Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Adchoice Malware


  • This topic is locked This topic is locked
39 replies to this topic

#1 Terwyl

Terwyl

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 20 August 2014 - 07:06 AM

Bleeping Computer has instructed me to run 3 different Malware removal programs, which in truth have removed so much rubbish from my laptop. Unfortunately they have not removed the files that have infected my system with Adchoice. 

 

They have suggested that I now look for someone who has come across this and can give me detailed, specific removal instructions.

 

I have attached the files plus a DDS file with this message

 

 

Thanks

 

Terry

Attached Files



BC AdBot (Login to Remove)

 


m

#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 20 August 2014 - 06:22 PM

Hello 

Terwyl

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

1.

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"

[/*]

 

2.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 21 August 2014 - 08:05 AM

Hi as expected nothing from Malwarebytes, but I attach the other two reports as requested.

 

Thanks

 

Terry

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Terry (administrator) on TERRY-LAPTOP on 21-08-2014 09:15:10
Running from C:\Users\Terry\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Trusteer Ltd.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(MyNetUniverse, Inc) C:\Program Files (x86)\MyShoppingGenie\mnumsg.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-17] (IDT, Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760 2010-03-14] (Nero AG)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1485208 2010-07-28] (Affinegy, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2009-12-23] (Intel Corporation)
HKLM-x32\...\Run: [Desktop Disc Tool] => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807600 2009-11-13] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-20] (Siber Systems)
HKU\S-1-5-21-3116106764-2768196040-1957312253-1000\...\Run: [mnumsg.exe] => C:\Program Files (x86)\MyShoppingGenie\mnumsg.exe [568672 2010-05-19] (MyNetUniverse, Inc)
HKU\S-1-5-21-3116106764-2768196040-1957312253-1000\...\Run: [GoogleChromeAutoLaunch_63DB4A3952B7883511B658FD8F9F68EC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
HKU\S-1-5-21-3116106764-2768196040-1957312253-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093464 2013-09-12] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3116106764-2768196040-1957312253-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-07-20] (Siber Systems)
Startup: C:\Users\Administrator.Terry-Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 0MegaCloudNormal -> {03FB4211-3964-44E8-97D7-A2FA49CF5576} => C:\Users\Terry\AppData\Roaming\MegaCloud\MegaCloudShellExtx64.dll ()
ShellIconOverlayIdentifiers: 1MegaCloudModified -> {03FB4212-3964-44E8-97D7-A2FA49CF5576} => C:\Users\Terry\AppData\Roaming\MegaCloud\MegaCloudShellExtx64.dll ()
ShellIconOverlayIdentifiers: 2MeagCloudError -> {03FB4213-3964-44E8-97D7-A2FA49CF5576} => C:\Users\Terry\AppData\Roaming\MegaCloud\MegaCloudShellExtx64.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://about:newtab
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2CBE73EDCBB2CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
SearchScopes: HKLM-x32 - {26346666-5E15-438A-97B7-1776DDC4ABA7} URL =
SearchScopes: HKLM-x32 - {37A5D468-DC5B-4EA7-9F08-C654CE126FF5 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=solimmsd&cd=2XzuyEtN2Y1L1Qzu0CyEyEyCtCzytA0F0BtByEyBzzyC0DyEtN0D0Tzu0CyCyDyCtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1B1F1I1L1H1H1B1Q&cr=1094888022&ir=
BHO: saFeweb -> {2EAFE8FB-9086-0D23-251C-D748FE819466} ->  No File
BHO: nurago web meter -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} ->  No File
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: YoutubeAdblocker -> {F694D443-E68A-6907-4005-3ACFFEFF3CF6} ->  No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO-x32: saFeweb -> {2EAFE8FB-9086-0D23-251C-D748FE819466} ->  No File
BHO-x32: nurago web meter -> {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} ->  No File
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: TBSB02638 Class -> {A138AC5E-0BA9-4D66-A464-29A102D7D262} -> C:\Program Files (x86)\Roulettereaper Utility\tbcore3.dll ()
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: YoutubeAdblocker -> {F694D443-E68A-6907-4005-3ACFFEFF3CF6} ->  No File
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM - nurago web meter - {5F6E2508-41C4-4D4B-8AC3-D7ED6E4EB2AE} -  No File
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - Roulettereaper Utility - {52FFC6E1-DDF9-8B8F-BDB0-23F8890F0796} - C:\Program Files (x86)\Roulettereaper Utility\tbcore3.dll ()
Toolbar: HKLM-x32 - nurago web meter - {5F6E2508-41C4-4D4B-8AC3-D7ED6E4EB2AE} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKCU - No Name - {52FFC6E1-DDF9-8B8F-BDB0-23F8890F0796} -  No File
DPF: HKLM-x32 {32E7B36C-7960-4A42-B83B-D8AFD0AAEF2B} http://us1.iradiopop.com/indap/ind/INDBrowser.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {99E63F21-514B-4C2B-9170-D25D54F65D5B} https://s3.amazonaws.com/muzee.ixd/VBIXDPlayer.CAB
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\2ptxnp8z.default-1387217905632
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: Ask New Tabs - C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\2ptxnp8z.default-1387217905632\Extensions\{1AE2033C-C518-0D7C-E250-6ABAA6D9F67D} [2014-03-27]
FF Extension: iMacros for Firefox - C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\2ptxnp8z.default-1387217905632\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-07-22]
FF Extension: Keynote Connector Extension - C:\Program Files (x86)\Mozilla Firefox\extensions\firefoxextensions@keynote.com [2010-12-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-05-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-05]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-08]
FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\nurago web meter
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2010-10-28]
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome:
=======
CHR HomePage: hxxp://www.google.co.uk/
CHR StartupUrls: "about:newtab?source=home"
CHR NewTab: "chrome-extension://jmimlojbameclmnomokbofbcnciehojb/newtab.html"
CHR DefaultSearchKeyword: google.co.uk
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Microsoft Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
CHR Plugin: (McAfee Security Scanner +) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll No File
