Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with globalupdate,binkiland,procleaner,


  • This topic is locked This topic is locked
3 replies to this topic

#1 david leee

david leee

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 AM

Posted 25 February 2015 - 09:03 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-02-2015 01

Ran by Melanie (administrator) on MELANIE-PC on 25-02-2015 16:40:09

Running from C:\Users\Melanie\Downloads

Loaded Profiles: Melanie (Available profiles: Melanie & UpdatusUser)

Platform: Microsoft® Windows Vistaâ„¢ Home Premium  Service Pack 2 (X86) OS Language: English (United States)

Internet Explorer Version 9 (Default browser: IE)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(CobianSoft, Luis Cobian) C:\Program Files\Cobian Backup 11\cbVSCService11.exe

(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbService.exe

() C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\nstABF4.tmpfs

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

() C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\jnsjD886.tmp

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

() C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe

(CenturyLink Inc) C:\Program Files\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

() C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Luis Cobian, CobianSoft) C:\Program Files\Cobian Backup 11\cbInterface.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

() C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe

(Dropbox, Inc.) C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

(Microsoft Corporation) C:\Windows\ehome\ehsched.exe

(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe

(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe

(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe

(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)

HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)

HKLM\...\Run: [Google Desktop Search] => C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [240640 2011-10-12] (Google)

HKLM\...\Run: [VMM Mode Selection] => C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe [43520 2011-02-14] ()

HKLM\...\Run: [CenturyLinkTouchPointAgent] => C:\Program Files\CenturyLink\Desktop\CenturyLinkTouchPointAgent.exe [48496 2013-04-16] (CenturyLink Inc)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [978520 2015-01-30] (Microsoft Corporation)

HKLM\...\Run: [Cobian Backup 11 interface] => C:\Program Files\Cobian Backup 11\cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Run: [HPADVISOR] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088 2009-08-05] (Hewlett-Packard)

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {1506ff43-ef8e-11e1-868d-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {24223a72-1630-11e2-9bab-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {3f2d6d77-3f95-11e1-8dd6-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {3f2d6d8b-3f95-11e1-8dd6-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {3f2d6da7-3f95-11e1-8dd6-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {8e027700-bc2a-11e1-952a-00c0a8f696a6} - J:\Launcher.exe -a

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {d003e17e-4c95-11e3-8373-001bfce00f58} - N:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {d003e1d5-4c95-11e3-8373-001bfce00f58} - N:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {f444e841-1c64-11e2-bc10-001bfce00f58} - M:\TL-Bootstrap.exe

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\MountPoints2: {f523295c-9c89-11e1-a865-001bfce00f58} - L:\TL-Bootstrap.exe

AppInit_DLLs: c:/progra~2/{125af~1/191~1.1/deto.dll => c:\progra~2\{125af~1\191~1.1\deto.dll File Not Found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk

ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk

ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit Inc.)

Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OptimizerPro.lnk

ShortcutTarget: OptimizerPro.lnk -> C:\ProgramData\{b4e4000e-210a-5d14-b4e4-4000e2100038}\OptimizerPro.exe (No File)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.

ProxyServer: [.DEFAULT] => http=127.0.0.1:50938;https=127.0.0.1:50938

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

SearchScopes: HKLM -> {216934B0-E5E4-4D97-B961-B6FB73A01213} URL =

SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_08&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0FyCzyyC0AyCyEyDyDyEtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyByB0DtCtDyB0BtGtAtA0A0AtGyCzy0DzytGtByE0ByEtGtBtCtByDtCyEyEtB0FyEyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0C0Czz0DyC0FtG0CyDzy0BtGyEtAzz0BtGzytB0A0FtGyEtAyEyC0D0ByDyBtByE0F0B2Q&cr=1850199547&ir=

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_08&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0FyCzyyC0AyCyEyDyDyEtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyByB0DtCtDyB0BtGtAtA0A0AtGyCzy0DzytGtByE0ByEtGtBtCtByDtCyEyEtB0FyEyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0C0Czz0DyC0FtG0CyDzy0BtGyEtAzz0BtGzytB0A0FtGyEtAyEyC0D0ByDyBtByE0F0B2Q&cr=1850199547&ir=

SearchScopes: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://binkiland.com/results.php?f=4&q={searchTerms}&a=bnk_cmi_15_08&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0FyCzyyC0AyCyEyDyDyEtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyByB0DtCtDyB0BtGtAtA0A0AtGyCzy0DzytGtByE0ByEtGtBtCtByDtCyEyEtB0FyEyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0C0Czz0DyC0FtG0CyDzy0BtGyEtAzz0BtGzytB0A0FtGyEtAyEyC0D0ByDyBtByE0F0B2Q&cr=1850199547&ir=

SearchScopes: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> {947C74BB-A83D-40C6-B337-E4141920694B} URL = http://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20140310,20028,0,18,0

SearchScopes: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL =

SearchScopes: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> {d3f22a84-2a84-49eb-91e6-5dadaaf0165d} URL =

BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.5.0_17\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> No Name - {81D5AA8C-D46E-49A4-82D3-44FB3FFB3923} -  No File

