:22 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-09-19 23:22 - 2014-09-19 23:22 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-09-19 23:22 - 2014-09-19 23:22 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-09-19 23:19 - 2014-09-19 23:19 - 01021632 _____ (Symantec Corporation) C:\Users\Bonnie\Downloads\Norton_Download_Manager.exe
2014-09-19 23:09 - 2014-09-19 23:09 - 00869456 _____ () C:\Users\Bonnie\Downloads\Norton_Removal_Tool.exe
2014-09-19 21:18 - 2014-09-25 16:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 21:18 - 2014-09-19 21:18 - 00001164 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-19 21:18 - 2014-09-19 21:18 - 00001152 _____ () C:\Users\Public\Desktop\Mozilla Firefox 32.lnk
2014-09-18 22:34 - 2014-09-18 22:34 - 00002232 _____ () C:\Windows\system32\.crusader
2014-09-18 21:38 - 2014-09-18 21:38 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-16 22:54 - 2014-09-16 22:54 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Foxit Software
2014-09-15 21:30 - 2014-09-16 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2014-09-15 21:27 - 2014-09-15 21:27 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Foxit PhantomPDF
2014-09-15 21:25 - 2014-09-15 21:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 20:03 - 2014-09-15 21:30 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-09-15 20:02 - 2014-09-16 22:54 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-09-09 19:36 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-09 19:36 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-09 19:36 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-09 17:46 - 2014-08-15 11:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 17:46 - 2014-08-15 11:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 17:46 - 2014-08-15 11:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 17:46 - 2014-08-15 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 17:46 - 2014-08-15 11:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 17:46 - 2014-08-15 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 17:46 - 2014-08-15 11:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-09 17:46 - 2014-08-15 11:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 17:46 - 2014-08-15 11:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-09 17:46 - 2014-08-15 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 17:46 - 2014-08-15 11:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 17:46 - 2014-08-15 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-09 17:46 - 2014-08-15 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-09 17:46 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 17:46 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 17:46 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 17:46 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 17:46 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 17:46 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 17:46 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 17:46 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 17:46 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-09 17:46 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-09 17:23 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-09 17:23 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 17:20 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-09 17:20 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-09 17:20 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-09 17:20 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-09 17:20 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-09 17:20 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-09 17:19 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-09 17:19 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-09 17:17 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 17:17 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-09 17:17 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 17:17 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 17:17 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 17:17 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 17:17 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-09 17:17 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-09 17:17 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-09 17:16 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 17:16 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 17:15 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 17:15 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 17:15 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:15 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 17:15 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-09 17:15 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-09 17:15 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-09 17:15 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-09 17:15 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-09 14:50 - 2014-09-28 21:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 14:50 - 2014-09-11 04:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 14:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-09 14:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-09 14:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-09 14:47 - 2014-09-09 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bonnie\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 10:50 - 2014-09-09 13:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-03 00:42 - 2014-09-24 16:05 - 00000000 ____D () C:\NPE
2014-09-02 23:40 - 2014-09-02 23:40 - 00000000 _____ () C:\autoexec.bat
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 20:54 - 2013-09-15 21:28 - 00578560 ___SH () C:\Users\Bonnie\Desktop\Thumbs.db
2014-09-28 20:08 - 2011-10-03 02:43 - 00000000 ____D () C:\Users\Bonnie\Documents\My Files
2014-09-28 01:10 - 2013-08-28 14:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 01:03 - 2014-05-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-26 20:03 - 2011-10-03 01:39 - 00000000 ___RD () C:\Users\Bonnie\Desktop\Unused Shortcut Folder
2014-09-25 20:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 05:00 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 05:00 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 16:13 - 2013-02-25 23:12 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\NPE
2014-09-24 16:12 - 2013-05-14 20:21 - 00000000 ___RD () C:\Users\Bonnie\Desktop\COMPUTER CLEANERS
2014-09-24 16:05 - 2014-05-16 21:20 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-24 16:04 - 2011-10-05 00:42 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-09-24 16:04 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 19:09 - 2012-06-11 19:09 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2014-09-21 18:10 - 2011-10-17 23:24 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\CrashDumps
2014-09-20 21:24 - 2013-08-20 20:03 - 00000000 ____D () C:\AdwCleaner
2014-09-20 19:22 - 2013-01-25 22:18 - 00000000 ____D () C:\Users\AdministratorBonnie
2014-09-20 12:26 - 2012-02-01 11:20 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\LogMeIn Rescue Applet
2014-09-19 23:33 - 2012-12-14 22:32 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-19 23:33 - 2012-12-14 22:31 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-19 23:22 - 2012-12-14 22:32 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-09-19 23:22 - 2012-12-14 22:09 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-09-19 23:22 - 2011-03-31 05:24 - 00000000 ____D () C:\ProgramData\Norton
2014-09-19 16:39 - 2013-09-16 17:08 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-09-18 22:39 - 2013-05-11 14:04 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-18 20:15 - 2012-08-06 17:56 - 00007149 _____ () C:\Windows\InstText.ini
2014-09-17 22:43 - 2013-05-14 23:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-17 21:00 - 2013-11-26 15:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 22:41 - 2014-05-16 21:20 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-09-16 22:40 - 2014-05-16 21:20 - 00002986 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-09-16 22:40 - 2014-05-16 21:20 - 00002644 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-09-16 22:36 - 2014-03-25 17:51 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\DiskDefrag
2014-09-15 19:49 - 2014-05-27 20:13 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-15 19:49 - 2014-05-27 20:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 02:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-09 20:45 - 2014-05-16 21:20 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-09-09 19:42 - 2013-07-18 11:56 - 00307848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-09 19:24 - 2014-04-29 19:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 18:04 - 2011-10-03 05:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 17:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-09 17:43 - 2013-12-02 17:35 - 00797394 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-09 17:43 - 2009-07-14 01:13 - 00797394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 17:40 - 2013-07-19 17:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 16:37 - 2014-08-05 20:09 - 00000042 _____ () C:\Users\Bonnie\Desktop\IdentityWord.txt
2014-09-09 13:51 - 2011-10-02 19:05 - 00000000 ____D () C:\Users\Bonnie
2014-09-09 13:49 - 2011-10-10 14:46 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-09 13:49 - 2011-03-31 05:24 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-09 13:49 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-09 13:49 - 2010-11-21 03:16 - 00000000 ____D () C:\Windows\ShellNew
2014-09-09 13:48 - 2014-05-16 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-09-09 13:48 - 2014-04-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 13:48 - 2013-05-22 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 13:48 - 2011-10-18 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2014-09-09 13:48 - 2011-10-05 01:18 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 13:48 - 2011-10-05 00:42 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-09-09 13:48 - 2011-10-03 05:29 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Microsoft Help
2014-09-09 13:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-09-09 13:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-09 13:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-09-09 13:39 - 2012-09-27 17:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 13:38 - 2011-10-03 05:27 - 00000000 __RHD () C:\MSOCache
2014-08-29 13:01 - 2011-10-04 11:37 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Bonnie\nircmd.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 01:19
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Bonnie at 2014-09-28 22:11:58
Running from C:\Users\Bonnie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.2.0 - Auslogics Labs Pty Ltd)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Brother MFL-Pro Suite MFC-J615W (HKLM-x32\...\{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version: - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.2.4 - WildTangent)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0221.2011 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom 3 Collector's Edition (HKLM-x32\...\BFG-Fishdom 3 Collector's Edition) (Version: - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Glary Utilities Pro 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Glary Utilities PRO 5.8 (HKLM-x32\...\Glary Utilities 5) (Version: 5.8.0.15 - Glarysoft Ltd)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Mysteries 2 Trail of the Midnight Heart (remove only) (HKLM-x32\...\Jewel Quest Mysteries 2 Trail of the Midnight Heart) (Version: - )
Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Express 7.0 (HKLM-x32\...\{369B36BE-3D64-4641-9AEA-808D436FE130}) (Version: 7.0.0.0000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10800.6.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OI App Manager (HKLM-x32\...\OI App Manager) (Version: - Optimum Installer)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF to JPG Converter Free 7.2.1 (HKLM-x32\...\PDF to JPG Converter Free_is1) (Version: - PDFAura, Inc.)