CHR Plugin: (McAfee Virtual Technician) - C:\Program Files (x86)\McAfee\Supportability\MVT\npmvtplugin.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\windows\system32\TVUAx\npTVUAx.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Extension: (YoutubeAdblocker) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpiacnckfgjpnnpgbcnknciigilaokch [2014-04-04]
CHR Extension: (safewebu) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcllfdgdaelhejmpdjngcfephaghbofl [2014-04-04]
CHR Extension: (PDFescape Free PDF Editor) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdefoklganepljiopdnglodohlgfikkl [2014-04-04]
CHR Extension: (SNT) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmimlojbameclmnomokbofbcnciehojb [2014-04-04]
CHR Extension: (Skype Click to Call) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-18]
CHR Extension: (Google Wallet) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (RoboForm) - C:\Users\Terry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [ambofkimhcgoflncipfcagpdnhfbnjan] - C:\ProgramData\Bcool\ambofkimhcgoflncipfcagpdnhfbnjan.crx [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [igkejcihojcegdmifcnlkhmnelneogef] - C:\Program Files (x86)\nurago web meter\Chrome Extension\extension.crx [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [oihiaojfckjaconbjjpanjechlighodn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx [2013-10-09]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-07-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\AESTSr64.exe [89600 2010-03-17] (Andrea Electronics Corporation)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () [File not signed]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [File not signed]
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [248664 2013-09-12] (Garmin Ltd or its subsidiaries)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1886488 2014-07-10] (Trusteer Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_58afa5ca50c7b5e7\STacSV64.exe [244736 2010-03-17] (IDT, Inc.)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S3 McComponentHostService; "C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe" [X]
S2 nurago-Reporting-Service; C:\Program Files (x86)\nurago web meter\nurago-Reporting.exe [X]
S2 nurago-Update-Service; C:\Program Files (x86)\nurago web meter\nurago-Updater.exe [X]
S2 SftService; "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-21] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R1 RapportCerberus_69875; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_69875.sys [631128 2014-07-21] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [299736 2014-07-10] (Trusteer Ltd.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [358616 2014-07-10] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [414296 2014-07-10] (Trusteer Ltd.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ffrtdzxp; \??\C:\windows\system32\drivers\ffrtdzxp.sys [X]
S3 PCAMp50a64; System32\Drivers\PCAMp50a64.sys [X]
S3 PCASp50a64; System32\Drivers\PCASp50a64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 09:15 - 2014-08-21 09:16 - 00029736 _____ () C:\Users\Terry\Downloads\FRST.txt
2014-08-21 09:14 - 2014-08-21 09:15 - 00000000 ____D () C:\FRST
2014-08-21 09:13 - 2014-08-21 09:14 - 02101760 _____ (Farbar) C:\Users\Terry\Downloads\FRST64.exe
2014-08-21 08:27 - 2014-08-21 09:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-21 08:26 - 2014-08-21 09:09 - 00000000 ____D () C:\Users\Terry\Desktop\mbar
2014-08-21 08:24 - 2014-08-21 08:25 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Terry\Downloads\mbar-1.07.0.1012.exe
2014-08-20 12:52 - 2014-08-20 12:52 - 00011314 _____ () C:\Users\Terry\Desktop\attach.txt
2014-08-20 12:52 - 2014-08-20 12:51 - 00032436 _____ () C:\Users\Terry\Desktop\dds.txt
2014-08-19 21:36 - 2014-08-21 08:01 - 00000224 _____ () C:\windows\setupact.log
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 _____ () C:\windows\setuperr.log
2014-08-19 21:22 - 2014-08-19 21:22 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-19 21:22 - 2014-08-19 21:22 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 21:22 - 2014-08-19 21:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 21:12 - 2014-08-19 21:12 - 00015310 _____ () C:\Users\Terry\Desktop\ESET Scan 19-08-2014.txt
2014-08-19 18:10 - 2014-08-19 18:10 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 18:05 - 2014-08-19 18:05 - 00011375 _____ () C:\Users\Terry\Desktop\JRT.txt
2014-08-19 17:45 - 2014-08-19 17:45 - 00000000 ____D () C:\windows\ERUNT
2014-08-19 17:44 - 2014-08-19 17:44 - 01016261 _____ (Thisisu) C:\Users\Terry\Desktop\JRT.exe
2014-08-19 17:21 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-19 17:15 - 2014-08-19 17:15 - 01361671 _____ () C:\Users\Terry\Desktop\AdwCleaner.exe
2014-08-19 17:14 - 2014-08-19 17:26 - 00000000 ____D () C:\AdwCleaner
2014-08-19 17:13 - 2014-08-19 17:14 - 01361671 _____ () C:\Users\Terry\Downloads\AdwCleaner.exe
2014-08-17 17:01 - 2014-08-20 12:53 - 00000000 ____D () C:\Users\Terry\Documents\Computer
2014-08-14 22:25 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-14 22:25 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-14 22:25 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-14 22:25 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-14 22:25 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-14 22:25 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-14 22:22 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-14 22:22 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-14 07:12 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-14 07:12 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-14 07:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-08-14 07:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-08-14 07:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-08-14 07:11 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-08-14 07:11 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-08-14 07:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-08-14 07:11 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-08-14 07:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-08-14 07:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-08-14 07:11 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-08-14 07:11 - 2014-07-08 23:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-08-14 07:11 - 2014-07-08 23:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-08-14 07:10 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-14 07:10 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-14 07:10 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-14 07:10 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-08-14 07:10 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-14 