PDA

View Full Version : Related to `Barowwsoe2Save `elimination



spyCype
2015-01-25, 13:56
http://forums.spybot.info/showthread.php?71881-Removal-of-Barowwsoe2Save&goto=newpost

==============
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by cp2012 (administrator) on CP2012-HP on 25-01-2015 06:08:45
Running from C:\Users\cp2012\Downloads
Loaded Profiles: cp2012 (Available profiles: cp2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
() C:\Program Files (x86)\Content Manager\CmTray.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [My Scrap Nook Home Page Guard 64 bit] => "C:\PROGRA~2\MYSCRA~2\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2226704 2013-03-07] (Research In Motion Limited)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-18\...\Run: [ISUSPM] => -scheduler
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk -> C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/19
URLSearchHook: HKU\S-1-5-21-4211978626-972589915-279576106-1000 - (No Name) - {f9bbf004-6e40-4019-8214-c43a37e1d058} - No File
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> No Name - {F9BBF004-6E40-4019-8214-C43A37E1D058} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\cp2012\AppData\Roaming\Mozilla\Firefox\Profiles\6od7941t.default-1401247939329
FF DefaultSearchEngine: Google
FF Homepage: https://www.google.ca/
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4211978626-972589915-279576106-1000: @citrixonline.com/appdetectorplugin -> C:\Users\cp2012\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial@buzzsocialpoints.com.xpi [2015-01-14]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-16] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-12] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [63904 2013-10-10] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 06:08 - 2015-01-25 06:08 - 00000000 ____D () C:\Users\cp2012\Downloads\FRST-OlderVersion
2015-01-23 22:33 - 2015-01-23 22:46 - 00000000 ____D () C:\10af7caede595e38e1
2015-01-22 18:55 - 2015-01-22 18:55 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{ECBDDCC1-7ABD-4BFF-AD48-31C107E46370}
2015-01-22 00:13 - 2015-01-22 00:13 - 00008887 _____ () C:\Users\cp2012\Desktop\JRT.txt
2015-01-21 14:41 - 2015-01-21 14:43 - 225890304 _____ () C:\Users\cp2012\Downloads\LibreOffice_4.3.5_Win_x86(1).msi
2015-01-21 13:14 - 2015-01-21 13:14 - 01707939 _____ (Thisisu) C:\Users\cp2012\Downloads\JRT(2).exe
2015-01-21 10:32 - 2015-01-24 13:35 - 00003366 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-21 10:32 - 2015-01-24 13:35 - 00003234 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-18 19:37 - 2015-01-18 19:48 - 00000000 ____D () C:\Users\cp2012\Desktop\ParkingDetroit
2015-01-18 16:08 - 2015-01-18 16:08 - 01707939 _____ (Thisisu) C:\Users\cp2012\Downloads\JRT(1).exe
2015-01-18 03:35 - 2015-01-18 03:35 - 00000000 ____D () C:\Windows\ERUNT
2015-01-18 03:33 - 2015-01-18 03:33 - 01707939 _____ (Thisisu) C:\Users\cp2012\Downloads\JRT.exe
2015-01-18 03:33 - 2015-01-18 03:33 - 00010884 _____ () C:\Users\cp2012\Desktop\AdwCleaner[S1].txt
2015-01-18 03:23 - 2015-01-18 03:24 - 02186752 _____ () C:\Users\cp2012\Downloads\adwcleaner_4.108.exe
2015-01-18 03:16 - 2015-01-18 03:16 - 00000988 _____ () C:\Users\cp2012\Desktop\checkup.txt
2015-01-18 02:56 - 2015-01-18 02:56 - 00852504 _____ () C:\Users\cp2012\Downloads\SecurityCheck.exe
2015-01-16 23:31 - 2015-01-16 23:33 - 225890304 _____ () C:\Users\cp2012\Downloads\LibreOffice_4.3.5_Win_x86.msi
2015-01-14 23:33 - 2015-01-14 23:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 09:56 - 2015-01-14 09:56 - 00069765 _____ () C:\Users\cp2012\Downloads\statement(2).aspx
2015-01-14 09:56 - 2015-01-14 09:56 - 00068746 _____ () C:\Users\cp2012\Downloads\statement(1).aspx
2015-01-14 09:55 - 2015-01-14 09:55 - 00068746 _____ () C:\Users\cp2012\Downloads\statement.aspx
2015-01-13 14:51 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 14:51 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 14:51 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 14:51 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 14:51 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 14:51 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 14:51 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 14:51 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 11:18 - 2015-01-13 12:18 - 00003879 _____ () C:\Users\cp2012\Downloads\aswMBR.txt
2015-01-13 11:18 - 2015-01-13 12:18 - 00000512 _____ () C:\Users\cp2012\Downloads\MBR.dat
2015-01-13 11:13 - 2015-01-13 11:13 - 05198336 _____ (AVAST Software) C:\Users\cp2012\Downloads\aswMBR.exe
2015-01-13 11:13 - 2015-01-13 11:13 - 00045991 _____ () C:\Users\cp2012\Downloads\Addition.txt
2015-01-13 11:12 - 2015-01-25 06:08 - 00026174 _____ () C:\Users\cp2012\Downloads\FRST.txt
2015-01-13 11:10 - 2015-01-25 06:08 - 02129920 _____ (Farbar) C:\Users\cp2012\Downloads\FRST64.exe
2015-01-13 11:10 - 2015-01-25 06:08 - 00000000 ____D () C:\FRST
2015-01-13 11:10 - 2015-01-13 11:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CP2012-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-13 11:09 - 2015-01-13 11:09 - 00000000 ____D () C:\Users\cp2012\CP2012-HP
2015-01-13 11:06 - 2015-01-13 11:06 - 00002237 _____ () C:\Users\cp2012\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-13 11:05 - 2015-01-13 11:05 - 04215584 _____ () C:\Users\cp2012\Downloads\tweaking.com_registry_backup_setup.exe
2015-01-13 10:34 - 2015-01-13 10:34 - 01054912 _____ (Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2015-01-12 12:52 - 2015-01-12 12:52 - 00153894 _____ () C:\Users\cp2012\Desktop\Copy of Squirt Calender 2015 --Schram.xlsx