PDF to Word Converter Free 7.2.1 (HKLM-x32\...\PDF to Word Converter Free_is1) (Version: - PDFAura, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ATTENTION
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Smileycons 6.0.1 (HKLM-x32\...\Smileycons_is1) (Version: 6.0.1 - Cloudeight Internet, LLC.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncBack (HKLM-x32\...\SyncBack_is1) (Version: - 2BrightSparks)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
Taskbar Shuffle version 2.5 (HKLM-x32\...\Taskbar Shuffle_is1) (Version: 2.5 - Jay Elaraj)
Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Wise Program Uninstaller 1.11 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: - WiseCleaner.com, Inc.)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
07-09-2014 09:00:42 Windows Backup
08-09-2014 09:01:43 Windows Backup
09-09-2014 03:51:38 Windows Update
09-09-2014 09:00:51 Windows Backup
09-09-2014 17:34:37 Restore Operation
09-09-2014 18:02:18 Windows Backup
09-09-2014 20:00:03 Windows Backup
09-09-2014 20:43:33 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
09-09-2014 21:18:30 Windows Update
09-09-2014 23:36:19 Windows Update
10-09-2014 09:00:30 Windows Backup
11-09-2014 09:01:29 Windows Backup
12-09-2014 09:01:18 Windows Backup
13-09-2014 09:00:38 Windows Backup
14-09-2014 09:00:30 Windows Backup
15-09-2014 09:00:26 Windows Backup
16-09-2014 09:00:43 Windows Backup
17-09-2014 02:26:18 Revo Uninstaller Pro's restore point - Foxit PhantomPDF Standard
17-09-2014 02:31:43 Revo Uninstaller Pro's restore point - Foxit Reader
17-09-2014 02:32:26 Revo Uninstaller Pro's restore point - Foxit Cloud
17-09-2014 02:33:16 Revo Uninstaller Pro's restore point - Foxit Reader
17-09-2014 09:00:21 Windows Backup
18-09-2014 02:38:57 Revo Uninstaller Pro's restore point - Catalina Savings Printer
18-09-2014 02:43:04 Revo Uninstaller Pro's restore point - Revo Uninstaller 1.95
18-09-2014 09:00:20 Windows Backup
19-09-2014 02:33:29 Checkpoint by HitmanPro
19-09-2014 02:34:28 Checkpoint by HitmanPro
20-09-2014 02:25:22 Norton Security Suite Registry
20-09-2014 09:00:44 Windows Backup
21-09-2014 00:43:25 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:47:05 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:48:38 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:50:32 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 01:03:06 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 09:00:46 Windows Backup
22-09-2014 09:00:25 Windows Backup
23-09-2014 09:00:35 Windows Backup
24-09-2014 09:00:25 Windows Backup
24-09-2014 20:36:11 malwaretips.com Preparing for Malware Removal Assistance
25-09-2014 09:00:24 Windows Backup
26-09-2014 09:00:23 Windows Backup
27-09-2014 09:00:58 Windows Backup
28-09-2014 09:00:21 Windows Backup
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2011-12-30 23:06 - 00440010 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {005C54FD-7033-41B8-990F-DF0284C1BB08} - System32\Tasks\{1181BCAC-D8CB-4880-9E21-5F04732D322F} => C:\Users\Bonnie\Documents\My Documents\MY DOWNLOADS\Diskkeeper\Home\Diskeeper2007_Home.exe
Task: {01CF0FB0-0CF8-487C-951E-ECB763F3EF07} - System32\Tasks\{78021533-3DD2-468F-9AB8-6429AAC2734D} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {02E195C3-7DDD-44D5-A14B-8E4CC541BE07} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0A203C94-FD6E-42B2-8627-2A3EE939663C} - System32\Tasks\{D1889722-80ED-4848-9463-841FE057C6BC} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {0F0DAD4F-8FDA-4D59-A4CB-03D4EA78C4A6} - System32\Tasks\{885113B5-2ED3-4714-8BB5-FD8E4A899449} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {14136F15-4ED6-46E0-994B-BC70AC37F20A} - System32\Tasks\{F5C18D0F-079E-412C-BB61-8D52F74FD568} => D:\setup.EXE
Task: {1BFF1054-75E3-4AD7-8E93-4882253B17DB} - System32\Tasks\{D1FBB1F5-49C9-44E9-A1BC-C50684CF6CD6} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {1D6BC3AC-190C-4F36-A391-D46A02282C80} - System32\Tasks\{DADB5956-372E-4C40-8C0E-158B4491F10F} => D:\setup.EXE
Task: {1EF7752C-578B-4328-9131-0FF30DCFA163} - System32\Tasks\{CD57DFD8-5280-44BF-86EA-17A99FE302D9} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {20E73B6F-FE38-4CF3-91BD-EFDEFA3BCC28} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {21A2387A-25E9-4E87-908B-D1192D249A77} - System32\Tasks\{5DA47900-3260-47DD-B22D-D2F5B94AF490} => D:\setup.EXE
Task: {229347CA-53D0-452B-9FF2-40D558E07EAE} - System32\Tasks\{10B5CA08-0E11-4F81-936F-3C046642181A} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {244B04DC-E2D7-41B8-8B99-8BE06E7A8F13} - System32\Tasks\{EE955390-3F60-45ED-8525-C9C00D75B803} => D:\setup.EXE
Task: {2823B864-5642-48EB-AE49-3B7BCB23F50B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {28551FDD-A3D0-4635-8ACB-30E9187AF6B0} - System32\Tasks\{DF40AE23-B20F-4072-8529-5E929F3FE671} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {2A66ADBF-8BCB-4C03-9D7A-A834A8164BE4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2B812EFC-F5A8-4A98-A8BA-7653B63D6D2B} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
Task: {2EBEC7CA-ECF8-4ABA-9CBE-1C7C9606A4F7} - System32\Tasks\{E1BE30F4-9440-4A02-A5CE-AEB21C5A8A1E} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {34908596-B4E3-43E9-B772-882F69004B2E} - System32\Tasks\{A978A120-4746-4791-B1C3-2D041F8873B9} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {396085F4-9AAB-4703-81F3-63D3BB55B69A} - System32\Tasks\{95C4CCFE-997B-4C07-BC1A-30777DF19956} => D:\setup.EXE
Task: {3D87E10B-3E08-4E97-B2C7-CC0935D29991} - System32\Tasks\{1424C2DE-C1A4-4F5E-AD11-349677A3A35A} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {3E4D01AE-A990-4615-A360-3E5E58EAA4D0} - System32\Tasks\{98553DEC-C798-43D4-8B0D-E4E5D8D6CB74} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {3EE16EF7-C825-4D41-98CF-B8CF64324477} - System32\Tasks\{5987C26C-AA54-48A2-A664-AE30AC8BF764} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {3FF24F59-084C-4D96-872A-8DE07DB4AF19} - System32\Tasks\{624E4B65-6B11-44A9-8729-2984CD9033C0} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {41275674-A092-4D96-932C-ECEDCAC44EF3} - System32\Tasks\{BE8A86CE-F509-45AC-B703-053B45F0BB91} => C:\Program Files (x86)\Diskeeper Corporation\Diskeeper Home Setup\setup.exe [2005-11-30] (Diskeeper Corporation )
Task: {4B2F5DB4-D1B2-4D75-9021-A10C9BFEFF20} - System32\Tasks\{B944948B-12D1-4120-BFDC-0C9AFF032AFA} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {4D63B953-4A4A-4A7A-B537-EA3B3214D098} - System32\Tasks\{F2C41C5E-57AB-4668-A6F4-6BB6F00AEC91} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {4ECFBF3A-43E8-4400-BB0E-D0128D53E0C4} - System32\Tasks\{D15F2DE9-C80D-4EEB-8EA0-25FCC5C168C7} => D:\setup.EXE
Task: {5107C225-7621-4197-9EF0-5969F47F345E} - System32\Tasks\{F083FD2E-2778-4D74-B7FB-D96CB9B232A4} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {52BCE7A9-EFC5-4416-83C6-074826F27F11} - System32\Tasks\{02102791-0E88-47C0-9376-1DFAC811AAF0} => C:\Program Files (x86)\Red NoteBook\RedNoteBook.exe
Task: {56CBE756-EC54-4FE5-9F6C-58316390F5C6} - System32\Tasks\{EFCF6EBF-B68A-4F9F-9DCB-220F75223D32} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {5CB043BD-BC5D-4EA5-A102-648FFCA13796} - System32\Tasks\{127E40D2-3A41-4ABE-99CC-465B9B41F62C} => C:\Users\Bonnie\Documents\My Documents\MY DOWNLOADS\Diskkeeper\Home\Diskeeper2007_Home.exe
Task: {5DB949BA-34AA-441D-AD81-18F91B99D76D} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {5E84F1E3-A14E-4B48-91AB-C90B32266631} - System32\Tasks\{C14989A3-2700-4E30-9023-D7682E02E113} => Firefox.exe
Task: {6A83CA1A-D5C5-4411-93A3-0C483CC7C73B} - System32\Tasks\{D422B7DD-16B5-44EE-B771-1CE23499ADD3} => D:\setup.EXE
Task: {6BA56A18-BD9B-454F-8E09-BA2A43A22130} - System32\Tasks\4784 => Wscript.exe C:\Users\Bonnie\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {6E2756BA-2CF6-48A0-AFC1-FBD549825232} - System32\Tasks\{25F30E5F-4ACF-4D01-8932-D685C6A9EE4C} => D:\setup.EXE
Task: {6E9C0CC2-CACE-44CA-8113-EB13B58EE2BB} - System32\Tasks\{A051D7F4-1A47-4039-A675-6295654E8310} => D:\setup.EXE