07:10 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-14 07:10 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-14 07:10 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-08-14 07:10 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-14 07:10 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-14 07:10 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-14 07:10 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-14 07:10 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-14 07:10 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-14 07:10 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-08-14 07:10 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-08-14 07:10 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-14 07:10 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-08-14 07:10 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-14 07:10 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-08-14 07:10 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-08-14 07:10 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-14 07:10 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 07:10 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-14 07:10 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-14 07:10 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-14 07:10 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-14 07:10 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-14 07:10 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-14 07:10 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-08-14 07:10 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-08-14 07:10 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-14 07:10 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-14 07:10 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-14 07:10 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 07:10 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-14 07:10 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-14 07:10 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-08-14 07:10 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-14 07:10 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-14 07:10 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-14 07:10 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-14 07:10 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-14 07:10 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-14 07:10 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-08-14 07:10 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-14 07:10 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-14 07:10 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-14 07:10 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-08-14 07:10 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-08-14 07:10 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-14 07:10 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-14 07:09 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-14 07:09 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-08-14 07:09 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-08-14 07:09 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-14 07:09 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-14 07:09 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-14 06:52 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-14 06:52 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-14 06:52 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-14 06:52 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-14 06:52 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-14 06:52 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-14 06:52 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-14 06:51 - 2014-07-16 04:25 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-14 06:51 - 2014-07-16 03:46 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-14 06:51 - 2014-07-16 03:12 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-14 06:51 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-14 06:51 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-14 06:51 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-14 06:49 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-14 06:49 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-09 07:55 - 2014-08-09 07:55 - 00000000 ____D () C:\Users\Terry\AppData\Roaming\Oracle
2014-08-09 07:38 - 2014-08-09 07:37 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-08 22:26 - 2014-08-20 18:00 - 00000464 _____ () C:\windows\Tasks\SparkTrust Registration3.job
2014-08-08 22:26 - 2014-08-09 07:15 - 00000645 _____ () C:\windows\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE.job
2014-08-08 22:26 - 2014-08-09 07:15 - 00000422 _____ () C:\windows\Tasks\SparkTrust Update Version3_triggeronce.job
2014-08-08 22:26 - 2014-08-09 07:15 - 00000422 _____ () C:\windows\Tasks\SparkTrust Update Version3.job
2014-08-08 22:26 - 2014-08-08 22:26 - 00004086 _____ () C:\windows\System32\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE
2014-08-08 22:26 - 2014-08-08 22:26 - 00003238 _____ () C:\windows\System32\Tasks\SparkTrust Update Version3
2014-08-08 22:26 - 2014-08-08 22:26 - 00003128 _____ () C:\windows\System32\Tasks\SparkTrust Registration3
2014-08-08 22:26 - 2014-08-08 22:26 - 00002900 _____ () C:\windows\System32\Tasks\SparkTrust Update Version3_triggeronce
2014-08-08 22:26 - 2014-08-08 22:26 - 00001319 _____ () C:\Users\Terry\Desktop\SparkTrust PC Cleaner Plus.lnk
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-08 17:52 - 2014-08-14 07:30 - 00000000 ____D () C:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-01 06:12 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-01 06:12 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-01 06:12 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-01 06:12 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-01 06:11 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-01 06:11 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-01 06:11 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-01 06:11 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-01 06:11 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-01 06:11 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-01 06:11 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-01 06:11 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-01 06:11 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-01 06:11 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-07-23 21:14 - 2014-07-23 21:14 - 00000017 _____ () C:\windows\SysWOW64\shortcut_ex.dat