2015-01-03 18:13 - 2015-01-03 18:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-03 17:30 - 2015-01-03 18:02 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Anvsoft
2015-01-03 17:30 - 2015-01-03 17:30 - 00000000 ____D () C:\Users\cp2012\Documents\Any Video Converter
2015-01-03 17:29 - 2015-01-03 17:29 - 33259320 _____ (Any-Video-Converter.com ) C:\Users\cp2012\Downloads\avc-setup-5.7.6(1).exe
2015-01-03 17:26 - 2015-01-03 17:26 - 00231808 _____ () C:\Users\cp2012\Downloads\avc-setup-5.7.6.exe
2015-01-03 17:10 - 2015-01-03 17:10 - 02520172 _____ () C:\Users\cp2012\Desktop\JakeVideo-1Dec2015ppm.ppm
2015-01-03 16:44 - 2015-01-03 16:45 - 19512268 _____ () C:\Users\cp2012\Downloads\JakeVideo-2Dec2015.odp
2015-01-03 16:43 - 2015-01-03 16:43 - 00082064 _____ () C:\Users\cp2012\Downloads\JakeVideo-1Dec2015.odp
2015-01-01 18:11 - 2015-01-01 18:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-27 22:22 - 2014-12-27 22:22 - 00803392 _____ ( ) C:\Users\cp2012\Downloads\FlvPlayerSetup.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 05:57 - 2012-08-27 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 05:52 - 2012-07-14 02:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 04:43 - 2012-07-14 02:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 04:43 - 2012-07-14 02:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 04:43 - 2012-04-12 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-25 04:42 - 2012-08-27 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 20:03 - 2012-07-05 22:09 - 01581239 _____ () C:\Windows\WindowsUpdate.log
2015-01-24 19:06 - 2012-09-13 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-24 19:03 - 2012-07-05 22:19 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F7652-FBD3-4B12-89F2-B7F72B5A1255}
2015-01-24 13:37 - 2013-06-23 19:25 - 00000000 ___RD () C:\Users\cp2012\Dropbox
2015-01-24 13:37 - 2013-06-23 19:22 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Dropbox
2015-01-24 10:49 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 10:49 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 10:48 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 10:41 - 2012-04-12 16:43 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-24 10:41 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 10:41 - 2009-07-13 23:51 - 00088443 _____ () C:\Windows\setupact.log
2015-01-24 07:29 - 2012-07-09 08:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\CrashDumps
2015-01-24 07:27 - 2013-08-26 21:58 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-24 07:27 - 2013-08-24 18:10 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-23 23:01 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\Cy
2015-01-23 22:38 - 2011-02-11 12:15 - 00767290 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-23 16:36 - 2012-07-10 13:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-23 16:35 - 2012-07-21 18:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-21 15:18 - 2012-12-05 08:39 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForcp2012
2015-01-21 15:18 - 2012-12-05 08:39 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForcp2012.job
2015-01-21 15:15 - 2012-10-18 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-21 14:58 - 2012-07-05 22:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Adobe
2015-01-21 14:53 - 2013-11-27 14:52 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-01-21 10:41 - 2014-10-14 12:46 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-21 10:39 - 2014-06-03 13:46 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-18 19:27 - 2014-03-23 21:24 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Windows Live
2015-01-18 03:28 - 2010-11-20 22:47 - 02256118 _____ () C:\Windows\PFRO.log
2015-01-18 03:27 - 2014-04-21 08:54 - 00000000 ____D () C:\AdwCleaner
2015-01-17 00:12 - 2012-10-11 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-16 23:30 - 2013-10-04 12:31 - 00799744 ___SH () C:\Users\cp2012\Desktop\Thumbs.db
2015-01-15 00:00 - 2014-12-02 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-01-13 21:27 - 2013-06-23 19:25 - 00001025 _____ () C:\Users\cp2012\Desktop\Dropbox.lnk
2015-01-13 21:27 - 2013-06-23 19:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-13 14:55 - 2013-07-14 08:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 14:51 - 2012-07-11 22:21 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 11:09 - 2012-07-05 22:11 - 00000000 ____D () C:\Users\cp2012
2015-01-12 11:12 - 2012-11-28 14:49 - 00000000 ____D () C:\Users\cp2012\Desktop\a-Jake
2015-01-12 11:11 - 2012-08-03 08:48 - 00127776 _____ () C:\Users\cp2012\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-12 08:42 - 2012-07-05 22:20 - 00000000 ____D () C:\Users\cp2012\AppData\Local\PDFC
2015-01-09 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-08 09:55 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 18:27 - 2012-07-20 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\SoftGrid Client
2015-01-03 18:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Resources
2015-01-03 16:44 - 2012-12-07 18:54 - 00012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-01 19:47 - 2014-08-19 22:31 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Adobe
2015-01-01 18:07 - 2009-07-14 00:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-30 10:22 - 2014-10-13 10:32 - 00032012 _____ () C:\Users\cp2012\Desktop\InsuranceComparison.ods
2014-12-28 19:52 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-12-26 07:56 - 2014-04-08 11:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15