Task: {71966F80-F87D-4471-B186-91A9B41CF035} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {73F6BD11-8D5E-426D-A635-6B9E4B1FA613} - System32\Tasks\{7E2ECE1B-3B86-45BD-B17E-69D1F1A9A02D} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {7CD9BBD6-BF86-46EA-9EFC-BD546D999713} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-09-15] (Glarysoft Ltd)
Task: {7DD87CCF-F3E2-4026-8CCA-A2CD86DDC64D} - System32\Tasks\{2DE4ED84-1AC0-4257-AB07-D96419F5901B} => D:\setup.EXE
Task: {82E77FA2-ABE1-41C4-869D-0B7D9C4322B0} - System32\Tasks\{D6B2A86E-946D-4302-9E81-FE6F7FB91912} => D:\setup.EXE
Task: {8843BA86-370D-49F5-95B8-A8BA034F6EEB} - System32\Tasks\{1939B359-923B-4268-8C16-8A82560BA817} => C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe [2002-07-16] (Microsoft Corporation)
Task: {A06C0437-D61B-4604-9E57-89CA888FC67B} - System32\Tasks\{D5D883E4-A6C3-40D3-B7F3-1630B2CB4109} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {A1F3D497-F863-449B-950F-D6204306BA0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A58C1ADC-E89D-45B4-B8FD-A9FE09B6F7AE} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A65792EC-192A-4C73-8DEA-1A6931657EBF} - System32\Tasks\{FEEC14F1-CF79-4BF2-89D8-1EF62F7A9806} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {AB2D2730-AC2B-450C-BE4C-491C5598401E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-09-15] (Glarysoft Ltd)
Task: {AE281D89-B0C6-48BB-9229-30DBD95E4131} - System32\Tasks\{9D35A7B8-4DE2-4DEE-AED3-42C6AE1384B6} => Iexplore.exe http://ui.skype.com/ui/0/5.0.0.152....notincluded,google-chrome:notoffered;disabled
Task: {AF1308D6-7891-4B5E-B511-C9DD41CDF365} - System32\Tasks\{188224B7-A15A-4A69-ACD5-E1F615874B12} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {AF475D40-3DB6-4578-80A1-0511C29F15A4} - System32\Tasks\{2E59B992-B257-4211-834F-D44CE9350E29} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {AF61526E-DBDB-482A-AB7E-715ECE89ED03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {AFE9B32B-A030-4DDF-B100-525726F59E92} - System32\Tasks\{5E2EAD77-CC79-4972-A7A0-F195E0630C75} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {BABFBD1E-AB51-4480-97BC-8547C12D5B13} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {BAF587D9-98E9-4ADE-A81C-3DC63A28C4D0} - System32\Tasks\{0FF32535-1A25-4C18-B742-456267A37CD8} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {BD3F31B5-9366-4BB8-9ECA-307A7346BBDE} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {BED4553F-124E-4F62-BEB8-B9E9B7C61FC5} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {C2BD4DAC-A056-44BB-9183-71BEC7019EF4} - System32\Tasks\{DC048564-AC99-4F8C-952D-C8BF02F050A7} => Firefox.exe
Task: {C2CA6603-93E9-4D24-834F-81AAEE24ACC2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {C6A751A7-91C8-4C3D-B304-76FD4EF0D36F} - System32\Tasks\{D8515773-F0F0-4B6F-B587-AD814F7B3303} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {CAF2F3BD-6266-404D-900D-AA8B3C4227BB} - System32\Tasks\{9CD62E55-23DE-4093-B247-27580ECBD21A} => D:\setup.EXE
Task: {CD2A73BC-627D-4A9C-A9A5-EF37D6D65002} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DC9A60F4-4FA6-4A0A-922A-322676E82E2F} - System32\Tasks\{5AF99C23-3439-4E48-A006-660CDF6F9EBC} => C:\Users\Bonnie\Documents\My Files\MY DOWNLOADS\Avery Wizard\Avery Wizard 4.0.1.exe
Task: {E2E1BA22-2C9E-4DDA-B5BE-A9669EEFE908} - System32\Tasks\{5F7491F5-055E-43B4-8AB1-6C0C13794ABE} => D:\setup.EXE
Task: {E4D634D9-DA93-4872-8EFE-5D648AB5C2B0} - System32\Tasks\Event Viewer Tasks\ac8580ce-7f54-4c3e-bdef-da7a8866a46e => Wscript.exe "C:\Users\Bonnie\AppData\Local\Temp\tmpF9B4.vbs"
Task: {E6576A38-A607-4BB6-8C02-75B1660083DB} - System32\Tasks\{1E489659-64BE-4A74-A027-58C627CBDD88} => D:\setup.EXE
Task: {ECCDED60-D276-4EE4-821C-934246C4F589} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F36EBADE-B9EC-4303-B912-113F05716D88} - System32\Tasks\{EDD0AA97-682C-4CA0-9160-CBA95F6C8FBD} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {F548A22D-026E-4BA3-8CB6-2C78B765F4DB} - System32\Tasks\{82F30A69-741F-4105-A1DB-29F0CD72139C} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {F6767A57-59F9-47E0-AD86-C293DB2A23F9} - System32\Tasks\{6A246B2B-38B6-43A0-B3FE-ECDAE7FF92EE} => D:\setup.EXE
Task: {FAC18CA1-FB27-472A-9852-B75E2A3993FD} - System32\Tasks\{3FD6A413-7148-48F0-B752-516587088E89} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: C:\Windows\Tasks\SyncBack Unused Shortcut Folder.job => C:\Program Files (x86)\2BrightSparks\SyncBackBonnieTask created by SyncBack.exe
==================== Loaded Modules (whitelisted) =============
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2014-09-15 03:45 - 2014-09-15 03:45 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-09-25 02:27 - 2014-09-25 02:27 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-01-26 20:48 - 2011-01-26 20:48 - 00237160 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B44CA7A
AlternateDataStreams: C:\ProgramData\TEMP:4EFDF5FB
AlternateDataStreams: C:\ProgramData\TEMP:6AD65294
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: ForceWare Intelligent Application Manager (IAM) => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: nSvcIp => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PGMTrusted => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^Users^Bonnie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^7 Sticky Notes.lnk => C:\Windows\pss\7 Sticky Notes.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
========================= Accounts: ==========================
Administrator (S-1-5-21-771612026-841732212-226713872-500 - Administrator - Disabled)
AdministratorBonnie (S-1-5-21-771612026-841732212-226713872-1004 - Limited - Enabled) => C:\Users\AdministratorBonnie
Bonnie (S-1-5-21-771612026-841732212-226713872-1000 - Administrator - Enabled) => C:\Users\Bonnie
Guest (S-1-5-21-771612026-841732212-226713872-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-771612026-841732212-226713872-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-771612026-841732212-226713872-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: F:\
Description: MFC-J615W
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Brother
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: E:\
Description: Multi-Card
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/24/2014 04:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/24/2014 03:45:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 11:51:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 10:23:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (09/24/2014 09:54:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (09/24/2014 04:03:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (09/24/2014 03:41:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (09/23/2014 10:21:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/23/2014 10:21:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
Error: (09/22/2014 10:23:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
Error: (09/22/2014 10:12:30 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (09/21/2014 07:29:32 PM) (Source: DCOM) (EventID: 10016) (User: Bonniesdesktop)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BonniesdesktopBonnieS-1-5-21-771612026-841732212-226713872-1000LocalHost (Using LRPC)
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-09-03 11:55:02.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.148
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.171
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.093
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.000
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:25.922
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-31 16:19:52.297
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-31 16:19:52.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 220 Processor
Percentage of memory in use: 70%
Total physical RAM: 2815.37 MB
Available physical RAM: 836.47 MB
Total Pagefile: 5628.91 MB
Available Pagefile: 2257.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:913.84 GB) (Free:771.9 GB) NTFS