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 09:16 - 2014-08-21 09:15 - 00029736 _____ () C:\Users\Terry\Downloads\FRST.txt
2014-08-21 09:15 - 2014-08-21 09:14 - 00000000 ____D () C:\FRST
2014-08-21 09:14 - 2014-08-21 09:13 - 02101760 _____ (Farbar) C:\Users\Terry\Downloads\FRST64.exe
2014-08-21 09:10 - 2013-02-06 18:08 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 09:09 - 2014-08-21 08:27 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-08-21 09:09 - 2014-08-21 08:26 - 00000000 ____D () C:\Users\Terry\Desktop\mbar
2014-08-21 09:09 - 2014-04-24 21:24 - 00000000 ____D () C:\Users\Terry\Documents\WGT
2014-08-21 09:02 - 2013-12-17 14:19 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 08:26 - 2014-05-16 19:09 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-08-21 08:25 - 2014-08-21 08:24 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Terry\Downloads\mbar-1.07.0.1012.exe
2014-08-21 08:10 - 2010-11-28 15:35 - 00003942 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{61D67FD8-62D9-4ED9-AEA4-2D0BCE2CF7D9}
2014-08-21 08:10 - 2010-07-16 09:27 - 01973810 _____ () C:\windows\WindowsUpdate.log
2014-08-21 08:09 - 2009-07-14 05:45 - 00022704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 08:09 - 2009-07-14 05:45 - 00022704 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 08:05 - 2014-05-16 19:10 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 08:05 - 2013-10-27 13:21 - 00000494 _____ () C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-08-21 08:05 - 2013-02-06 18:08 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 08:05 - 2010-10-28 18:01 - 00117544 _____ () C:\Users\Terry\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-21 08:02 - 2011-10-18 17:23 - 00000506 _____ () C:\windows\Tasks\SystemToolsDailyTest.job
2014-08-21 08:02 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-21 08:01 - 2014-08-19 21:36 - 00000224 _____ () C:\windows\setupact.log
2014-08-21 08:01 - 2009-07-14 05:45 - 00469680 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-20 18:53 - 2010-10-29 13:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 18:00 - 2014-08-08 22:26 - 00000464 _____ () C:\windows\Tasks\SparkTrust Registration3.job
2014-08-20 15:01 - 2013-12-18 12:07 - 00000296 _____ () C:\windows\Tasks\Registry Optimizer_DEFAULT.job
2014-08-20 12:53 - 2014-08-17 17:01 - 00000000 ____D () C:\Users\Terry\Documents\Computer
2014-08-20 12:52 - 2014-08-20 12:52 - 00011314 _____ () C:\Users\Terry\Desktop\attach.txt
2014-08-20 12:51 - 2014-08-20 12:52 - 00032436 _____ () C:\Users\Terry\Desktop\dds.txt
2014-08-20 12:32 - 2011-10-18 17:23 - 00003540 _____ () C:\windows\System32\Tasks\SystemToolsDailyTest
2014-08-20 11:07 - 2013-12-18 12:07 - 00000304 _____ () C:\windows\Tasks\Registry Optimizer_UPDATES.job
2014-08-19 21:36 - 2014-08-19 21:36 - 00000000 _____ () C:\windows\setuperr.log
2014-08-19 21:28 - 2013-02-07 09:45 - 00000202 _____ () C:\Users\Terry\Desktop\Enphase.url
2014-08-19 21:22 - 2014-08-19 21:22 - 00002772 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-19 21:22 - 2014-08-19 21:22 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-19 21:22 - 2014-08-19 21:22 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-19 21:12 - 2014-08-19 21:12 - 00015310 _____ () C:\Users\Terry\Desktop\ESET Scan 19-08-2014.txt
2014-08-19 18:10 - 2014-08-19 18:10 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-19 18:05 - 2014-08-19 18:05 - 00011375 _____ () C:\Users\Terry\Desktop\JRT.txt
2014-08-19 17:45 - 2014-08-19 17:45 - 00000000 ____D () C:\windows\ERUNT
2014-08-19 17:44 - 2014-08-19 17:44 - 01016261 _____ (Thisisu) C:\Users\Terry\Desktop\JRT.exe
2014-08-19 17:26 - 2014-08-19 17:14 - 00000000 ____D () C:\AdwCleaner
2014-08-19 17:26 - 2014-01-17 00:05 - 00000000 ____D () C:\windows\system32\log
2014-08-19 17:26 - 2013-09-01 18:18 - 00000000 ____D () C:\Users\Terry\AppData\Local\CRE
2014-08-19 17:26 - 2010-10-28 18:01 - 00000000 ____D () C:\Users\Terry
2014-08-19 17:15 - 2014-08-19 17:15 - 01361671 _____ () C:\Users\Terry\Desktop\AdwCleaner.exe
2014-08-19 17:14 - 2014-08-19 17:13 - 01361671 _____ () C:\Users\Terry\Downloads\AdwCleaner.exe
2014-08-19 14:18 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-08-19 14:11 - 2011-10-24 22:10 - 00000000 ____D () C:\Users\Terry\Documents\Rebecca
2014-08-15 18:43 - 2012-11-21 10:22 - 00000000 ____D () C:\Users\Terry\Documents\Animals
2014-08-15 18:39 - 2014-05-10 19:52 - 00000000 ____D () C:\Users\Terry\Documents\Bideford Bay
2014-08-15 09:51 - 2009-07-14 06:32 - 00000000 ____D () C:\windows\system32\FxsTmp
2014-08-15 06:41 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-08-14 22:48 - 2013-08-15 21:13 - 00000000 ____D () C:\windows\system32\MRT
2014-08-14 22:41 - 2010-10-31 22:11 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-14 22:17 - 2014-04-30 17:02 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-14 07:30 - 2014-08-08 17:52 - 00000000 ____D () C:\windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-14 07:00 - 2014-04-04 22:52 - 00000000 ____D () C:\Users\Terry\AppData\Roaming\Dropbox
2014-08-14 06:51 - 2014-04-04 22:56 - 00000000 ___RD () C:\Users\Terry\Dropbox
2014-08-13 06:03 - 2011-10-18 17:23 - 00000564 _____ () C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-12 10:06 - 2011-10-18 17:23 - 00004276 _____ () C:\windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-08-10 10:34 - 2010-10-30 20:59 - 00000000 ____D () C:\Users\Terry\Documents\Kimberley
2014-08-09 07:55 - 2014-08-09 07:55 - 00000000 ____D () C:\Users\Terry\AppData\Roaming\Oracle
2014-08-09 07:38 - 2014-01-25 21:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-09 07:37 - 2014-08-09 07:38 - 00272808 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-08-09 07:37 - 2014-08-09 07:37 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-09 07:15 - 2014-08-08 22:26 - 00000645 _____ () C:\windows\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE.job
2014-08-09 07:15 - 2014-08-08 22:26 - 00000422 _____ () C:\windows\Tasks\SparkTrust Update Version3_triggeronce.job
2014-08-09 07:15 - 2014-08-08 22:26 - 00000422 _____ () C:\windows\Tasks\SparkTrust Update Version3.job