==================== Files in the root of some directories =======

2012-08-13 03:59 - 2012-08-13 03:59 - 125106169 _____ () C:\Program Files\openofficeorg1.cab
2012-08-13 03:58 - 2012-08-13 03:58 - 3162112 _____ () C:\Program Files\openofficeorg341.msi
2012-08-13 03:58 - 2012-08-13 03:58 - 0473600 _____ () C:\Program Files\setup.exe
2012-08-13 03:58 - 2012-08-13 03:58 - 0000294 _____ () C:\Program Files\setup.ini
2013-06-26 17:14 - 2014-03-20 22:39 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-10-01 08:46 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-01 08:42 - 2014-03-16 22:32 - 0005569 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-01 08:46 - 2014-12-04 17:00 - 0000462 _____ () C:\Users\cp2012\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-01 08:57 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Transcoder.Exception.log
2012-12-07 18:54 - 2015-01-03 16:44 - 0012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-21 23:44 - 2013-05-21 23:44 - 0000877 _____ () C:\Users\cp2012\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpubhvvs.dll
C:\Users\cp2012\AppData\Local\Temp\_isF620.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-21 11:20

==================== End Of Log ===============================================


aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2015-01-25 06:14:00
-----------------------------
06:14:00.099 OS Version: Windows x64 6.1.7601 Service Pack 1
06:14:00.099 Number of processors: 4 586 0x2A07
06:14:00.099 ComputerName: CP2012-HP UserName: cp2012
06:14:05.050 Initialize success
06:15:52.310 AVAST engine defs: 15012401
06:41:53.170 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
06:41:53.171 Disk 0 Vendor: ST2000DL HP16 Size: 1907729MB BusType: 3
06:41:53.300 Disk 0 MBR read successfully
06:41:53.302 Disk 0 MBR scan
06:41:53.358 Disk 0 Windows 7 default MBR code
06:41:53.368 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
06:41:53.383 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 1889177 MB offset 206848
06:41:53.421 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 18450 MB offset 3869241344
06:41:53.486 Disk 0 scanning C:\Windows\system32\drivers
06:42:04.537 Service scanning
06:42:25.177 Modules scanning
06:42:25.182 Disk 0 trace - called modules:
06:42:25.226 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
06:42:25.237 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a027060]
06:42:25.240 3 CLASSPNP.SYS[fffff88000e0143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007ae4050]
06:42:29.237 AVAST engine scan C:\Windows
06:42:31.932 AVAST engine scan C:\Windows\system32
06:45:33.834 AVAST engine scan C:\Windows\system32\drivers
06:45:49.569 AVAST engine scan C:\Users\cp2012
06:48:11.252 Disk 0 MBR has been saved successfully to "C:\Users\cp2012\Desktop\ScanFiles\MBR.dat"
06:48:11.257 The log file has been saved successfully to "C:\Users\cp2012\Desktop\ScanFiles\aswMBR.txt"


==================

OCD
2015-01-26, 05:42
Hi spyCype,

Your last topic was closed due to inactivity. Please keep me informed if you need additional time to complete the tasks requested so we can clear up your computer problems quickly and efficiently.

Tools need to be located on the Desktop. Please relocate FRST before proceeding.

Did you set this Proxy Server?

ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450

=========================

You have numerous McAfee & AVG entries in your logs. Do you, or have you used McAfee & AVG in the past?

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-4211978626-972589915-279576106-1000 - (No Name) - {f9bbf004-6e40-4019-8214-c43a37e1d058} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL =
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> No Name - {F9BBF004-6E40-4019-8214-C43A37E1D058} - No File
EmptyTemp:
CMD: ipconfig /flushdns
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

In your next post please provide the following:

Fixlog.txt
What symptoms are you experiencing
Provide information with regards to my questions asked above.

spyCype
2015-01-27, 18:11
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by cp2012 at 2015-01-27 10:55:35 Run:1
Running from C:\Users\cp2012\Downloads\FRST-OlderVersion
Loaded Profiles: cp2012 (Available profiles: cp2012)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-4211978626-972589915-279576106-1000 - (No Name) - {f9bbf004-6e40-4019-8214-c43a37e1d058} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL =
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> No Name - {F9BBF004-6E40-4019-8214-C43A37E1D058} - No File
EmptyTemp:
CMD: ipconfig /flushdns
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f9bbf004-6e40-4019-8214-c43a37e1d058} => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4211978626-972589915-279576106-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC}" => Key deleted successfully.
HKCR\CLSID\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC} => Key not found.
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F9BBF004-6E40-4019-8214-C43A37E1D058} => value deleted successfully.
HKCR\CLSID\{F9BBF004-6E40-4019-8214-C43A37E1D058} => Key not found.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========



==============
I did not set up a proxy server, do not know how did it get in there.
We do have AVG up to date version but mcAfe is not the latest at all, perhaps we may not need it. Don`t know what need to be done here. I have noticed sometimes it get installed along with the Adobe installation.
Still the internet stop working quiet often and ask me to stop or continue the script running.