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:465.76 GB) (Free:308.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35D5C1F3)
Partition 1: (Not Active) - (Size=17.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 0C87459A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Thank you.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Bonnie (administrator) on BONNIESDESKTOP on 28-09-2014 22:10:50
Running from C:\Users\Bonnie\Desktop
Loaded Profiles: Bonnie & AdministratorBonnie & UpdatusUser & (Available profiles: Bonnie & AdministratorBonnie & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Binary Fortress Software) C:\Program Files (x86)\TrayStatus\TrayStatus.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Acer Incorporated) C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Elias Fotinis) C:\Program Files (x86)\DeskPins\DeskPins.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-05] (KARPOLAN)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-15] (Glarysoft Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000\...\MountPoints2: {0158e630-0acd-11e1-a35f-f80f411ea9c3} - I:\LaunchU3.exe -a
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KeyboardLeds.exe] => C:\Program Files (x86)\Keyboard LEDs\KeyboardLeds.exe [912896 2012-09-05] (KARPOLAN)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-15] (Glarysoft Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TrayStatus] => C:\Program Files (x86)\TrayStatus\TrayStatus.exe [283032 2011-05-18] (Binary Fortress Software)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6480664 2014-09-25] (Piriform Ltd)
HKU\S-1-5-21-771612026-841732212-226713872-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {0158e630-0acd-11e1-a35f-f80f411ea9c3} - I:\LaunchU3.exe -a
HKU\S-1-5-21-771612026-841732212-226713872-1005\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()
HKU\S-1-5-21-771612026-841732212-226713872-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [ScrSav] => C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [154144 2010-07-29] ()
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
BootExecute: autocheck autochk * BootDefrag.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x804D056B3ED5CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - {c1d89ae7-449d-4929-b24b-fded04adbe06} URL = http://isearch.glarysoft.com/?q={searchTerms}&src=iesearch
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.search.ask.com/we...&geo=US&ver=21&locale=en_US&gct=kwd&qsrc=2869
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {C050A3B4-59E7-42B1-9956-369806F31D20} - No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
FireFox:
========
FF ProfilePath: C:\Users\Bonnie\AppData\Roaming\Mozilla\Firefox\Profiles\nq483etu.default-1411263639149
FF DefaultSearchEngine: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://xfinity.comcast.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Bonnie\AppData\Roaming\Mozilla\Firefox\Profiles\nq483etu.default-1411263639149\searchplugins\safesearch.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-09-24]
Chrome:
=======
CHR Profile: C:\Users\Bonnie\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\Exts\Chrome.crx [2014-09-19]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [626208 2009-08-10] ()
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GREGService; C:\Program Files (x86)\eMachines\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-18] (SurfRight B.V.)
R2 Live Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [244624 2011-01-31] (Acer Incorporated)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\N360.exe [265040 2014-08-01] (Symantec Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S4 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [206880 2009-08-10] ()
S4 PGMTrusted; C:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-31] (iWin Inc.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-05-14] (Glarysoft Ltd)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-19] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-19] (Symantec Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-09-09] (Glarysoft Ltd)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140926.003\IDSvia64.sys [633560 2014-09-19] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140928.002\ENG64.SYS [129752 2014-09-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140928.002\EX64.SYS [2137304 2014-09-22] (Symantec Corporation)
S3 PcdrNdisuio; No ImagePath
R1 SMR430; C:\Windows\System32\drivers\SMR430.SYS [108216 2014-09-24] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-07-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-09-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 22:10 - 2014-09-28 22:11 - 00017131 _____ () C:\Users\Bonnie\Desktop\FRST.txt
2014-09-28 22:10 - 2014-09-28 22:10 - 00000000 ____D () C:\FRST
2014-09-28 22:06 - 2014-09-28 22:07 - 02108928 _____ (Farbar) C:\Users\Bonnie\Desktop\FRST64.exe
2014-09-28 21:41 - 2014-09-28 21:41 - 00001898 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-09-28 01:10 - 2014-09-28 01:10 - 00000831 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-25 02:27 - 2014-09-25 02:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-24 20:19 - 2014-09-24 20:19 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Bonnie\Downloads\SpyHunter-Installer.exe
2014-09-24 16:13 - 2014-09-24 16:13 - 00000020 _____ () C:\Windows\system32\Drivers\SMR430.dat
2014-09-24 15:34 - 2014-09-24 16:13 - 00108216 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SMR430.SYS
2014-09-24 15:33 - 2014-09-24 15:34 - 03060320 ____N (Symantec Corporation) C:\Users\Bonnie\Downloads\NPE.exe
2014-09-22 22:59 - 2014-09-28 13:55 - 00147873 ____N () C:\Windows\WindowsUpdate.log
2014-09-20 21:40 - 2014-09-20 21:40 - 00000000 ____D () C:\Users\Bonnie\Desktop\Old Firefox Data
2014-09-20 21:27 - 2014-09-24 19:49 - 00000000 ____D () C:\Users\Bonnie\Desktop\Logs removing pckeeper.app.zeobit virus
2014-09-20 21:15 - 2014-09-20 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrayStatus
2014-09-20 21:15 - 2014-09-20 21:15 - 00000000 ____D () C:\Program Files (x86)\TrayStatus
2014-09-20 21:13 - 2014-09-20 21:13 - 00647080 _____ (Binary Fortress Software ) C:\Users\Bonnie\Downloads\TrayStatusSetup-1.2.3.exe
2014-09-20 21:11 - 2014-09-20 21:11 - 00699016 _____ (CNET Download.com) C:\Users\Bonnie\Downloads\cbsidlm-cbsi213-TrayStatus-SEO-75167720(1).exe
2014-09-20 21:09 - 2014-09-20 21:09 - 00699016 _____ (CNET Download.com) C:\Users\Bonnie\Downloads\cbsidlm-cbsi213-TrayStatus-SEO-75167720.exe
2014-09-20 00:47 - 2014-09-20 00:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-19 23:33 - 2014-09-19 23:33 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-09-19 23:22 - 2014-09-19 23:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Suite
2014-09-19 23:22 - 2014-09-19 23:22 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-09-19 23:22 - 2014-09-19 23:22 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-09-19 23:22 - 2014-09-19 23:22 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-09-19 23:19 - 2014-09-19 23:19 - 01021632 _____ (Symantec Corporation) C:\Users\Bonnie\Downloads\Norton_Download_Manager.exe
2014-09-19 23:09 - 2014-09-19 23:09 - 00869456 _____ () C:\Users\Bonnie\Downloads\Norton_Removal_Tool.exe
2014-09-19 21:18 - 2014-09-25 16:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-19 21:18 - 2014-09-19 21:18 - 00001164 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-19 21:18 - 2014-09-19 21:18 - 00001152 _____ () C:\Users\Public\Desktop\Mozilla Firefox 32.lnk
2014-09-18 22:34 - 2014-09-18 22:34 - 00002232 _____ () C:\Windows\system32\.crusader
2014-09-18 21:38 - 2014-09-18 21:38 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-16 22:54 - 2014-09-16 22:54 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Foxit Software
2014-09-15 21:30 - 2014-09-16 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2014-09-15 21:27 - 2014-09-15 21:27 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Foxit PhantomPDF