2014-08-08 22:26 - 2014-08-08 22:26 - 00004086 _____ () C:\windows\System32\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE
2014-08-08 22:26 - 2014-08-08 22:26 - 00003238 _____ () C:\windows\System32\Tasks\SparkTrust Update Version3
2014-08-08 22:26 - 2014-08-08 22:26 - 00003128 _____ () C:\windows\System32\Tasks\SparkTrust Registration3
2014-08-08 22:26 - 2014-08-08 22:26 - 00002900 _____ () C:\windows\System32\Tasks\SparkTrust Update Version3_triggeronce
2014-08-08 22:26 - 2014-08-08 22:26 - 00001319 _____ () C:\Users\Terry\Desktop\SparkTrust PC Cleaner Plus.lnk
2014-08-08 17:55 - 2014-08-08 17:55 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-07 03:06 - 2014-08-14 06:49 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-07 03:01 - 2014-08-14 06:49 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-01 00:41 - 2014-08-14 07:10 - 00348856 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-01 00:16 - 2014-08-14 07:10 - 00307384 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-31 09:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\Resources
2014-07-25 15:52 - 2014-08-14 07:09 - 23645696 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-25 15:02 - 2014-08-14 07:10 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-25 15:01 - 2014-08-14 07:10 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-25 14:51 - 2014-08-14 07:10 - 17524224 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-25 14:30 - 2014-08-14 07:10 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-25 14:28 - 2014-08-14 07:10 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-25 14:28 - 2014-08-14 07:10 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-25 14:25 - 2014-08-14 07:10 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-25 14:25 - 2014-08-14 07:09 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-25 14:11 - 2014-08-14 07:10 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-25 14:10 - 2014-08-14 07:10 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-25 14:04 - 2014-08-14 07:10 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-25 14:03 - 2014-08-14 07:10 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-25 14:00 - 2014-08-14 07:10 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-25 14:00 - 2014-08-14 07:10 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-25 13:59 - 2014-08-14 07:10 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-25 13:47 - 2014-08-14 07:09 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 13:40 - 2014-08-14 07:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-25 13:34 - 2014-08-14 07:10 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-25 13:34 - 2014-08-14 07:10 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-25 13:33 - 2014-08-14 07:10 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-25 13:30 - 2014-08-14 07:10 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-25 13:28 - 2014-08-14 07:10 - 05824512 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-25 13:28 - 2014-08-14 07:10 - 00072704 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 13:21 - 2014-08-14 07:10 - 02184704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-25 13:19 - 2014-08-14 07:09 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-25 13:18 - 2014-08-14 07:10 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-25 13:17 - 2014-08-14 07:10 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-25 13:17 - 2014-08-14 07:10 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-25 13:12 - 2014-08-14 07:10 - 00438784 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-25 13:10 - 2014-08-14 07:10 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-25 13:10 - 2014-08-14 07:10 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-25 13:08 - 2014-08-14 07:10 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-25 13:06 - 2014-08-14 07:10 - 04204032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-25 12:52 - 2014-08-14 07:10 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-25 12:47 - 2014-08-14 07:10 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-25 12:43 - 2014-08-14 07:10 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 12:42 - 2014-08-14 07:10 - 00692736 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-25 12:39 - 2014-08-14 07:10 - 02087936 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-25 12:39 - 2014-08-14 07:10 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-25 12:36 - 2014-08-14 07:10 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-25 12:34 - 2014-08-14 07:10 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-25 12:29 - 2014-08-14 07:10 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-25 12:23 - 2014-08-14 07:10 - 13547008 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-25 12:13 - 2014-08-14 07:10 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-25 12:07 - 2014-08-14 07:10 - 02001920 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-25 12:07 - 2014-08-14 07:10 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-25 12:03 - 2014-08-14 07:10 - 11772928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-25 11:52 - 2014-08-14 07:10 - 02266624 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-25 11:26 - 2014-08-14 07:10 - 01431040 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-25 11:17 - 2014-08-14 07:10 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-25 11:09 - 2014-08-14 07:10 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-25 11:05 - 2014-08-14 07:10 - 01792512 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-25 11:00 - 2014-08-14 07:10 - 01169920 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-25 06:40 - 2012-05-18 10:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 06:39 - 2012-05-18 10:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 06:39 - 2012-04-27 06:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-24 22:22 - 2012-05-18 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 06:45 - 2010-10-28 18:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 21:14 - 2014-07-23 21:14 - 00000017 _____ () C:\windows\SysWOW64\shortcut_ex.dat
2014-07-23 06:40 - 2014-06-18 10:20 - 00003528 _____ () C:\windows\System32\Tasks\Terry NBAgent