OCD
2015-01-27, 20:10
Hi spyCype,

Before you proceed, please see my instructions above that states "all tools must be located on the desktop". Please move or download any tools I request you to run directly to the Desktop. I appreciate your cooperation.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check

Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Select the Addition box
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
It will also make (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:

checkup.txt
FRST.txt
Addition.txt

spyCype
2015-01-28, 17:00
Results of screen317's Security Check version 0.99.95
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Spybot - Search and Destroy
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Java 8 Update 31
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.296
Adobe Reader XI
Mozilla Firefox (35.0.1)
Google Chrome 31.0.1650.57 Google Chrome out of date!
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
===============================================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by cp2012 (administrator) on CP2012-HP on 28-01-2015 09:56:28
Running from C:\Users\cp2012\Desktop
Loaded Profiles: cp2012 (Available profiles: cp2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_296.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [My Scrap Nook Home Page Guard 64 bit] => "C:\PROGRA~2\MYSCRA~2\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2226704 2013-03-07] (Research In Motion Limited)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-27] (Google Inc.)
HKU\S-1-5-18\...\Run: [ISUSPM] => -scheduler
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk -> C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/19
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\cp2012\AppData\Roaming\Mozilla\Firefox\Profiles\6od7941t.default-1401247939329
FF DefaultSearchEngine: Google
FF Homepage: https://www.google.ca/
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4211978626-972589915-279576106-1000: @citrixonline.com/appdetectorplugin -> C:\Users\cp2012\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial@buzzsocialpoints.com.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR Profile: C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-08-11]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-16] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-12] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [63904 2013-10-10] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 09:23 - 2015-01-28 09:23 - 00852573 _____ () C:\Users\cp2012\Desktop\SecurityCheck.exe
2015-01-27 15:56 - 2015-01-27 15:56 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-27 15:56 - 2015-01-27 15:56 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-27 10:54 - 2015-01-28 09:56 - 00025370 _____ () C:\Users\cp2012\Desktop\FRST.txt
2015-01-27 10:54 - 2015-01-27 10:55 - 00043429 _____ () C:\Users\cp2012\Desktop\Addition.txt
2015-01-27 10:34 - 2015-01-27 10:34 - 00000770 _____ () C:\Users\cp2012\Desktop\fixlist.txt
2015-01-27 09:13 - 2015-01-27 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 08:30 - 2015-01-26 08:30 - 00323010 _____ () C:\Users\cp2012\Downloads\viewDownload.go
2015-01-25 16:28 - 2015-01-25 16:28 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.3.lnk
2015-01-25 16:28 - 2015-01-25 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2015-01-25 13:27 - 2015-01-25 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:26 - 2015-01-25 13:26 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-25 13:26 - 2015-01-25 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-25 13:26 - 2015-01-25 13:26 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-25 13:24 - 2015-01-25 13:24 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files\iTunes
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files\iPod
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-25 06:13 - 2015-01-25 06:13 - 04745728 _____ (AVAST Software) C:\Users\cp2012\Desktop\aswMBR(1).exe
2015-01-25 06:12 - 2015-01-25 06:12 - 03551720 _____ (K9 Tools ) C:\Users\cp2012\Downloads\setup.exe
2015-01-25 06:09 - 2015-01-25 06:48 - 00000000 ____D () C:\Users\cp2012\Desktop\ScanFiles
2015-01-25 06:08 - 2015-01-28 09:32 - 00000000 ____D () C:\Users\cp2012\Downloads\FRST-OlderVersion
2015-01-23 22:33 - 2015-01-23 22:46 - 00000000 ____D () C:\10af7caede595e38e1
2015-01-22 18:55 - 2015-01-22 18:55 - 00000000 ____D () C:\Users\cp2012\AppData\Local\{ECBDDCC1-7ABD-4BFF-AD48-31C107E46370}
2015-01-22 00:13 - 2015-01-22 00:13 - 00008887 _____ () C:\Users\cp2012\Desktop\JRT.txt
2015-01-21 14:41 - 2015-01-21 14:43 - 225890304 _____ () C:\Users\cp2012\Downloads\LibreOffice_4.3.5_Win_x86(1).msi
2015-01-21 13:14 - 2015-01-21 13:14 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT(2).exe
2015-01-21 10:32 - 2015-01-24 13:35 - 00003366 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-21 10:32 - 2015-01-24 13:35 - 00003234 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-18 19:37 - 2015-01-18 19:48 - 00000000 ____D () C:\Users\cp2012\Desktop\ParkingDetroit
2015-01-18 16:08 - 2015-01-18 16:08 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT(1).exe
2015-01-18 03:35 - 2015-01-18 03:35 - 00000000 ____D () C:\Windows\ERUNT
2015-01-18 03:33 - 2015-01-18 03:33 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT.exe
2015-01-18 03:33 - 2015-01-18 03:33 - 00010884 _____ () C:\Users\cp2012\Desktop\AdwCleaner[S1].txt
2015-01-18 03:23 - 2015-01-18 03:24 - 02186752 _____ () C:\Users\cp2012\Desktop\adwcleaner_4.108.exe
2015-01-18 03:16 - 2015-01-18 03:16 - 00000988 _____ () C:\Users\cp2012\Desktop\checkup.txt
2015-01-16 23:31 - 2015-01-16 23:33 - 225890304 _____ () C:\Users\cp2012\Downloads\LibreOffice_4.3.5_Win_x86.msi
2015-01-14 09:56 - 2015-01-14 09:56 - 00069765 _____ () C:\Users\cp2012\Downloads\statement(2).aspx
2015-01-14 09:56 - 2015-01-14 09:56 - 00068746 _____ () C:\Users\cp2012\Downloads\statement(1).aspx
2015-01-14 09:55 - 2015-01-14 09:55 - 00068746 _____ () C:\Users\cp2012\Downloads\statement.aspx
2015-01-13 14:51 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 14:51 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 14:51 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 14:51 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 14:51 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 14:51 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 14:51 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 14:51 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 11:18 - 2015-01-13 12:18 - 00003879 _____ () C:\Users\cp2012\Desktop\aswMBR.txt
2015-01-13 11:18 - 2015-01-13 12:18 - 00000512 _____ () C:\Users\cp2012\Desktop\MBR.dat
2015-01-13 11:13 - 2015-01-13 11:13 - 05198336 _____ (AVAST Software) C:\Users\cp2012\Desktop\aswMBR.exe