2014-09-15 21:25 - 2014-09-15 21:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-15 20:03 - 2014-09-15 21:30 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-09-15 20:02 - 2014-09-16 22:54 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-09-09 19:36 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-09 19:36 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-09 19:36 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-09 17:46 - 2014-08-15 11:48 - 17868288 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-09 17:46 - 2014-08-15 11:36 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-09 17:46 - 2014-08-15 11:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-09 17:46 - 2014-08-15 11:31 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-09 17:46 - 2014-08-15 11:31 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-09 17:46 - 2014-08-15 11:30 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-09 17:46 - 2014-08-15 11:30 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-09 17:46 - 2014-08-15 11:30 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 02156032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-09 17:46 - 2014-08-15 11:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-09 17:46 - 2014-08-15 11:29 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-09-09 17:46 - 2014-08-15 11:28 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-09 17:46 - 2014-08-15 11:28 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-09 17:46 - 2014-08-15 11:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-09-09 17:46 - 2014-08-15 11:28 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-09-09 17:46 - 2014-08-15 10:51 - 12363264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-09 17:46 - 2014-08-15 10:42 - 09739776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-09 17:46 - 2014-08-15 10:42 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-09 17:46 - 2014-08-15 10:37 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-09 17:46 - 2014-08-15 10:37 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-09 17:46 - 2014-08-15 10:36 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-09 17:46 - 2014-08-15 10:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-09 17:46 - 2014-08-15 10:35 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-09 17:46 - 2014-08-15 10:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-09 17:46 - 2014-08-15 10:34 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-09 17:46 - 2014-08-15 10:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-09-09 17:46 - 2014-08-15 10:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-09-09 17:23 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-09 17:23 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 17:20 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-09 17:20 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-09 17:20 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-09 17:20 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-09 17:20 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-09 17:20 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-09 17:19 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-09 17:19 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-09 17:17 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 17:17 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-09 17:17 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-09 17:17 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-09 17:17 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 17:17 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 17:17 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-09 17:17 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-09 17:17 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-09 17:17 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-09 17:16 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-09 17:16 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 17:15 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-09 17:15 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-09 17:15 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-09 17:15 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-09 17:15 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-09 17:15 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-09 17:15 - 2014-06-24 22:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-09 17:15 - 2014-06-24 21:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-09 17:15 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-09 14:50 - 2014-09-28 21:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-09 14:50 - 2014-09-11 04:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-09 14:50 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-09 14:50 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-09 14:50 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-09 14:47 - 2014-09-09 14:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bonnie\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 10:50 - 2014-09-09 13:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-09-03 00:42 - 2014-09-24 16:05 - 00000000 ____D () C:\NPE
2014-09-02 23:40 - 2014-09-02 23:40 - 00000000 _____ () C:\autoexec.bat
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-28 20:54 - 2013-09-15 21:28 - 00578560 ___SH () C:\Users\Bonnie\Desktop\Thumbs.db
2014-09-28 20:08 - 2011-10-03 02:43 - 00000000 ____D () C:\Users\Bonnie\Documents\My Files
2014-09-28 01:10 - 2013-08-28 14:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 01:03 - 2014-05-16 21:19 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-26 20:03 - 2011-10-03 01:39 - 00000000 ___RD () C:\Users\Bonnie\Desktop\Unused Shortcut Folder
2014-09-25 20:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-25 05:00 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 05:00 - 2009-07-14 00:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-24 16:13 - 2013-02-25 23:12 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\NPE
2014-09-24 16:12 - 2013-05-14 20:21 - 00000000 ___RD () C:\Users\Bonnie\Desktop\COMPUTER CLEANERS
2014-09-24 16:05 - 2014-05-16 21:20 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-24 16:04 - 2011-10-05 00:42 - 00000326 _____ () C:\Windows\Tasks\GlaryInitialize.job
2014-09-24 16:04 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 19:09 - 2012-06-11 19:09 - 00000496 _____ () C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2014-09-21 18:10 - 2011-10-17 23:24 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\CrashDumps
2014-09-20 21:24 - 2013-08-20 20:03 - 00000000 ____D () C:\AdwCleaner
2014-09-20 19:22 - 2013-01-25 22:18 - 00000000 ____D () C:\Users\AdministratorBonnie
2014-09-20 12:26 - 2012-02-01 11:20 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\LogMeIn Rescue Applet
2014-09-19 23:33 - 2012-12-14 22:32 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-09-19 23:33 - 2012-12-14 22:31 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-09-19 23:22 - 2012-12-14 22:32 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-09-19 23:22 - 2012-12-14 22:09 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-09-19 23:22 - 2011-03-31 05:24 - 00000000 ____D () C:\ProgramData\Norton
2014-09-19 16:39 - 2013-09-16 17:08 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-09-18 22:39 - 2013-05-11 14:04 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-18 20:15 - 2012-08-06 17:56 - 00007149 _____ () C:\Windows\InstText.ini
2014-09-17 22:43 - 2013-05-14 23:24 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-09-17 21:00 - 2013-11-26 15:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-16 22:41 - 2014-05-16 21:20 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-09-16 22:40 - 2014-05-16 21:20 - 00002986 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-09-16 22:40 - 2014-05-16 21:20 - 00002644 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-09-16 22:36 - 2014-03-25 17:51 - 00000000 ____D () C:\Users\Bonnie\AppData\Roaming\DiskDefrag