Toolbar: HKU\S-1-5-21-277955543-4015798972-3038374582-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

 

FireFox:

========

FF ProfilePath: C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jgq6nryp.default

FF DefaultSearchEngine: Yahoo

FF SearchEngineOrder.1: Yahoo

FF SearchEngineOrder.2:

FF Keyword.URL: hxxp://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,157,0_0,Search,20140310,20030,0,18,0

FF NewTab: about:newtab

FF Extension: MyWordTool - C:\Users\Melanie\AppData\Roaming\Mozilla\Firefox\Profiles\jgq6nryp.default\Extensions\emily@wilford.biz [2014-01-05]

FF HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-15]

 

Chrome:

=======

CHR dev: Chrome dev build detected! <======= ATTENTION

CHR HomePage: Default -> hxxp://binkiland.com/?f=1&a=bnk_cmi_15_08&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0FyCzyyC0AyCyEyDyDyEtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyByB0DtCtDyB0BtGtAtA0A0AtGyCzy0DzytGtByE0ByEtGtBtCtByDtCyEyEtB0FyEyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0C0Czz0DyC0FtG0CyDzy0BtGyEtAzz0BtGzytB0A0FtGyEtAyEyC0D0ByDyBtByE0F0B2Q&cr=1850199547&ir=

CHR StartupUrls: Default -> "hxxp://binkiland.com/?f=7&a=bnk_cmi_15_08&cd=2XzuyEtN2Y1L1QzutDtD0CtD0Azz0FyCzyyC0AyCyEyDyDyEtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyBtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyByB0DtCtDyB0BtGtAtA0A0AtGyCzy0DzytGtByE0ByEtGtBtCtByDtCyEyEtB0FyEyB0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByC0C0Czz0DyC0FtG0CyDzy0BtGyEtAzz0BtGzytB0A0FtGyEtAyEyC0D0ByDyBtByE0F0B2Q&cr=1850199547&ir="

CHR DefaultSearchKeyword: Default -> CD749DCC6EAC785213FC1E097584EED0347985C3784D61B22B8ECDDCA7084588

CHR DefaultSearchURL: Default -> FB4477039DF50B00AB914CF28DB153B1902EFC9808DB5F19B8377A18CE66E00D

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

CHR Profile: C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (TinEye Reverse Image Search old version) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blkehhkdbdbaggkkapkcaoanffomhgjl [2015-01-12]

CHR Extension: (Fauxbar) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hibkhcnpkakjniplpfblaoikiggkopka [2015-01-18]

CHR Extension: (CSS3Clock aNTP) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfgmigibdamhiimcbcnhhfmgegejhpf [2015-01-14]

CHR Extension: (Utime) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpcibgnngaaabebmcabmkocdokepdaki [2015-01-31]

CHR Extension: (Kraken io Image Optimizer) - C:\Users\Melanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncfocpbhmmfmdgjinmebjfajehgomae [2014-12-29]

StartMenuInternet: Google Chrome - chrome.exe

 

========================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 cbVSCService11; C:\Program Files\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]

R2 CobianBackup11; C:\Program Files\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]

S3 GoogleDesktopManager; C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe [81408 2011-10-12] (Google) [File not signed]

R2 kuzodiku; C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\jnsjD886.tmp [90624 2015-02-20] () [File not signed]

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)

S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]

R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [284472 2015-01-30] (Microsoft Corporation)

R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]

S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [20480 2009-09-16] (Intuit) [File not signed]

S3 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [65536 2006-11-09] (Intuit Inc.) [File not signed]

S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)

R2 WSWNDA3100v2; C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

R2 fewonize; C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\nstABF4.tmpfs [X]

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1074944 2011-12-12] (Broadcom Corporation)

R3 hcw18bda; C:\Windows\System32\drivers\hcw18bda.sys [391168 2009-03-19] (Hauppauge Computer Works, Inc)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-02-25] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [239224 2014-11-15] (Microsoft Corporation)

R1 MpKslea5ed40e; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C9E018E1-274C-48E2-B44E-79E6A2B95DD0}\MpKslea5ed40e.sys [39464 2015-02-25] (Microsoft Corporation)

S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)

R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2015-01-20] ()

S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]

S3 HTCAND32; System32\Drivers\ANDROIDUSB.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-25 16:40 - 2015-02-25 16:40 - 00021511 _____ () C:\Users\Melanie\Downloads\FRST.txt

2015-02-25 16:39 - 2015-02-25 16:40 - 00000000 ____D () C:\FRST

2015-02-25 16:39 - 2015-02-25 16:39 - 01127424 _____ (Farbar) C:\Users\Melanie\Downloads\FRST.exe

2015-02-23 14:51 - 2015-02-24 23:08 - 00000000 ____D () C:\Users\Melanie\Documents\backup02222015

2015-02-23 14:46 - 2015-02-23 14:47 - 00000000 ____D () C:\Users\Melanie\Desktop\backup02222015

2015-02-22 22:00 - 2015-02-22 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11

2015-02-22 22:00 - 2015-02-22 22:00 - 00000000 ____D () C:\Program Files\Cobian Backup 11