2015-01-13 11:13 - 2015-01-13 11:13 - 00045991 _____ () C:\Users\cp2012\Downloads\Addition.txt
2015-01-13 11:12 - 2015-01-27 10:40 - 00042503 _____ () C:\Users\cp2012\Downloads\FRST.txt
2015-01-13 11:10 - 2015-01-28 09:56 - 00000000 ____D () C:\FRST
2015-01-13 11:10 - 2015-01-25 06:08 - 02129920 _____ (Farbar) C:\Users\cp2012\Desktop\FRST64.exe
2015-01-13 11:10 - 2015-01-13 11:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CP2012-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-13 11:09 - 2015-01-13 11:09 - 00000000 ____D () C:\Users\cp2012\CP2012-HP
2015-01-13 11:06 - 2015-01-13 11:06 - 00002237 _____ () C:\Users\cp2012\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-13 11:05 - 2015-01-13 11:05 - 04215584 _____ () C:\Users\cp2012\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-13 10:34 - 2015-01-13 10:34 - 01054912 _____ (Adobe) C:\Users\cp2012\Downloads\install_flashplayer16x32au_mssd_aaa_aih.exe
2015-01-12 12:52 - 2015-01-12 12:52 - 00153894 _____ () C:\Users\cp2012\Desktop\Copy of Squirt Calender 2015 --Schram.xlsx
2015-01-03 18:13 - 2015-01-03 18:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-03 17:30 - 2015-01-03 18:02 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Anvsoft
2015-01-03 17:30 - 2015-01-03 17:30 - 00000000 ____D () C:\Users\cp2012\Documents\Any Video Converter
2015-01-03 17:29 - 2015-01-03 17:29 - 33259320 _____ (Any-Video-Converter.com ) C:\Users\cp2012\Downloads\avc-setup-5.7.6(1).exe
2015-01-03 17:26 - 2015-01-03 17:26 - 00231808 _____ () C:\Users\cp2012\Downloads\avc-setup-5.7.6.exe
2015-01-03 16:44 - 2015-01-03 16:45 - 19512268 _____ () C:\Users\cp2012\Downloads\JakeVideo-2Dec2015.odp
2015-01-03 16:43 - 2015-01-03 16:43 - 00082064 _____ () C:\Users\cp2012\Downloads\JakeVideo-1Dec2015.odp
2015-01-01 18:11 - 2015-01-01 18:11 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-28 09:52 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\Cy
2015-01-28 09:52 - 2012-07-14 02:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-28 09:36 - 2012-11-28 14:49 - 00000000 ____D () C:\Users\cp2012\Desktop\a-Jake
2015-01-28 09:34 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\b-Moira
2015-01-28 09:25 - 2012-09-13 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-28 09:11 - 2012-08-27 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-28 09:11 - 2012-07-05 22:09 - 01700927 _____ () C:\Windows\WindowsUpdate.log
2015-01-28 06:44 - 2012-07-05 22:19 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F7652-FBD3-4B12-89F2-B7F72B5A1255}
2015-01-27 16:03 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-27 16:03 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-27 16:02 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-27 15:58 - 2013-06-23 19:25 - 00000000 ___RD () C:\Users\cp2012\Dropbox
2015-01-27 15:58 - 2013-06-23 19:22 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Dropbox
2015-01-27 15:57 - 2012-11-28 19:04 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Apple Computer
2015-01-27 15:56 - 2013-10-04 12:31 - 00840192 ___SH () C:\Users\cp2012\Desktop\Thumbs.db
2015-01-27 15:56 - 2012-04-12 16:43 - 00000000 ____D () C:\ProgramData\PDFC
2015-01-27 15:55 - 2012-08-27 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-27 15:55 - 2009-07-13 23:45 - 00509264 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 15:54 - 2012-10-11 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 15:54 - 2010-11-20 22:47 - 02256794 _____ () C:\Windows\PFRO.log
2015-01-27 15:54 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-27 15:54 - 2009-07-13 23:51 - 00088555 _____ () C:\Windows\setupact.log
2015-01-27 10:58 - 2012-08-27 11:28 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-27 10:58 - 2012-08-27 11:28 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-25 21:34 - 2012-12-05 08:39 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForcp2012
2015-01-25 21:34 - 2012-12-05 08:39 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForcp2012.job
2015-01-25 16:31 - 2012-08-03 08:48 - 00129800 _____ () C:\Users\cp2012\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 16:28 - 2013-11-27 14:52 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-01-25 16:27 - 2012-11-28 19:03 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Apple
2015-01-25 13:24 - 2014-09-15 06:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 13:24 - 2012-11-28 19:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-25 06:52 - 2012-12-07 18:45 - 00000000 ____D () C:\Users\cp2012\.smplayer
2015-01-25 04:43 - 2012-07-14 02:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 04:43 - 2012-07-14 02:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 04:43 - 2012-04-12 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-24 07:29 - 2012-07-09 08:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\CrashDumps
2015-01-23 22:38 - 2011-02-11 12:15 - 00767290 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-23 16:36 - 2012-07-10 13:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-23 16:35 - 2012-07-21 18:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-21 15:15 - 2012-10-18 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-21 14:58 - 2012-07-05 22:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Adobe
2015-01-21 10:41 - 2014-10-14 12:46 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-21 10:39 - 2014-06-03 13:46 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-18 19:27 - 2014-03-23 21:24 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Windows Live
2015-01-18 03:27 - 2014-04-21 08:54 - 00000000 ____D () C:\AdwCleaner
2015-01-13 21:27 - 2013-06-23 19:25 - 00001025 _____ () C:\Users\cp2012\Desktop\Dropbox.lnk
2015-01-13 21:27 - 2013-06-23 19:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-13 14:55 - 2013-07-14 08:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 14:51 - 2012-07-11 22:21 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 11:09 - 2012-07-05 22:11 - 00000000 ____D () C:\Users\cp2012
2015-01-12 08:42 - 2012-07-05 22:20 - 00000000 ____D () C:\Users\cp2012\AppData\Local\PDFC
2015-01-09 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-08 09:55 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 18:27 - 2012-07-20 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\SoftGrid Client
2015-01-03 18:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Resources
2015-01-03 16:44 - 2012-12-07 18:54 - 00012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-01 19:47 - 2014-08-19 22:31 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Adobe
2015-01-01 18:07 - 2009-07-14 00:08 - 00032580 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-30 10:22 - 2014-10-13 10:32 - 00032012 _____ () C:\Users\cp2012\Desktop\InsuranceComparison.ods