2014-09-15 19:49 - 2014-05-27 20:13 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-15 19:49 - 2014-05-27 20:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 02:51 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-09 20:45 - 2014-05-16 21:20 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-09-09 19:42 - 2013-07-18 11:56 - 00307848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-09 19:24 - 2014-04-29 19:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-09 18:04 - 2011-10-03 05:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-09 17:49 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-09 17:43 - 2013-12-02 17:35 - 00797394 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-09 17:43 - 2009-07-14 01:13 - 00797394 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-09 17:40 - 2013-07-19 17:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-09 16:37 - 2014-08-05 20:09 - 00000042 _____ () C:\Users\Bonnie\Desktop\IdentityWord.txt
2014-09-09 13:51 - 2011-10-02 19:05 - 00000000 ____D () C:\Users\Bonnie
2014-09-09 13:49 - 2011-10-10 14:46 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-09 13:49 - 2011-03-31 05:24 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-09 13:49 - 2010-11-21 03:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-09 13:49 - 2010-11-21 03:16 - 00000000 ____D () C:\Windows\ShellNew
2014-09-09 13:48 - 2014-05-16 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-09-09 13:48 - 2014-04-06 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-09 13:48 - 2013-05-22 21:51 - 00000000 ____D () C:\Windows\ERUNT
2014-09-09 13:48 - 2011-10-18 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2014-09-09 13:48 - 2011-10-05 01:18 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-09 13:48 - 2011-10-05 00:42 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities
2014-09-09 13:48 - 2011-10-03 05:29 - 00000000 ____D () C:\Users\Bonnie\AppData\Local\Microsoft Help
2014-09-09 13:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-09-09 13:48 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-09 13:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2014-09-09 13:39 - 2012-09-27 17:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-09 13:38 - 2011-10-03 05:27 - 00000000 __RHD () C:\MSOCache
2014-08-29 13:01 - 2011-10-04 11:37 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Bonnie\nircmd.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 01:19
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Bonnie at 2014-09-28 22:11:58
Running from C:\Users\Bonnie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Security Suite (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Security Suite (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security Suite (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Agatha Christie - 4:50 from Paddington (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.2.0 - Auslogics Labs Pty Ltd)
Avery Wizard 5.0 (HKLM-x32\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Big Fish Games: Game Manager (HKLM-x32\...\BFGC) (Version: 3.0.1.60 - )
Brother MFL-Pro Suite MFC-J615W (HKLM-x32\...\{7FB6B1B7-075B-4B7F-BEB6-97584F73C7B5}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DeskPins (remove only) (HKLM-x32\...\DeskPins) (Version: - )
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
eMachines Games (HKLM-x32\...\WildTangent emachines Master Uninstall) (Version: 1.0.2.4 - WildTangent)
eMachines Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
eMachines Registration (HKLM-x32\...\eMachines Registration) (Version: 1.03.3003 - Acer Incorporated)
eMachines ScreenSaver (HKLM-x32\...\eMachines Screensaver) (Version: 1.1.0221.2011 - Acer Incorporated)
eMachines Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3005 - Acer Incorporated)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom 3 Collector's Edition (HKLM-x32\...\BFG-Fishdom 3 Collector's Edition) (Version: - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
Glary Utilities Pro 2.56.0.1822 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.56.0.1822 - Glarysoft Ltd)
Glary Utilities PRO 5.8 (HKLM-x32\...\Glary Utilities 5) (Version: 5.8.0.15 - Glarysoft Ltd)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3014 - Acer Incorporated)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3006 - Acer Incorporated)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Quest Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Mysteries 2 Trail of the Midnight Heart (remove only) (HKLM-x32\...\Jewel Quest Mysteries 2 Trail of the Midnight Heart) (Version: - )
Keyboard LEDs (HKLM-x32\...\Keyboard LEDs) (Version: 2.7 - KARPOLAN)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Express 7.0 (HKLM-x32\...\{369B36BE-3D64-4641-9AEA-808D436FE130}) (Version: 7.0.0.0000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10500.1.100 - Nero AG)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10800.6.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.1.237 - Barnesandnoble.com)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.5.0.19 - Symantec Corporation)
NVIDIA Control Panel 307.83 (Version: 307.83 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (HKLM-x32\...\InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7316 - NVIDIA Corporation)
NVIDIA ForceWare Network Access Manager (Version: 1.00.7316 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 307.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.83 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6684 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
OI App Manager (HKLM-x32\...\OI App Manager) (Version: - Optimum Installer)
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PDF to JPG Converter Free 7.2.1 (HKLM-x32\...\PDF to JPG Converter Free_is1) (Version: - PDFAura, Inc.)
PDF to Word Converter Free 7.2.1 (HKLM-x32\...\PDF to Word Converter Free_is1) (Version: - PDFAura, Inc.)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pogo Games (HKLM-x32\...\PogoDGC) (Version: 1.0 - ) <==== ATTENTION
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6045 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Revo Uninstaller Pro 3.0.8 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.8 - VS Revo Group, Ltd.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Smileycons 6.0.1 (HKLM-x32\...\Smileycons_is1) (Version: 6.0.1 - Cloudeight Internet, LLC.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SyncBack (HKLM-x32\...\SyncBack_is1) (Version: - 2BrightSparks)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
Taskbar Shuffle version 2.5 (HKLM-x32\...\Taskbar Shuffle_is1) (Version: 2.5 - Jay Elaraj)
Torchlight (x32 Version: 2.2.0.95 - WildTangent) Hidden
TrayStatus 1.2.3 (HKLM-x32\...\d6b74f60-2e9d-4c60-a8b7-b7d737c44ad4_is1) (Version: 1.2.3.0 - Binary Fortress Software)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\eMachines Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Wise Program Uninstaller 1.11 (HKLM-x32\...\Wise Program Uninstaller_is1) (Version: - WiseCleaner.com, Inc.)
Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-771612026-841732212-226713872-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Bonnie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
07-09-2014 09:00:42 Windows Backup
08-09-2014 09:01:43 Windows Backup
09-09-2014 03:51:38 Windows Update
09-09-2014 09:00:51 Windows Backup
09-09-2014 17:34:37 Restore Operation
09-09-2014 18:02:18 Windows Backup
09-09-2014 20:00:03 Windows Backup
09-09-2014 20:43:33 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
09-09-2014 21:18:30 Windows Update
09-09-2014 23:36:19 Windows Update
10-09-2014 09:00:30 Windows Backup
11-09-2014 09:01:29 Windows Backup
12-09-2014 09:01:18 Windows Backup
13-09-2014 09:00:38 Windows Backup
14-09-2014 09:00:30 Windows Backup
15-09-2014 09:00:26 Windows Backup
16-09-2014 09:00:43 Windows Backup
17-09-2014 02:26:18 Revo Uninstaller Pro's restore point - Foxit PhantomPDF Standard