2015-02-22 21:57 - 2015-02-22 21:58 - 19709440 ____N (Luis Cobian, CobianSoft) C:\Users\Melanie\Downloads\cbSetup.exe

2015-02-22 21:12 - 2015-02-22 21:12 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Safe mirror

2015-02-22 21:09 - 2015-02-22 21:10 - 15492608 ____N (Luis Cobian, CobianSoft) C:\Users\Melanie\Downloads\cbSetup10 (1).exe

2015-02-22 19:36 - 2015-02-25 08:52 - 00000000 ____D () C:\Program Files\Cobian Backup 10

2015-02-22 19:27 - 2015-02-22 19:33 - 15492608 ____N (Luis Cobian, CobianSoft) C:\Users\Melanie\Downloads\cbSetup10.exe

2015-02-21 19:34 - 2015-02-22 16:34 - 00000063 _____ () C:\Users\Melanie\AppData\Roaming\WB.CFG

2015-02-21 18:38 - 2015-02-21 18:38 - 00000000 ____D () C:\ProgramData\5b50557000005339

2015-02-21 18:34 - 2015-02-22 16:47 - 00000000 ____D () C:\ProgramData\{b4e4000e-210a-5d14-b4e4-4000e2100038}

2015-02-21 18:33 - 2015-02-21 18:33 - 00000000 ____D () C:\ProgramData\Unchecky

2015-02-21 17:35 - 2015-02-21 17:35 - 00002422 ____N () C:\Users\Melanie\Downloads\AdwCleaner.exe - Shortcut (3).lnk

2015-02-21 17:35 - 2015-02-21 17:35 - 00001210 ____N () C:\Users\Melanie\Downloads\AdwCleaner.exe - Shortcut (2).lnk

2015-02-21 17:04 - 2015-02-21 17:06 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2015-02-21 17:03 - 2015-02-21 17:07 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2015-02-20 16:40 - 2015-02-20 17:20 - 00000000 ____D () C:\ProgramData\{06a0d2c3-8314-884a-06a0-0d2c38314b0e}

2015-02-20 16:12 - 2015-02-20 16:12 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Rainmaker_Software_Group_

2015-02-20 16:10 - 2015-02-20 16:15 - 00000000 ____D () C:\Users\Melanie\AppData\Local\DB056D00-1424448614-1012-82D3-C95A632AA85B

2015-02-20 16:09 - 2015-02-20 16:09 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B

2015-02-20 16:06 - 2015-02-20 16:06 - 00002904 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini

2015-02-20 16:06 - 2015-02-20 16:06 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Rainmaker Software Group LLC.​

2015-02-20 16:05 - 2015-02-18 11:55 - 00326240 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService.dll

2015-02-20 16:01 - 2015-02-20 16:01 - 00880840 ____N (Install Helper) C:\Users\Melanie\Downloads\Microsoft_Security_Essentials_Setup.exe

2015-02-20 15:56 - 2015-02-20 15:56 - 11530032 ____N (Microsoft Corporation) C:\Users\Melanie\Downloads\mseinstall.exe

2015-02-19 16:11 - 2015-02-19 18:02 - 00001210 ____N () C:\Users\Melanie\Downloads\AdwCleaner.exe - Shortcut.lnk

2015-02-19 00:18 - 2015-02-21 18:11 - 00000000 ____D () C:\AdwCleaner

2015-02-19 00:14 - 2015-02-19 00:17 - 02126848 ____N () C:\Users\Melanie\Downloads\AdwCleaner.exe

2015-02-17 06:24 - 2015-02-17 06:24 - 00000000 _____ () C:\Windows\setuperr.log

2015-02-16 20:56 - 2015-02-25 15:23 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-02-16 20:55 - 2015-02-16 20:55 - 00000899 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-02-16 20:55 - 2015-02-16 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-02-16 20:55 - 2015-02-16 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-02-16 20:55 - 2015-02-16 20:55 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2015-02-16 20:55 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-02-16 20:55 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-02-16 20:55 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-02-16 20:46 - 2015-02-16 20:46 - 20447072 ____N (Malwarebytes Corporation ) C:\Users\Melanie\Downloads\mbam-setup-2.0.4.1028.exe

2015-02-16 20:15 - 2015-02-16 20:15 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\TuneUp Software

2015-02-16 20:10 - 2015-02-19 15:53 - 00001438 ____N () C:\Users\Melanie\Desktop\Rkill.txt

2015-02-16 20:10 - 2015-02-16 20:10 - 00000000 ____D () C:\Users\Melanie\Desktop\rkill

2015-02-16 20:09 - 2015-02-16 20:10 - 01943800 ____N (Bleeping Computer, LLC) C:\Users\Melanie\Downloads\rkill.com

2015-02-16 19:41 - 2015-02-16 19:41 - 00000741 ____N () C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk

2015-02-16 19:03 - 2015-02-16 20:29 - 00001803 _____ () C:\ProgramData\tempimage.bmp

2015-02-13 13:16 - 2015-02-13 13:17 - 00000042 ____N () C:\Users\Melanie\Downloads\kuaz192.mp3.m3u