==================== Files in the root of some directories =======

2012-08-13 03:59 - 2012-08-13 03:59 - 125106169 _____ () C:\Program Files\openofficeorg1.cab
2012-08-13 03:58 - 2012-08-13 03:58 - 3162112 _____ () C:\Program Files\openofficeorg341.msi
2012-08-13 03:58 - 2012-08-13 03:58 - 0473600 _____ () C:\Program Files\setup.exe
2012-08-13 03:58 - 2012-08-13 03:58 - 0000294 _____ () C:\Program Files\setup.ini
2013-06-26 17:14 - 2014-03-20 22:39 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-10-01 08:46 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-01 08:42 - 2014-03-16 22:32 - 0005569 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-01 08:46 - 2014-12-04 17:00 - 0000462 _____ () C:\Users\cp2012\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-01 08:57 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Transcoder.Exception.log
2012-12-07 18:54 - 2015-01-03 16:44 - 0012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-21 23:44 - 2013-05-21 23:44 - 0000877 _____ () C:\Users\cp2012\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprve1wv.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 23:49

==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by cp2012 at 2015-01-28 09:57:07
Running from C:\Users\cp2012\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Enabled - Up to date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies)
AVG 2013 (Version: 13.0.3495 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BlackBerry Backup Extractor (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\BlackBerry Backup Extractor) (Version: 1.1.6.0 - Reincubate Ltd)
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Manager 7.0 (HKLM-x32\...\BlackBerry_HandheldManager) (Version: 7.0.0.40 - Research In Motion Ltd.)
BlackBerry Device Manager 7.0 (x32 Version: 7.0.0.40 - Research In Motion Ltd.) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BuzzSocialPoints version 1.0 (HKLM-x32\...\BuzzSocialPoints_is1) (Version: 1.0 - BuzzSocialPoints)
BuzzSocialPoints_IE (HKLM-x32\...\BuzzSocialPoints_IE) (Version: 1.0.0.0 - BuzzSocialPoints)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Citrix Online Launcher (HKLM-x32\...\{A4B72B94-7745-4CA8-A4D6-D8AC2442451C}) (Version: 1.0.153 - Citrix)
Coby Media Manager (HKLM-x32\...\{D7F70937-6EC3-4129-8089-4974C5873C99}) (Version: 1.0.6316 - Coby)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Dropbox) (Version: 3.0.5 - Dropbox, Inc.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{6A7C2B2E-36A3-4EF5-96C6-708CD090A3AD}) (Version: 1.0.1.5127 - Fitbit Inc.)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.93 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
InstallConverter (x32 Version: 1.0 - InstallConverter) Hidden
Intel(R) Identity Protection Technology 1.2.22.0 (HKLM-x32\...\{387B63A5-5016-1015-B06B-A9A1030E3125}) (Version: 1.2.22.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LibreOffice 4.2 Help Pack (English (United States)) (HKLM-x32\...\{9B197B38-038D-47B5-9572-AE07E34F6AD0}) (Version: 4.2.2.1 - The Document Foundation)
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
LTCM Client (HKLM-x32\...\LTCM Client) (Version: - Leader Technologies Inc.)
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.3 (HKLM\...\{D8D25854-D7F0-45C5-8702-D650A5A23E21}) (Version: 2.3.2208 - Microsoft Corporation)
Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Musicnotes Player V1.40.3 and Viewer V1.20.0 (HKLM-x32\...\Musicnotes Player_is1) (Version: 1.40.3 - Musicnotes Inc.)
My Scrap Nook Toolbar (HKLM-x32\...\MyScrapNook_12bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 - NewspaperDirect Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 4.0.3.0 - Ralink)
RealDownloader (x32 Version: 17.0.13 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (x32 Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.13 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Spelling Bee Coaching Application [Junior] version 1.0 (HKLM-x32\...\{006B99DB-5711-4B22-9FA9-49CE16516FF7}_is1) (Version: 1.0 - Spelling Bee of Canada (c))
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Vistumbler (HKLM-x32\...\Vistumbler) (Version: v10 - Vistumbler.net)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
YouTube Downloader 5 (HKLM-x32\...\YouTube Downloader_is1) (Version: - Kotato)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\cp2012\AppData\Local\Citrix\GoToMeeting\1259\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4211978626-972589915-279576106-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