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.9848.dll

Some content of TEMP:
====================
C:\Users\Terry\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwhyore.dll
C:\Users\Terry\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Terry\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Terry\AppData\Local\Temp\Quarantine.exe
C:\Users\Terry\AppData\Local\Temp\SHSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-20 13:03

==================== End Of Log ============================

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Terry at 2014-08-21 09:16:44
Running from C:\Users\Terry\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.2.15 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.2.15 - British Broadcasting Corp.) Hidden
BBC iPlayer Downloads (HKLM-x32\...\{198DFB43-9C28-4204-93ED-1545E3E467B8}) (Version: 1.0.2 - BBC)
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Bridge From Special K (HKCU\...\Bridge From Special K) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Coupon Printer (HKLM-x32\...\Coupon Printer2.0) (Version: 2.0 - Couponstar) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.12 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.12 - PC-Doctor, Inc.) Hidden
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Driver Detective (HKLM-x32\...\{5D6D605B-E4B7-490B-A794-9284BC3D2A8B}) (Version: 8.1 - PC Drivers HeadQuarters)
Driver Manager (HKLM-x32\...\{177CD779-4EEC-43C5-8DEA-4E0EC103624B}) (Version: 8.1 - Driver Manager)
DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.60.48.35 - Dell Inc.)
Elevated Installer (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
Garmin City Navigator Europe NT 2014.20 Update (HKLM-x32\...\{43E0ACED-FE1C-4C0F-85BE-9A98EDF43437}) (Version: 17.20.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{ec281b79-20b1-4076-807d-b4a562eb13c5}) (Version: 2.3.12.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.12.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.6.1001 - Intel Corporation)
InterCasino (HKLM-x32\...\InterCasinoV9EnglishGBP) (Version:  - )
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.3009.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MegaCloud (HKCU\...\MegaCloud) (Version: 1.0.2.3915 - MegaCloud Ltd.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 24.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-GB)) (Version: 24.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyShoppingGenie (HKLM-x32\...\MyShoppingGenie4.0 FP1) (Version: 4.0 FP1 - MyNet Universe, Inc)
MyShoppingGenie (HKLM-x32\...\MyShoppingGenie4.0) (Version: 4.0 - MyNet Universe, Inc)
Nero 2014 (HKLM-x32\...\{9642EA87-3714-49A6-9E70-325CB18E6DE5}) (Version: 15.0.02500 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (HKLM-x32\...\{0420F95C-11FF-4E02-B967-6CC22B188F9F}) (Version: 5.2.22001 - Nero AG)
Nero BackItUp and Burn (HKLM-x32\...\{E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}) (Version: 1.2.0031 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero BurnRights (HKLM-x32\...\{397516AE-7DFE-4F90-84E0-BD616D559434}) (Version: 3.6.26001 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23400 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (HKLM-x32\...\{6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}) (Version: 9.6.16000 - Nero AG)
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Info (x32 Version: 15.1.0030 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3800 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (HKLM-x32\...\{51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}) (Version: 2.6.26000 - Nero AG)
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.23000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{24B89186-2A56-4D28-B930-6F4FCF224E2F}) (Version: 4.01.9714 - Apache Software Foundation)
OptimizerPro Updater (HKLM-x32\...\OptimizerProUpdater) (Version:  - ) <==== ATTENTION
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 2.73 - NCH Software)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Quick Bridge 3.3 (remove only) (HKLM-x32\...\Quick Bridge 3.3) (Version:  - )
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.5.0 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapport (x32 Version: 3.5.1307.109 - Trusteer) Hidden
RoboForm 7-9-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
Roulettereaper Utility (HKLM-x32\...\Roulettereaper Utility) (Version: 1.0.1 - Roulettereaper.com)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sky Kings Casino (HKCU\...\Sky Kings Casino) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony RAW Driver (HKLM-x32\...\{166FCF01-AC98-4288-A01C-90BEB808C059}) (Version: 2.0.00.08130 - Sony Corporation)
SparkTrust PC Cleaner Plus (HKLM-x32\...\{35827710-D042-428B-A1E5-E20E12D2FEB9}) (Version: 3.2.10.0 - SparkTrust) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.0.1 - Synaptics Incorporated)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1307.109 - Trusteer)
Universal Document Converter (Demo) (HKLM-x32\...\Universal Document Converter_is1) (Version: 6.3 - fCoder Group, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
uPlayer (HKLM-x32\...\{06810DC6-3501-40FE-BCB3-1A7BE6398A36}) (Version: 1.0.0 - Full Spectrum Interactive)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Zoosk Messenger (HKLM-x32\...\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1) (Version: 4.128.3 - Zoosk, Inc.)
Zoosk Messenger (x32 Version: 4.128.3 - Zoosk, Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Terry\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Terry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{A3EFB00C-4BB0-4BA0-B37D-1D7DCE8A8D1D}\localserver32 -> C:\Users\Terry\AppData\Roaming\MegaCloud\MegaCloud.exe ()
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Terry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Terry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Terry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3116106764-2768196040-1957312253-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Terry\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811_1\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

01-08-2014 12:34:24 Windows Update
06-08-2014 04:16:43 Windows Update
08-08-2014 16:53:31 Installed SpyHunter
08-08-2014 20:25:35 Removed Zoosk Messenger
09-08-2014 06:34:37 Installed Java 7 Update 67
10-08-2014 07:18:13 Windows Update
14-08-2014 06:21:16 Removed SpyHunter
14-08-2014 21:16:12 Windows Update
18-08-2014 07:32:58 Windows Update
19-08-2014 13:10:03 Configured Microsoft Office Home and Student 2007