2015-02-11 22:01 - 2015-01-22 20:00 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-02-11 22:01 - 2015-01-22 19:51 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-02-11 03:04 - 2014-11-25 19:05 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2015-02-11 03:03 - 2015-01-12 18:39 - 00974848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll

2015-02-11 03:03 - 2015-01-08 17:20 - 02063360 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-02-11 03:00 - 2015-01-14 21:13 - 00440760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-02-11 02:57 - 2014-12-07 18:59 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll

2015-02-11 00:10 - 2015-01-13 18:51 - 12371456 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-02-11 00:10 - 2015-01-13 18:49 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-02-11 00:10 - 2015-01-13 18:43 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-02-11 00:10 - 2015-01-13 18:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-02-11 00:10 - 2015-01-13 18:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-02-11 00:10 - 2015-01-13 18:41 - 01802752 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-02-11 00:10 - 2015-01-13 18:41 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-02-11 00:10 - 2015-01-13 18:41 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-02-11 00:10 - 2015-01-13 18:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2015-02-11 00:10 - 2015-01-13 18:41 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-02-11 00:10 - 2015-01-13 18:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-02-11 00:10 - 2015-01-13 18:40 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2015-02-11 00:10 - 2015-01-13 18:40 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2015-02-11 00:10 - 2015-01-13 18:40 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2015-02-11 00:09 - 2015-01-13 18:46 - 09742336 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-02-03 12:13 - 2015-02-03 12:13 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Avg

2015-02-03 08:26 - 2015-02-03 08:27 - 00054244 ____N () C:\Users\Melanie\Downloads\opensavefilesview.zip

2015-02-02 23:48 - 2015-02-02 23:48 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Compete

2015-02-02 23:08 - 2015-02-02 23:58 - 00000000 ____D () C:\Program Files\40d84078-0bd2-4531-ad82-7cafa3e5064e

2015-02-02 23:07 - 2015-02-02 23:58 - 00000000 ____D () C:\Program Files\219b628a-6c89-4b67-8f01-4e75cd7d3812

2015-02-02 23:07 - 2015-02-02 23:40 - 00000000 ____D () C:\ProgramData\BnwtFgqLy

2015-02-02 23:06 - 2015-02-16 20:20 - 00000000 ____D () C:\ProgramData\MFAData

2015-02-02 23:06 - 2015-02-02 23:06 - 00000000 ____D () C:\Users\Melanie\AppData\Local\MFAData

2015-02-02 18:40 - 2015-02-02 18:40 - 00000000 ____D () C:\Users\Melanie\Documents\chrome

2015-02-02 18:40 - 2013-10-19 23:39 - 01241672 ____N () C:\Users\Melanie\Documents\CREXT.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00716360 ____N (MindSpark) C:\Users\Melanie\Documents\39bar.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00548936 ____N () C:\Users\Melanie\Documents\AppIntegrator64.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00482888 ____N () C:\Users\Melanie\Documents\EXEMANAGER.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00442952 ____N () C:\Users\Melanie\Documents\Hpg64.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00303504 ____N (COMPANYVERS_NAME) C:\Users\Melanie\Documents\39sknlcr.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00292424 ____N () C:\Users\Melanie\Documents\AppIntegratorStub64.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00190848 ____N () C:\Users\Melanie\Documents\T8RES.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00179480 ____N () C:\Users\Melanie\Documents\39tpinst.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00163072 ____N (VER_COMPANY_NAME) C:\Users\Melanie\Documents\39htmlmu.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00161288 ____N (COMPANYVERS_NAME) C:\Users\Melanie\Documents\39msg.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00128512 ____N (COMPANYVERS_NAME) C:\Users\Melanie\Documents\39skin.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00124304 ____N (MindSpark) C:\Users\Melanie\Documents\39radio.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00101640 ____N (MindSpark) C:\Users\Melanie\Documents\T8HTML.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00099840 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39datact.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00091648 ____N (COMPANYVERS_NAME) C:\Users\Melanie\Documents\39feedmg.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00083456 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39httpct.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00074248 ____N () C:\Users\Melanie\Documents\T8EXTEX.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00069192 ____N (MindSpark) C:\Users\Melanie\Documents\39Plugin.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00066272 ____N () C:\Users\Melanie\Documents\VERIFY.DLL

2015-02-02 18:40 - 2013-10-19 23:39 - 00062864 ____N (MindSpark) C:\Users\Melanie\Documents\39SrcAs.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00054672 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39dyn.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00050728 ____N (MindSpark) C:\Users\Melanie\Documents\39dlghk.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00048880 ____N (MindSpark) C:\Users\Melanie\Documents\39reghk.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00046480 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39script.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00046480 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39mlbtn.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00044784 ____N (MindSpark) C:\Users\Melanie\Documents\39SrchMn.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00042512 ____N (MindSpark) C:\Users\Melanie\Documents\39regiet.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00042512 ____N (MindSpark) C:\Users\Melanie\Documents\39regfft.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00042384 ____N (MindSpark) C:\Users\Melanie\Documents\39ieovr.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00042384 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39uabtn.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00034344 ____N (MindSpark) C:\Users\Melanie\Documents\39hkstub.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00034192 ____N (VER_COMPANY_NAME) C:\Users\Melanie\Documents\39brstub.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00034192 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39idle.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00032448 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39impipe.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00030224 ____N (MindSpark) C:\Users\Melanie\Documents\39auxstb.dll