18-01-2015 19:21:17 Windows Backup
21-01-2015 10:32:46 Windows Update
21-01-2015 14:46:58 Installed LibreOffice 4.3.5.2
23-01-2015 22:32:30 Windows Update
25-01-2015 16:27:15 Installed LibreOffice 4.3.5.2
25-01-2015 19:31:06 Windows Backup
27-01-2015 05:32:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2013-12-03 19:32 - 00450639 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04B40466-A83B-48DD-ABF0-E884AF6AB760} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {0A84E25F-2928-4B7F-B440-A19C2A799A99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {0E22359C-36A6-498E-8F4D-B8ECD8D0F04D} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {14BB80B3-9E64-4B8B-9C80-AB4AB2956113} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1A3D80A5-41DE-46B7-9A79-29A4B1CAFB29} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {1DE9B808-E427-47DF-B7C5-E6799D5DA5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-27] (Google Inc.)
Task: {218FA806-3B4E-40CB-BD51-494ED94FA0FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {21A64FF2-06CE-4D84-A656-7B1B266A5D69} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {2326134B-8B45-4C65-A5D2-E316B50A0384} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {2808B6C6-58A6-4D37-B9BA-76FF0981F5F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {298E465E-6D69-45F5-9FA9-EB3F7A85E2EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-27] (Google Inc.)
Task: {30613810-3553-4397-B11C-C37BA95E4D05} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {3D8A1A9F-F454-4604-8834-E461639A0498} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-11] (Microsoft Corporation)
Task: {3EC402B2-D42F-4E62-AA62-1FD00616E964} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {40752DD2-118B-4B0B-BB9F-49F16D6911CF} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {42222E2B-8A2A-4AB5-9221-15A14643AADE} - System32\Tasks\{6715E06D-2610-4E87-B690-CA21DD025FB6} => pcalua.exe -a C:\Users\cp2012\Downloads\DownloadManagerSetup.exe -d C:\Users\cp2012\Downloads
Task: {444AECE7-7AB0-4548-91A7-87767DA2E777} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {4873E2B8-EB67-4778-8060-AE14963333F6} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {5873113E-DF3E-44C9-8BD5-DC13B98EE7A4} - System32\Tasks\HPCeeScheduleForcp2012 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {5BA387EC-E985-40BE-9E92-CF40FADA502E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {627975E2-ADC6-4662-92E0-C3EA5BB38A97} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {6A99E4A8-8289-49F1-929C-F4FF3B7791E5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {79FFC635-7EE9-4628-94FA-231CC40763CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe
Task: {9AACBEC8-5F89-4AFD-872B-372F6A23BA39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A3753A57-6BCA-4C45-A2E4-3A0A77243E22} - System32\Tasks\Real Player online update program => c:\program files (x86)\real\realplayer\Update\realsched.exe [2014-08-16] (RealNetworks, Inc.)
Task: {BFFB2D5E-C9AD-4AB9-A736-DF3BABB44B70} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {C138DB40-3BE9-4F1D-A40D-0227528C9C7C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D3FB6106-C888-4474-B3E1-2E1BD076DA62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {E1FBDCD3-0B41-4695-8D2E-751D62992144} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {EE3F8FA3-32AB-476C-B110-0204E17FAC18} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {F6B2CA0A-530B-42F6-92BE-9A2C74921726} - System32\Tasks\{6B3C84A2-2864-4121-A375-4CF1256FEB48} => pcalua.exe -a "C:\Program Files (x86)\LibreOffice 4\program\scalc.exe" -c -o "C:\Users\cp2012\Desktop\Tball2014\T-ball 2014.ods"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForcp2012.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-04-08 11:26 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-23 08:32 - 2014-09-23 08:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-07-30 01:17 - 2014-07-30 01:17 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-07-30 04:04 - 2014-07-30 04:04 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-04-12 16:21 - 2011-09-19 02:50 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-27 15:00 - 2014-08-16 11:01 - 00864856 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2013-12-03 19:22 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-06 20:14 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-12-03 19:22 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-02-01 01:50 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-03 19:22 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-08 15:44 - 2015-01-08 15:44 - 00750080 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-27 15:58 - 2015-01-27 15:58 - 00043008 _____ () c:\users\cp2012\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprve1wv.dll
2015-01-08 15:44 - 2015-01-08 15:44 - 00047616 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-01-08 15:44 - 2015-01-08 15:44 - 00863744 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-01-08 15:44 - 2015-01-08 15:44 - 00200704 _____ () C:\Users\cp2012\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2014-11-23 08:30 - 2014-11-23 08:30 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-08-02 21:16 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-01-27 09:13 - 2015-01-27 09:13 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2015-01-25 04:43 - 2015-01-25 04:43 - 16844976 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-4211978626-972589915-279576106-500 - Administrator - Disabled)
cp2012 (S-1-5-21-4211978626-972589915-279576106-1000 - Administrator - Enabled) => C:\Users\cp2012
Guest (S-1-5-21-4211978626-972589915-279576106-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4211978626-972589915-279576106-1004 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/28/2015 09:52:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x002ad854
Faulting process id: 0x2bb8
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3