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0119284D-0425-4351-B141-EF275EB184F9} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {0178397D-3640-4BAC-A04F-E70F4E09EEC6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {0B112263-5C41-457E-9624-54B89753185A} - System32\Tasks\Browser Updater\Browser Updater => Rundll32.exe "C:\Program Files (x86)\HomeTab\TBUpdater.dll",TBCheckForUpdate
Task: {10D1FCBC-01AD-46EF-BCDD-898198E6C546} - System32\Tasks\Terry3 => C:\Program Files (x86)\Nero\Nero BackItUp &amp; Burn\Nero BackItUp\NBCore.exe
Task: {15E4F144-483B-4C6A-9A15-31EBD6ABBFEC} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-10-16] (Nero AG)
Task: {24FFCBA3-08D5-45FB-841E-DEE42F56F592} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMKMGMKJHMHMMMIMJMCNNMLMJMPMCNLMKMLJHMCNHMOMMJOJCNOMJJGMLMHMJMOMOJKJJJLJKJJNJICMIMCNGMCNHMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMMJBJKJLIMJFMOMOMKMKMJNHICMOMPMKJIJMIJNBJCMLKKJNINIGIPNIKGIDJLJJNKJCMJNNICMJNDJCMKJBJJNMJCMOMFMLMMMGMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {273BDAA1-42F8-4DF2-80A0-22B90AD58E6D} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-10-06] (PC-Doctor, Inc.)
Task: {32CA68DD-981D-4E20-98AE-2484F2EBAD97} - System32\Tasks\{291EAAD0-0BCE-4A95-B85A-8D11B75921A8} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.0.0.152.259&amp;LastError=12002
Task: {3A15462C-5BDC-43B1-A435-A47F1307FCAC} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {3A350EFD-A787-4C91-B2E5-681FE3287E59} - System32\Tasks\{2E3797D8-C281-4232-80BE-6450898DAD0A} => C:\Microgaming\Casino\BJBallroom\CasinoGame.exe
Task: {3D99365A-7F9D-4BBE-9C71-08F33ACB9782} - System32\Tasks\Driver Manager-RTMScan => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
Task: {40D378CA-B3FE-482E-8820-DED1975DE3CC} - System32\Tasks\Terry Local Autobackup => C:\Program Files (x86)\Nero\Nero BackItUp &amp; Burn\Nero BackItUp\NBCore.exe
Task: {45E80F47-CF75-4070-8830-6C0CFAF2E39F} - System32\Tasks\Terry NBAgent => C:\Program Files (x86)\Nero\Nero BackItUp &amp; Burn\Nero BackItUp\NBAgent.exe
Task: {49EA47AA-BB1C-421B-86A2-E9DDB5C7E3DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
Task: {4EB8B143-AB28-41C3-97A9-1603645FFE0A} - System32\Tasks\{A1CFAEA5-357C-463C-A95B-DE1713A36A93} => C:\Microgaming\Casino\BJBallroom\CasinoGame.exe
Task: {5964A2E5-1A9D-413E-95A0-60F70B0BA41D} - System32\Tasks\Go to RoboForm Install page => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMKMGMKJHMHMMMIMJMCNNMLMJMPMCNLMKMLJHMCNHMOMMJOJCNOMJJGMLMHMJMOMOJKJJJLJKJJNJICMIMCNMMCNPMFMGMCNPMCNHMOMOMNMFMJMCNOMCNIMJMPMPMCNNMJNPICMPMFMEKMICNJJCKFMPMJNHICMOMPMKJIJMIJNBJCMLKKJNINIGIPNIKGIDJLJJNKJCMJNNICMJNDJCMKJBJ"
Task: {61BD891F-0945-4248-83E5-3472B8390379} - System32\Tasks\Terry => C:\Program Files (x86)\Nero\Nero BackItUp &amp; Burn\Nero BackItUp\NBCore.exe
Task: {66A92DAF-FCC3-4FC0-A1D3-649E19BE1EA2} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {67541714-022A-49A7-9647-FF5B627387E8} - System32\Tasks\Privacy Controls_{BFEC236A-3F16-11E3-906D-842E2B24579A} => C:\Program Files (x86)\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: {8A7343AF-BE99-4AB3-AA05-E89608E7510F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8B8B15EC-C11F-4B86-81A0-13317583AF89} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {8E888D5A-DC96-4981-9225-C4CF4D3AF33C} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-07-20] (Siber Systems)
Task: {90C004F3-F9C5-4C96-83CA-CD8F54DFBCE4} - System32\Tasks\Driver Detective-RTMScanRunOnce => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {9310C907-2E71-4D9A-88E5-5F982DA40495} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-07-31] (SparkTrust Systems) <==== ATTENTION
Task: {976EF361-6DDB-4C0C-B119-F8903FB4198F} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: {98071DAB-3E1E-480F-B44F-65B18269EDC6} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-10-06] (PC-Doctor, Inc.)
Task: {9DC868D9-FE49-4BEE-BEB4-0CA40DE4DEC5} - System32\Tasks\Registry Optimizer => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {AB9EB8BA-9D2D-4377-90AC-5A430EC05AF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-06] (Google Inc.)
Task: {B0CB488E-B2C0-47A3-B4B7-F5047472C975} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {B1F120C7-F29F-424E-BD01-9F5517546DAE} - System32\Tasks\{2C2617A4-7010-42EF-AF33-651A7E565152} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {C0E02DC1-8F8C-4E70-8ED4-BE73505C5991} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {C2FEA731-B6B2-4B5C-860D-608612A3D3DC} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe <==== ATTENTION
Task: {DD497A06-36D0-427A-B567-E791396C389A} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: {E5847A21-AE10-4234-81EE-57B717297BE3} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-07-31] (SparkTrust Systems) <==== ATTENTION
Task: {F0BDB2B5-F1FC-4B72-8A36-0CD58B45E544} - System32\Tasks\Driver Manager-RTMUpdater => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
Task: {F4B20F80-247F-4525-ACB9-B670D8512FB9} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-10-06] (PC-Doctor, Inc.)
Task: {F74FF49F-578E-4C4A-BACF-5B33E119318F} - \TidyNetwork Update No Task File <==== ATTENTION
Task: {F781FCB4-C9DF-49F3-96A7-6BF8A271263D} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns
Task: {F7AE1B73-4B86-4507-8449-17C3B773E52D} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
Task: {FDF9D686-93EA-4A92-9703-361035853BD4} - System32\Tasks\Driver Manager-RTMRules => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
Task: {FE0A7640-EA7E-4201-9041-32B3B78DA29D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\windows\Tasks\Privacy Controls_{BFEC236A-3F16-11E3-906D-842E2B24579A}.job => C:\Program Files (x86)\ParetoLogic\Privacy Controls\Pareto_PC.exe
Task: C:\windows\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\windows\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\windows\Tasks\SparkTrust PC Cleaner Plus_sch_A5DA8D73-1F42-11E4-BBE3-F9FFEA524AEE.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\windows\Tasks\SparkTrust Registration3.job => C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\windows\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\windows\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2011-05-14 17:57 - 2010-02-17 18:25 - 00181760 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2011-05-14 17:57 - 2010-02-09 15:55 - 00055296 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2011-12-24 23:17 - 2012-12-19 17:57 - 00258816 _____ () C:\Users\Terry\AppData\Roaming\MegaCloud\MegaCloudShellExtx64.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 01807600 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2011-08-18 08:42 - 2010-02-17 18:25 - 00149504 _____ () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2012-01-25 11:20 - 2014-06-30 07:23 - 01404120 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
2011-05-14 20:00 - 2010-07-28 17:34 - 00022424 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2010-07-16 09:44 - 2009-12-23 23:32 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2011-05-14 20:00 - 2010-06-23 18:11 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2011-05-14 20:00 - 2010-06-23 18:11 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2011-05-14 20:00 - 2010-06-23 18:12 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2011-05-14 20:00 - 2010-06-23 18:11 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2011-08-21 09:46 - 2010-06-23 17:38 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 00275696 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 00152816 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-11-13 22:15 - 2009-11-13 22:15 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2011-08-21 09:46 - 2010-07-28 17:02 - 00658432 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2013-09-20 13:50 - 2013-09-20 13:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-09-17 04:54 - 2013-09-17 04:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/21/2014 08:16:47 AM) (Source: BackItUp5) (EventID: 3374) (User: )
Description: Backup process failed.