2015-02-02 18:40 - 2013-10-19 23:39 - 00030216 ____N (FULL_COMPANY_NAME) C:\Users\Melanie\Documents\39skplay.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00030096 ____N (VER_COMPANY_NAME) C:\Users\Melanie\Documents\39brmon.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00022048 ____N (MindSpark) C:\Users\Melanie\Documents\39medint.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00022048 ____N (MindSpark) C:\Users\Melanie\Documents\39highin.exe

2015-02-02 18:40 - 2013-10-19 23:39 - 00020480 ____N () C:\Users\Melanie\Documents\BOOTSTRAP.JS

2015-02-02 18:40 - 2013-10-19 23:39 - 00010054 ____N () C:\Users\Melanie\Documents\LOGO.BMP

2015-02-02 18:40 - 2013-10-19 23:39 - 00002048 ____N () C:\Users\Melanie\Documents\INSTALL.RDF

2015-02-02 18:40 - 2013-10-19 23:39 - 00001024 ____N () C:\Users\Melanie\Documents\CHROME.MANIFEST

2015-02-02 18:40 - 2013-10-19 23:39 - 00000242 ____N () C:\Users\Melanie\Documents\installKeys.js

2015-02-02 18:40 - 2013-10-19 23:39 - 00000000 ____D () C:\Users\Melanie\Documents\ThirdPartyInstallers

2015-02-02 02:09 - 2011-06-21 11:24 - 00032768 _____ () C:\Windows\system32\Drivers\sp_rsdrv2.sys

2015-02-02 01:03 - 2015-02-02 01:03 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Apps\2.0

2015-01-31 07:40 - 2015-01-31 07:40 - 00000000 ____D () C:\Program Files\Utime

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2015-02-25 16:36 - 2009-04-11 05:37 - 01595012 _____ () C:\Windows\WindowsUpdate.log

2015-02-25 16:22 - 2011-05-24 11:42 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-25 16:00 - 2012-04-11 19:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-02-25 15:19 - 2006-11-02 05:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2015-02-25 15:19 - 2006-11-02 05:47 - 00003760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2015-02-25 07:22 - 2012-05-02 12:52 - 00000000 ___RD () C:\Users\Melanie\Dropbox

2015-02-25 07:22 - 2012-05-02 12:45 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Dropbox

2015-02-25 07:22 - 2006-11-02 05:37 - 00000000 ___RD () C:\Users\Public\Recorded TV

2015-02-25 07:19 - 2014-02-13 10:15 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf28df36747c92.job

2015-02-25 07:19 - 2011-05-22 13:50 - 00000000 ____D () C:\ProgramData\NVIDIA

2015-02-25 07:19 - 2008-01-20 19:47 - 00208726 _____ () C:\Windows\PFRO.log

2015-02-25 07:19 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-02-24 23:53 - 2006-11-02 06:01 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2015-02-24 08:19 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2015-02-22 16:50 - 2012-01-15 20:50 - 00000000 ____D () C:\Temp

2015-02-21 18:37 - 2011-05-15 11:04 - 00000949 ____N () C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-02-21 18:34 - 2011-12-02 17:12 - 00001971 ____N () C:\Users\Public\Desktop\Google Chrome.lnk

2015-02-21 18:34 - 2011-05-15 11:14 - 00000919 ____N () C:\Users\Melanie\Desktop\Launch Internet Explorer Browser.lnk

2015-02-21 17:17 - 2011-05-15 12:58 - 00001945 _____ () C:\Windows\epplauncher.mif

2015-02-21 16:33 - 2006-11-02 05:52 - 00179054 _____ () C:\Windows\setupact.log

2015-02-20 16:17 - 2011-05-24 11:44 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Adobe

2015-02-20 15:52 - 2011-05-24 11:42 - 00000000 ____D () C:\Program Files\Google

2015-02-19 21:39 - 2011-12-03 12:45 - 00000000 ____D () C:\Windows\Minidump

2015-02-19 18:24 - 2011-05-15 11:03 - 00000000 ____D () C:\Users\Melanie

2015-02-17 13:29 - 2011-07-09 22:19 - 00000000 ____D () C:\Users\Melanie\AppData\Local\Microsoft Help

2015-02-16 19:19 - 2011-05-15 11:04 - 00001356 _____ () C:\Users\Melanie\AppData\Local\d3d9caps.dat

2015-02-14 06:41 - 2012-05-02 12:52 - 00000965 ____N () C:\Users\Melanie\Desktop\Dropbox.lnk

2015-02-14 06:41 - 2012-05-02 12:46 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-02-11 06:22 - 2006-11-02 05:47 - 00393880 _____ () C:\Windows\system32\FNTCACHE.DAT