17-09-2014 02:31:43 Revo Uninstaller Pro's restore point - Foxit Reader
17-09-2014 02:32:26 Revo Uninstaller Pro's restore point - Foxit Cloud
17-09-2014 02:33:16 Revo Uninstaller Pro's restore point - Foxit Reader
17-09-2014 09:00:21 Windows Backup
18-09-2014 02:38:57 Revo Uninstaller Pro's restore point - Catalina Savings Printer
18-09-2014 02:43:04 Revo Uninstaller Pro's restore point - Revo Uninstaller 1.95
18-09-2014 09:00:20 Windows Backup
19-09-2014 02:33:29 Checkpoint by HitmanPro
19-09-2014 02:34:28 Checkpoint by HitmanPro
20-09-2014 02:25:22 Norton Security Suite Registry
20-09-2014 09:00:44 Windows Backup
21-09-2014 00:43:25 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:47:05 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:48:38 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 00:50:32 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 01:03:06 Revo Uninstaller Pro's restore point - TrayStatus 1.2.3
21-09-2014 09:00:46 Windows Backup
22-09-2014 09:00:25 Windows Backup
23-09-2014 09:00:35 Windows Backup
24-09-2014 09:00:25 Windows Backup
24-09-2014 20:36:11 malwaretips.com Preparing for Malware Removal Assistance
25-09-2014 09:00:24 Windows Backup
26-09-2014 09:00:23 Windows Backup
27-09-2014 09:00:58 Windows Backup
28-09-2014 09:00:21 Windows Backup
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2011-12-30 23:06 - 00440010 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {005C54FD-7033-41B8-990F-DF0284C1BB08} - System32\Tasks\{1181BCAC-D8CB-4880-9E21-5F04732D322F} => C:\Users\Bonnie\Documents\My Documents\MY DOWNLOADS\Diskkeeper\Home\Diskeeper2007_Home.exe
Task: {01CF0FB0-0CF8-487C-951E-ECB763F3EF07} - System32\Tasks\{78021533-3DD2-468F-9AB8-6429AAC2734D} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {02E195C3-7DDD-44D5-A14B-8E4CC541BE07} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0A203C94-FD6E-42B2-8627-2A3EE939663C} - System32\Tasks\{D1889722-80ED-4848-9463-841FE057C6BC} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {0F0DAD4F-8FDA-4D59-A4CB-03D4EA78C4A6} - System32\Tasks\{885113B5-2ED3-4714-8BB5-FD8E4A899449} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {14136F15-4ED6-46E0-994B-BC70AC37F20A} - System32\Tasks\{F5C18D0F-079E-412C-BB61-8D52F74FD568} => D:\setup.EXE
Task: {1BFF1054-75E3-4AD7-8E93-4882253B17DB} - System32\Tasks\{D1FBB1F5-49C9-44E9-A1BC-C50684CF6CD6} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {1D6BC3AC-190C-4F36-A391-D46A02282C80} - System32\Tasks\{DADB5956-372E-4C40-8C0E-158B4491F10F} => D:\setup.EXE
Task: {1EF7752C-578B-4328-9131-0FF30DCFA163} - System32\Tasks\{CD57DFD8-5280-44BF-86EA-17A99FE302D9} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {20E73B6F-FE38-4CF3-91BD-EFDEFA3BCC28} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {21A2387A-25E9-4E87-908B-D1192D249A77} - System32\Tasks\{5DA47900-3260-47DD-B22D-D2F5B94AF490} => D:\setup.EXE
Task: {229347CA-53D0-452B-9FF2-40D558E07EAE} - System32\Tasks\{10B5CA08-0E11-4F81-936F-3C046642181A} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {244B04DC-E2D7-41B8-8B99-8BE06E7A8F13} - System32\Tasks\{EE955390-3F60-45ED-8525-C9C00D75B803} => D:\setup.EXE
Task: {2823B864-5642-48EB-AE49-3B7BCB23F50B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {28551FDD-A3D0-4635-8ACB-30E9187AF6B0} - System32\Tasks\{DF40AE23-B20F-4072-8529-5E929F3FE671} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {2A66ADBF-8BCB-4C03-9D7A-A834A8164BE4} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2B812EFC-F5A8-4A98-A8BA-7653B63D6D2B} - System32\Tasks\Microsoft_Hardware_Launch_rundll32_exe => Rundll32.exe url.dll,OpenURL http://go.microsoft.com/fwlink/?LinkId=116866
Task: {2EBEC7CA-ECF8-4ABA-9CBE-1C7C9606A4F7} - System32\Tasks\{E1BE30F4-9440-4A02-A5CE-AEB21C5A8A1E} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {34908596-B4E3-43E9-B772-882F69004B2E} - System32\Tasks\{A978A120-4746-4791-B1C3-2D041F8873B9} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {396085F4-9AAB-4703-81F3-63D3BB55B69A} - System32\Tasks\{95C4CCFE-997B-4C07-BC1A-30777DF19956} => D:\setup.EXE
Task: {3D87E10B-3E08-4E97-B2C7-CC0935D29991} - System32\Tasks\{1424C2DE-C1A4-4F5E-AD11-349677A3A35A} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {3E4D01AE-A990-4615-A360-3E5E58EAA4D0} - System32\Tasks\{98553DEC-C798-43D4-8B0D-E4E5D8D6CB74} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {3EE16EF7-C825-4D41-98CF-B8CF64324477} - System32\Tasks\{5987C26C-AA54-48A2-A664-AE30AC8BF764} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {3FF24F59-084C-4D96-872A-8DE07DB4AF19} - System32\Tasks\{624E4B65-6B11-44A9-8729-2984CD9033C0} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {41275674-A092-4D96-932C-ECEDCAC44EF3} - System32\Tasks\{BE8A86CE-F509-45AC-B703-053B45F0BB91} => C:\Program Files (x86)\Diskeeper Corporation\Diskeeper Home Setup\setup.exe [2005-11-30] (Diskeeper Corporation )
Task: {4B2F5DB4-D1B2-4D75-9021-A10C9BFEFF20} - System32\Tasks\{B944948B-12D1-4120-BFDC-0C9AFF032AFA} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {4D63B953-4A4A-4A7A-B537-EA3B3214D098} - System32\Tasks\{F2C41C5E-57AB-4668-A6F4-6BB6F00AEC91} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {4ECFBF3A-43E8-4400-BB0E-D0128D53E0C4} - System32\Tasks\{D15F2DE9-C80D-4EEB-8EA0-25FCC5C168C7} => D:\setup.EXE
Task: {5107C225-7621-4197-9EF0-5969F47F345E} - System32\Tasks\{F083FD2E-2778-4D74-B7FB-D96CB9B232A4} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {52BCE7A9-EFC5-4416-83C6-074826F27F11} - System32\Tasks\{02102791-0E88-47C0-9376-1DFAC811AAF0} => C:\Program Files (x86)\Red NoteBook\RedNoteBook.exe
Task: {56CBE756-EC54-4FE5-9F6C-58316390F5C6} - System32\Tasks\{EFCF6EBF-B68A-4F9F-9DCB-220F75223D32} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {5CB043BD-BC5D-4EA5-A102-648FFCA13796} - System32\Tasks\{127E40D2-3A41-4ABE-99CC-465B9B41F62C} => C:\Users\Bonnie\Documents\My Documents\MY DOWNLOADS\Diskkeeper\Home\Diskeeper2007_Home.exe
Task: {5DB949BA-34AA-441D-AD81-18F91B99D76D} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {5E84F1E3-A14E-4B48-91AB-C90B32266631} - System32\Tasks\{C14989A3-2700-4E30-9023-D7682E02E113} => Firefox.exe
Task: {6A83CA1A-D5C5-4411-93A3-0C483CC7C73B} - System32\Tasks\{D422B7DD-16B5-44EE-B771-1CE23499ADD3} => D:\setup.EXE
Task: {6BA56A18-BD9B-454F-8E09-BA2A43A22130} - System32\Tasks\4784 => Wscript.exe C:\Users\Bonnie\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {6E2756BA-2CF6-48A0-AFC1-FBD549825232} - System32\Tasks\{25F30E5F-4ACF-4D01-8932-D685C6A9EE4C} => D:\setup.EXE
Task: {6E9C0CC2-CACE-44CA-8113-EB13B58EE2BB} - System32\Tasks\{A051D7F4-1A47-4039-A675-6295654E8310} => D:\setup.EXE
Task: {71966F80-F87D-4471-B186-91A9B41CF035} - System32\Tasks\SpyHunter4 => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: {73F6BD11-8D5E-426D-A635-6B9E4B1FA613} - System32\Tasks\{7E2ECE1B-3B86-45BD-B17E-69D1F1A9A02D} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {7CD9BBD6-BF86-46EA-9EFC-BD546D999713} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-09-15] (Glarysoft Ltd)
Task: {7DD87CCF-F3E2-4026-8CCA-A2CD86DDC64D} - System32\Tasks\{2DE4ED84-1AC0-4257-AB07-D96419F5901B} => D:\setup.EXE
Task: {82E77FA2-ABE1-41C4-869D-0B7D9C4322B0} - System32\Tasks\{D6B2A86E-946D-4302-9E81-FE6F7FB91912} => D:\setup.EXE
Task: {8843BA86-370D-49F5-95B8-A8BA034F6EEB} - System32\Tasks\{1939B359-923B-4268-8C16-8A82560BA817} => C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe [2002-07-16] (Microsoft Corporation)
Task: {A06C0437-D61B-4604-9E57-89CA888FC67B} - System32\Tasks\{D5D883E4-A6C3-40D3-B7F3-1630B2CB4109} => C:\Program Files (x86)\Stedmans Medical Eponyms\Medical Eponyms\smep32.exe
Task: {A1F3D497-F863-449B-950F-D6204306BA0D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {A58C1ADC-E89D-45B4-B8FD-A9FE09B6F7AE} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A65792EC-192A-4C73-8DEA-1A6931657EBF} - System32\Tasks\{FEEC14F1-CF79-4BF2-89D8-1EF62F7A9806} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {AB2D2730-AC2B-450C-BE4C-491C5598401E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-09-15] (Glarysoft Ltd)