Error: (08/21/2014 08:16:47 AM) (Source: BackItUp5) (EventID: 6277) (User: )
Description: Job execution failed because the selected target for job does not exist.

Error: (08/21/2014 08:13:30 AM) (Source: BackItUp5) (EventID: 3374) (User: )
Description: Backup process failed.

Error: (08/21/2014 08:13:30 AM) (Source: BackItUp5) (EventID: 6277) (User: )
Description: Job execution failed because the selected target for job does not exist.

Error: (08/20/2014 10:17:19 PM) (Source: BackItUp5) (EventID: 3374) (User: )
Description: Backup process failed.

Error: (08/20/2014 10:17:19 PM) (Source: BackItUp5) (EventID: 6277) (User: )
Description: Job execution failed because the selected target for job does not exist.

Error: (08/20/2014 08:17:23 PM) (Source: BackItUp5) (EventID: 3374) (User: )
Description: Backup process failed.

Error: (08/20/2014 08:17:23 PM) (Source: BackItUp5) (EventID: 6277) (User: )
Description: Job execution failed because the selected target for job does not exist.

Error: (08/20/2014 06:52:48 PM) (Source: MsiInstaller) (EventID: 11500) (User: Terry-Laptop)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1500.Another installation is in progress.  You must complete that installation before continuing this one.

Error: (08/20/2014 06:52:45 PM) (Source: MsiInstaller) (EventID: 11500) (User: Terry-Laptop)
Description: Product: Microsoft Office Home and Student 2007 -- Error 1500.Another installation is in progress.  You must complete that installation before continuing this one.

System errors:
=============
Error: (08/21/2014 08:02:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SoftThinks Agent Service service failed to start due to the following error:
%%2

Error: (08/21/2014 08:02:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Update-Service service failed to start due to the following error:
%%2

Error: (08/21/2014 08:02:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Reporting-Service service failed to start due to the following error:
%%2

Error: (08/20/2014 10:21:34 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/20/2014 08:43:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SoftThinks Agent Service service failed to start due to the following error:
%%2

Error: (08/20/2014 08:43:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Update-Service service failed to start due to the following error:
%%2

Error: (08/20/2014 08:43:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Reporting-Service service failed to start due to the following error:
%%2

Error: (08/19/2014 09:57:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SoftThinks Agent Service service failed to start due to the following error:
%%2

Error: (08/19/2014 09:57:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Update-Service service failed to start due to the following error:
%%2

Error: (08/19/2014 09:57:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The nurago-Reporting-Service service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 72%
Total physical RAM: 2934.56 MB
Available physical RAM: 811.5 MB
Total Pagefile: 5867.3 MB
Available Pagefile: 2914.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:218.14 GB) (Free:153.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: B2F7EE26)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=218.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 21 August 2014 - 07:25 PM

1.

Uninstalling A Program Through "add/remove"

Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

SavingsBull
SparkTrust PC Cleaner Plus
OptimizerPro Updater
MyShoppingGenie
MyShoppingGenie
Coupon Printer
File Type Assistant


Additional instructions can be found here if needed.

 

 

2.

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attached File  fixlist.txt   5.58KB   8 downloads


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 22 August 2014 - 03:15 AM

Good Morning (well it is here).

 

I cannot get the fix to pick up the fixlist.txt.       I actually had the files duplicated in case of accidents, so I had them all on desktop and in another folder and I get the same message. So I saved them all again into a brand new folder on desktop, but still get same message.

 

Now according to me they are in the same folder.



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 23 August 2014 - 04:29 PM

Delete any copy you have of FRST and the fixlist. Then Redownload FRST to your Desktop Then Download the fixlist.txt to your desktop. Once both are on your desktop run FRST and click the Fix button.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 23 August 2014 - 05:05 PM

Good Evening.

 

Yes that worked.

 

Fixlog will not let me Select All and copy, nor will it run as an attachment.  Do not know how to get info, to you unless by email, and even then will it run as an attachment then?

 

 



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 23 August 2014 - 06:58 PM

You download the fixlist.txt to your desktop. You don't run Fixlist.txt. You run FRST and click the fix button


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 24 August 2014 - 03:37 AM

Yes as stated that has worked once I started from scratch.

 

What I cannot do is get the resultant fixlog to you. If I select all and copy it will not give me the paste option. If I try to attach it to an email that will not work either.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 24 August 2014 - 03:28 PM

What I cannot do is get the resultant fixlog to you. If I select all and copy it will not give me the paste option. If I try to attach it to an email that will not work either.

 

I understand now. Please run FRST as you did the very first time you ran it. The post the FRST log it produces. Do you have a Flash drive you can use?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 25 August 2014 - 06:15 AM

I used to have 3, cannot find one. I will need to go and buy one.

 

Once I have done that how do you want me to transfer from flash drive?



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 25 August 2014 - 03:47 PM

Just run FRST like you did the very first time you ran it. Then post the log. If you cant post that log we may try something a little different.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 25 August 2014 - 04:52 PM

Hi there. OK well I had already run the log from scratch and got the same results.

 

I have to say that throughout this whole procedure for the various logs/reports I have always been able to either copy text into email, or add as an attachment  UNTIL NOW!!

 

So I will wait to hear from you.



#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,502 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:11:45 PM

Posted 25 August 2014 - 06:17 PM

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

 

 

See if you can copy and paste after you run this tool.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 Terwyl

Terwyl
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:45 AM

Posted 26 August 2014 - 04:50 AM

This is one of those times when I start to doubt my own sanity.

 

I have Windows 7 and your instructions seem to apply to Windows 8. Anyway having said that the operation in no way conforms to your pattern of instructions. Once started I did not have to intervene at all, until at the end it said it found God knows how many Registry errors and it wanted $14.95 for a one year license key.

 

I assume that this was not what you had in mind?

 

Regards

 

Terry






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users