2015-02-11 03:13 - 2013-07-12 09:14 - 00000000 ____D () C:\Windows\system32\MRT

2015-02-11 03:05 - 2006-11-02 03:24 - 113756392 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2015-02-11 03:04 - 2011-07-09 22:19 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-02-05 15:18 - 2012-01-26 08:07 - 00000000 ____D () C:\Users\Melanie\Documents\My Scans

2015-02-05 08:00 - 2012-04-11 19:48 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2015-02-05 08:00 - 2011-06-16 13:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2015-02-03 12:47 - 2011-05-15 12:45 - 00000000 ____D () C:\Users\Melanie\AppData\Roaming\HpUpdate

2015-02-03 12:25 - 2011-05-15 16:54 - 00023552 _____ () C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2015-01-31 22:34 - 2012-10-20 12:55 - 00000000 ____D () C:\Users\Melanie\Documents\Thunderbolt SD Card

2015-01-31 22:06 - 2014-01-21 10:39 - 00000000 ____D () C:\Users\Melanie\.android

2015-01-31 21:52 - 2011-05-17 15:54 - 00000000 ____D () C:\Program Files\Safari

2015-01-31 15:52 - 2011-05-17 15:54 - 00002463 ____N () C:\Users\Public\Desktop\Safari.lnk

2015-01-31 15:49 - 2011-05-15 12:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

2015-01-31 15:49 - 2011-05-15 12:41 - 00000000 ____D () C:\Program Files\HP

2015-01-31 14:20 - 2011-05-17 15:53 - 00000000 ____D () C:\Program Files\Common Files\Apple

2015-01-31 14:20 - 2011-05-17 15:50 - 00000000 ____D () C:\ProgramData\Apple

2015-01-31 14:14 - 2015-01-22 18:16 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB

2015-01-29 07:34 - 2013-09-09 21:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox

 

==================== Files in the root of some directories =======

 

2013-10-19 22:11 - 2013-10-20 00:32 - 50053120 _____ () C:\Program Files\GUTED7C.tmp

2015-01-21 23:03 - 2015-01-21 23:17 - 0000053 _____ () C:\Users\Melanie\AppData\Roaming\LogFile.txt

2015-01-25 09:12 - 2015-01-25 09:12 - 0001248 _____ () C:\Users\Melanie\AppData\Roaming\OZIDUE

2015-01-25 09:12 - 2015-01-25 09:12 - 0001248 _____ () C:\Users\Melanie\AppData\Roaming\TIMWR

2015-02-21 19:34 - 2015-02-22 16:34 - 0000063 _____ () C:\Users\Melanie\AppData\Roaming\WB.CFG

2011-05-15 11:04 - 2015-02-16 19:19 - 0001356 _____ () C:\Users\Melanie\AppData\Local\d3d9caps.dat

2011-05-15 16:54 - 2015-02-03 12:25 - 0023552 _____ () C:\Users\Melanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2011-10-13 06:51 - 2011-10-13 06:51 - 0000095 _____ () C:\Users\Melanie\AppData\Local\fusioncache.dat

2015-02-16 19:03 - 2015-02-16 20:29 - 0001803 _____ () C:\ProgramData\tempimage.bmp

 

Some content of TEMP:

====================

C:\Users\Melanie\AppData\Local\Temp\cbSetupE.exe

C:\Users\Melanie\AppData\Local\Temp\CloudBackup7086.exe

C:\Users\Melanie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tar41.dll

C:\Users\Melanie\AppData\Local\Temp\optprosetup.exe

C:\Users\Melanie\AppData\Local\Temp\Quarantine.exe

C:\Users\Melanie\AppData\Local\Temp\SpOrder.dll

C:\Users\Melanie\AppData\Local\Temp\sqlite3.exe

C:\Users\Melanie\AppData\Local\Temp\SymCCIS.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2015-02-25 08:08

 

==================== End Of LoDo not know how to remove after many attemps also my cpu is running at 77%

I saw in FRST.txt and or Addition txt... soft ware/ policies/micro soft and chrome dev build  detected both had the word attention after them ?