Task: {AE281D89-B0C6-48BB-9229-30DBD95E4131} - System32\Tasks\{9D35A7B8-4DE2-4DEE-AED3-42C6AE1384B6} => Iexplore.exe http://ui.skype.com/ui/0/5.0.0.152....notincluded,google-chrome:notoffered;disabled
Task: {AF1308D6-7891-4B5E-B511-C9DD41CDF365} - System32\Tasks\{188224B7-A15A-4A69-ACD5-E1F615874B12} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {AF475D40-3DB6-4578-80A1-0511C29F15A4} - System32\Tasks\{2E59B992-B257-4211-834F-D44CE9350E29} => C:\Users\Bonnie\Documents\CareerStep110909\Appications Downloaded\Stedman's Dictionaries from Facebook Forum\Spellchecker_2005\Spellchecker 2005\Setup.EXE
Task: {AF61526E-DBDB-482A-AB7E-715ECE89ED03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {AFE9B32B-A030-4DDF-B100-525726F59E92} - System32\Tasks\{5E2EAD77-CC79-4972-A7A0-F195E0630C75} => C:\Program Files (x86)\IT7Pro\Exe_v7\IT7Pro.exe
Task: {BABFBD1E-AB51-4480-97BC-8547C12D5B13} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {BAF587D9-98E9-4ADE-A81C-3DC63A28C4D0} - System32\Tasks\{0FF32535-1A25-4C18-B742-456267A37CD8} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {BD3F31B5-9366-4BB8-9ECA-307A7346BBDE} - System32\Tasks\GlaryInitialize => C:\Program Files (x86)\Glary Utilities\initialize.exe [2013-05-27] (Glarysoft Ltd)
Task: {BED4553F-124E-4F62-BEB8-B9E9B7C61FC5} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {C2BD4DAC-A056-44BB-9183-71BEC7019EF4} - System32\Tasks\{DC048564-AC99-4F8C-952D-C8BF02F050A7} => Firefox.exe
Task: {C2CA6603-93E9-4D24-834F-81AAEE24ACC2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.5.0.19\WSCStub.exe [2014-07-31] (Symantec Corporation)
Task: {C6A751A7-91C8-4C3D-B304-76FD4EF0D36F} - System32\Tasks\{D8515773-F0F0-4B6F-B587-AD814F7B3303} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: {CAF2F3BD-6266-404D-900D-AA8B3C4227BB} - System32\Tasks\{9CD62E55-23DE-4093-B247-27580ECBD21A} => D:\setup.EXE
Task: {CD2A73BC-627D-4A9C-A9A5-EF37D6D65002} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DC9A60F4-4FA6-4A0A-922A-322676E82E2F} - System32\Tasks\{5AF99C23-3439-4E48-A006-660CDF6F9EBC} => C:\Users\Bonnie\Documents\My Files\MY DOWNLOADS\Avery Wizard\Avery Wizard 4.0.1.exe
Task: {E2E1BA22-2C9E-4DDA-B5BE-A9669EEFE908} - System32\Tasks\{5F7491F5-055E-43B4-8AB1-6C0C13794ABE} => D:\setup.EXE
Task: {E4D634D9-DA93-4872-8EFE-5D648AB5C2B0} - System32\Tasks\Event Viewer Tasks\ac8580ce-7f54-4c3e-bdef-da7a8866a46e => Wscript.exe "C:\Users\Bonnie\AppData\Local\Temp\tmpF9B4.vbs"
Task: {E6576A38-A607-4BB6-8C02-75B1660083DB} - System32\Tasks\{1E489659-64BE-4A74-A027-58C627CBDD88} => D:\setup.EXE
Task: {ECCDED60-D276-4EE4-821C-934246C4F589} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F36EBADE-B9EC-4303-B912-113F05716D88} - System32\Tasks\{EDD0AA97-682C-4CA0-9160-CBA95F6C8FBD} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {F548A22D-026E-4BA3-8CB6-2C78B765F4DB} - System32\Tasks\{82F30A69-741F-4105-A1DB-29F0CD72139C} => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [2012-11-23] (FileHippo.com)
Task: {F6767A57-59F9-47E0-AD86-C293DB2A23F9} - System32\Tasks\{6A246B2B-38B6-43A0-B3FE-ECDAE7FF92EE} => D:\setup.EXE
Task: {FAC18CA1-FB27-472A-9852-B75E2A3993FD} - System32\Tasks\{3FD6A413-7148-48F0-B752-516587088E89} => C:\Program Files (x86)\Unlocker\Unlocker.exe [2013-01-09] ()
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GlaryInitialize.job => C:\Program Files (x86)\Glary Utilities\initialize.exe
Task: C:\Windows\Tasks\SpyHunter4.job => C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
Task: C:\Windows\Tasks\SyncBack Unused Shortcut Folder.job => C:\Program Files (x86)\2BrightSparks\SyncBackBonnieTask created by SyncBack.exe
==================== Loaded Modules (whitelisted) =============
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2014-09-15 03:45 - 2014-09-15 03:45 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-09-25 02:27 - 2014-09-25 02:27 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-01-26 20:48 - 2011-01-26 20:48 - 00237160 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B44CA7A
AlternateDataStreams: C:\ProgramData\TEMP:4EFDF5FB
AlternateDataStreams: C:\ProgramData\TEMP:6AD65294
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: ForceWare Intelligent Application Manager (IAM) => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: NOBU => 2
MSCONFIG\Services: nSvcIp => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PGMTrusted => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^Users^Bonnie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^7 Sticky Notes.lnk => C:\Windows\pss\7 Sticky Notes.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
========================= Accounts: ==========================
Administrator (S-1-5-21-771612026-841732212-226713872-500 - Administrator - Disabled)
AdministratorBonnie (S-1-5-21-771612026-841732212-226713872-1004 - Limited - Enabled) => C:\Users\AdministratorBonnie
Bonnie (S-1-5-21-771612026-841732212-226713872-1000 - Administrator - Enabled) => C:\Users\Bonnie
Guest (S-1-5-21-771612026-841732212-226713872-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-771612026-841732212-226713872-1002 - Limited - Enabled)
UpdatusUser (S-1-5-21-771612026-841732212-226713872-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Name: F:\
Description: MFC-J615W
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Brother
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: E:\
Description: Multi-Card
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Generic-
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/24/2014 04:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/24/2014 03:45:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 11:51:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 10:23:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:53 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/23/2014 10:21:52 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
System errors:
=============
Error: (09/24/2014 09:54:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (09/24/2014 04:03:00 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (09/24/2014 03:41:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
Error: (09/23/2014 10:21:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/23/2014 10:21:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
Error: (09/22/2014 10:23:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
Error: (09/22/2014 10:12:30 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
Error: (09/21/2014 07:29:32 PM) (Source: DCOM) (EventID: 10016) (User: Bonniesdesktop)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}BonniesdesktopBonnieS-1-5-21-771612026-841732212-226713872-1000LocalHost (Using LRPC)
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-09-03 11:55:02.397
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.335
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.257
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 11:55:02.148
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.171
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.093
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:26.000
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-03 09:43:25.922
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-31 16:19:52.297
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-31 16:19:52.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon(tm) II X2 220 Processor
Percentage of memory in use: 70%
Total physical RAM: 2815.37 MB
Available physical RAM: 836.47 MB
Total Pagefile: 5628.91 MB
Available Pagefile: 2257.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (eMachines) (Fixed) (Total:913.84 GB) (Free:771.9 GB) NTFS
Drive g: (FreeAgent GoFlex Drive) (Fixed) (Total:465.76 GB) (Free:308.39 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 35D5C1F3)
Partition 1: (Not Active) - (Size=17.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=913.8 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 0C87459A)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