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01
Ran by Melanie at 2015-02-25 16:41:24
Running from C:\Users\Melanie\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
7500_7600_7700_Help1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan_Carrier (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 140.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.7.2.11 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.6.3.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.5.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.3.1.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.4.1.9 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.8 (HKLM\...\DPP) (Version: 3.8.1.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.8.1.0 - Canon Inc.)
Canon Utilities Original Data Security Tools (HKLM\...\Original Data Security Tools) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.7.0.0 - Canon Inc.)
Canon Utilities WFT Utility (HKLM\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.5.1.15 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.3.0.4 - Canon Inc.)
CenturyLink Installer (HKLM\...\{C96FF998-45BD-411E-9253-B7F2660FE280}) (Version: 1.0 - CenturyLink, Inc.)
Cobian Backup 11 Gravity (HKLM\...\CobBackup11) (Version:  - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.213.000 - Hewlett-Packard) Hidden
DocProc (Version: 140.0.100.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-277955543-4015798972-3038374582-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.)
Fax (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: - - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HP Advisor (HKLM\...\{73A43E42-3658-4DD9-8551-FACDA3632538}) (Version: 3.1.9152.3107 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP OfficeJet L7300/L7500/7600/7700 (HKLM\...\{9D6C64CC-EA60-47A6-9C97-82C38231EDAE}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
J2SE Runtime Environment 5.0 Update 17 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150170}) (Version: 1.5.0.170 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
L7600 (Version: 140.0.000.000 - Hewlett-Packard) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Accounting 2008 (HKLM\...\Microsoft Office Accounting 2008) (Version: 3.0.8627.1 - Microsoft Corporation)
Microsoft Office Accounting 2008 Equifax Addin (HKLM\...\{0C2AF762-0565-4C91-9F55-B8B53BB82A38}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting 2008 Fixed Asset Manager (HKLM\...\{E3DF6916-2472-43D9-8B3C-9F2F0AAB01B5}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting 2008 PayPal Addin (HKLM\...\{B391EECE-DFEA-4FC5-9D40-47FA43E2DBE6}) (Version: 3.0.8231.0 - Microsoft Corporation)
Microsoft Office Accounting ADP Payroll Addin (HKLM\...\{5FA793A6-0071-42C1-9355-8F69A428C44F}) (Version: 0.0.0.0 - ADP)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MPM (HKLM\...\{B5A4C902-1636-48DB-8E38-F0DB102DDB59}) (Version: 1.00.0000 - Hewlett-Packard)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller Driver 285.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 285.62 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Graphics Driver 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.11.0621 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.11.0621 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
ProductContext (Version: 140.0.000.000 - Hewlett-Packard) Hidden
QuickBooks Premier Edition 2007 (HKLM\...\{7E545666-F424-45FD-B3DF-C0B99A1A579F}) (Version:  - )
QuickBooks Product Listing Service (HKLM\...\{91208A47-5D08-4C79-986F-1931940F51BB}) (Version: 2.0.148 - Intuit)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5789 - Realtek Semiconductor Corp.)
Scan (Version: 140.0.167.000 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
SmartWebPrinting (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
SolutionCenter (Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (Version: 140.0.256.000 - Hewlett-Packard) Hidden
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
WebReg (Version: 140.0.213.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{28400E86-5FFC-453D-A534-EF455A115E74}\localserver32 -> C:\Program Files\Intuit\QuickBooks Product Listing Service\QBProductListingCOMServer.exe (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{32D32337-1511-4416-85C5-FD96C99322A0}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{3928D252-6BB4-4C0D-BE70-1E03AF93D464}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{4877276C-A727-486D-B201-F096035CA4DF}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\qbfc5.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{8034BBB8-2145-4159-9A34-51E21A0A981F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{86AC2FAD-C987-4757-B591-02F9867A8BE5}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\qbfc5.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{8CA5338E-3C5E-4087-ADEC-B1CA665BC293}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{F19F9A95-7A43-4A93-80B0-C9C1FF6F63F9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{F9EF917A-E55E-4242-B205-E778395AC313}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\BbfDepCalc.ocx (Intuit)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2007\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-277955543-4015798972-3038374582-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Melanie\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points  =========================

18-02-2015 18:28:38 Scheduled Checkpoint
19-02-2015 09:30:35 Windows Update
20-02-2015 15:50:51 Removed Google Earth.
20-02-2015 16:03:20 LavasoftWeCompanion
20-02-2015 16:14:57 Removed Pro PC Cleaner
20-02-2015 16:21:58 LavasoftWeCompanion
21-02-2015 16:53:19 Windows Update
21-02-2015 18:43:04 Removed AirPort
24-02-2015 08:59:28 Scheduled Checkpoint
25-02-2015 07:48:04 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2015-02-21 18:40 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01816B0A-26CB-4D4E-955E-D90EA6D8D593} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {02155380-A9D5-44D5-B51A-004955253079} - \CIMT_S-1-5-21-277955543-4015798972-3038374582-1000 No Task File <==== ATTENTION
Task: {12AC17F7-C570-4282-8FBA-209A678B3E2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {1C5B3818-73C9-4818-A566-F756300E74B0} - System32\Tasks\GoogleUpdateTaskMachineCore1cf28df36747c92 => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {2198D2BA-9997-4F24-B680-24163DFE39EA} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Melanie => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {546ADB9C-CE95-4989-AEE7-D37EBA9911EA} - \Binkiland No Task File <==== ATTENTION
Task: {5D5CADE6-7BE6-4EE4-9C97-66525D044CAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {90521187-40D9-4172-BA94-E0E584C77A95} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9054CBBB-FBF9-4607-AC32-0FB7DD817C93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {A9A262AB-8A34-4FD4-8ED8-D2E0303C5BF1} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {EDA675BA-746E-4373-B86C-EEFE981FC944} - System32\Tasks\PastaLeads => C:\Program Files\pastaleads\ScheduledTask.exe
Task: {EEB3D46C-91A4-442F-BC07-D83ABB2930E8} - \CIMT_daily_S-1-5-21-277955543-4015798972-3038374582-1000 No Task File <==== ATTENTION
Task: {F7FB1BFF-EB08-4278-BF87-CB8A05140612} - System32\Tasks\RPC => C:\Program Files\Bull Softwares\Reg Pro Cleaner\RegProCleaner.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf28df36747c92.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-20 16:09 - 2015-02-20 16:09 - 00141312 _____ () C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\nstABF4.tmpfs
2015-02-20 16:09 - 2015-02-20 16:09 - 00090624 _____ () C:\Users\Melanie\AppData\Roaming\DB056D00-1424448543-1012-82D3-C95A632AA85B\jnsjD886.tmp
2012-01-15 20:51 - 2011-02-14 06:55 - 00043520 ____R () C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
2013-08-16 17:37 - 2011-12-14 17:53 - 00303360 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
2013-08-16 17:37 - 2011-12-14 10:22 - 00368640 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiLib.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00061440 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00131072 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-08-05 11:25 - 2009-08-05 11:25 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00036864 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-08-05 11:26 - 2009-08-05 11:26 - 00007680 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-08-16 17:37 - 2011-12-14 17:55 - 08453376 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2013-08-16 17:37 - 2011-12-14 10:43 - 00278528 _____ () C:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2015-02-10 14:00 - 2015-02-10 14:00 - 00750080 _____ () C:\Users\Melanie\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-02-25 07:21 - 2015-02-25 07:21 - 00043008 _____ () c:\users\melanie\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9tar41.dll
2015-02-10 14:00 - 2015-02-10 14:00 - 00047616 _____ () C:\Users\Melanie\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-02-10 14:00 - 2015-02-10 14:00 - 00865280 _____ () C:\Users\Melanie\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-02-10 14:00 - 2015-02-10 14:00 - 00200704 _____ () C:\Users\Melanie\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2011-10-12 22:31 - 2011-10-12 22:31 - 00036352 _____ () C:\Program Files\Google\Google Desktop Search\gzlib.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-277955543-4015798972-3038374582-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Melanie\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.25

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-277955543-4015798972-3038374582-500 - Administrator - Disabled)
ASPNET (S-1-5-21-277955543-4015798972-3038374582-1005 - Limited - Enabled)
Guest (S-1-5-21-277955543-4015798972-3038374582-501 - Limited - Disabled)
Melanie (S-1-5-21-277955543-4015798972-3038374582-1000 - Administrator - Enabled) => C:\Users\Melanie
UpdatusUser (S-1-5-21-277955543-4015798972-3038374582-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/25/2015 08:43:00 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\PARTNERS.CMPTCH.COM\FLASH> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 08:28:44 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\PARTNERS.CMPTCH.COM\FLASH> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:25 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:25 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MICROSOFT> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:19 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:19 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\WWW.KEYBR.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\WWW.KEYBR.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\WWW.CRACKLE.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

Error: (02/25/2015 07:27:08 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\MELANIE\DOCUMENTS\BACKUP02222015\MELANIE 2015-02-24 23;08;51 (INCREMENTAL)\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\VIRTUALIZED\C\USERS\MELANIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\7XT5G7LU\WWW.CRACKLE.COM> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
 A device attached to the system is not functioning.   (0x8007001f)

System errors:
=============
Error: (02/25/2015 07:25:13 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/25/2015 07:25:13 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/25/2015 07:25:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: KtmRm for Distributed Transaction Coordinator

Error: (02/25/2015 07:22:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}

Error: (02/25/2015 07:20:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (02/24/2015 08:33:04 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}

Error: (02/24/2015 08:26:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (02/24/2015 08:26:24 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (02/24/2015 08:26:24 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: KtmRm for Distributed Transaction Coordinator

Error: (02/24/2015 08:21:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Microsoft Office Sessions:
=========================
Error: (06/05/2014 09:01:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 554 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (12/20/2011 07:08:22 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 382 seconds with 360 seconds of active time.  This session ended with a crash.

CodeIntegrity Errors:
===================================
  Date: 2015-02-25 16:41:05.959
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:05.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:05.626
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:05.456
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:05.161
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:04.993
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:04.823
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:41:04.654
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:40:29.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-02-25 16:40:29.395
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™2 Quad CPU @ 2.40GHz
Percentage of memory in use: 72%
Total physical RAM: 3069.77 MB
Available physical RAM: 832.46 MB
Total Pagefile: 6354.54 MB
Available Pagefile: 4022.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:81.56 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:298.09 GB) (Free:297.98 GB) NTFS
Drive e: (Feb 23 2015) (CDROM) (Total:4.38 GB) (Free:4.38 GB) UDF
Drive j: (Elements) (Fixed) (Total:1863.01 GB) (Free:1819.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: 0961F40A)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00034276)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

 

 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:21 AM

Posted 02 March 2015 - 09:05 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/568320 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:21 AM

Posted 04 March 2015 - 02:44 PM

Hello ,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
  •   I will be analyzing your log. I will get back to you with instructions.

 

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

2.

Please delete the copy of FRST you have. Then follow the directions below.

 

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:10:21 AM

Posted 10 March 2015 - 06:56 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users