Error: (01/28/2015 09:47:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0037db4c
Faulting process id: 0x37dc
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3

Error: (01/28/2015 09:11:52 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/27/2015 10:38:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 15.0.4673.1000, time stamp: 0x54588338
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0046d540
Faulting process id: 0xf538
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3

Error: (01/27/2015 07:58:24 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/27/2015 01:28:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/26/2015 08:50:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044


System errors:
=============
Error: (01/27/2015 03:55:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (01/27/2015 03:55:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (01/27/2015 10:56:22 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
%%1056

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Live ID Sign-in Assistant service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s).

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Fitbit Connect Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CalendarSynchService service terminated unexpectedly. It has done this 1 time(s).

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Spybot-S&D 2 Scanner Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (01/27/2015 10:55:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (01/28/2015 09:52:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c0000005002ad8542bb801d03b0a069f75c1C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown491a4c2d-a6fd-11e4-ba27-e840f28b3bc9

Error: (01/28/2015 09:47:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c00000050037db4c37dc01d03b0956487f41C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown9b365aac-a6fc-11e4-ba27-e840f28b3bc9

Error: (01/28/2015 09:11:52 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/27/2015 10:38:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: WINWORD.EXE15.0.4673.100054588338unknown0.0.0.000000000c00000050046d540f53801d03a47449aa4b7C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEunknown8be87209-a63a-11e4-b913-e840f28b3bc9

Error: (01/27/2015 07:58:24 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (01/27/2015 01:28:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{7FBAD091-89F7-4C77-A224-15FF4423C7D2}\recordingmanager.exe

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3042

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3042

Error: (01/26/2015 08:50:37 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/26/2015 08:50:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044


CodeIntegrity Errors:
===================================
Date: 2015-01-28 09:14:03.810
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-28 06:44:55.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 16:06:11.836
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:22:27.904
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:22:27.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:14:47.863
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:14:47.852
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:03:19.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 11:03:19.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.

Date: 2015-01-27 09:45:19.857
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 25%
Total physical RAM: 8098.52 MB
Available physical RAM: 6030.74 MB
Total Pagefile: 16195.21 MB
Available Pagefile: 13088.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1844.9 GB) (Free:1685.88 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:18.02 GB) (Free:2.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 5C798ED8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1844.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=18 GB) - (Type=07 NTFS)

==================== End Of Log ============================

OCD
2015-01-28, 18:39
Hi spyCype,

Your Security Check log indicates that you are using Spybot - Search and Destroy as your anti-virus. Is your Spybot subscription a paid version?

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Uninstall via Programs and Features

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:

McAfee Security Scan Plus

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
CloseProcesses:
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
Task: {0E22359C-36A6-498E-8F4D-B8ECD8D0F04D} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {40752DD2-118B-4B0B-BB9F-49F16D6911CF} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
EmptyTemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================


Still the internet stop working quiet often and ask me to stop or continue the script running.

Which browser/s does this occur while using?

=========================

In your next post please provide the following:

Fixlog.txt
Reply to question/s asked.
How is the computer running, any change in performance?

spyCype
2015-01-31, 04:55
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-01-2015
Ran by cp2012 at 2015-01-30 21:34:07 Run:2
Running from C:\Users\cp2012\Desktop
Loaded Profiles: cp2012 (Available profiles: cp2012)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ProxyServer: [S-1-5-21-4211978626-972589915-279576106-1000] => http=127.0.0.1:49450;https=127.0.0.1:49450
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
FF NetworkProxy: "http_port", 1
FF NetworkProxy: "type", 4
FF Plugin-x32: @ei.VideoDownloadConverter_4z.com/Plugin -> C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: Buzz Social Points - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
CHR HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [gikoeigmfnoggdlhnobkbbbkohiahbko] - C:\Program Files (x86)\BuzzSocialPoints\chrome.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [hhepndnhfbdjmegechokkbabcphcihdi] - C:\Users\cp2012\AppData\Local\CRE\hhepndnhfbdjmegechokkbabcphcihdi.crx [Not Found]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
Task: {0E22359C-36A6-498E-8F4D-B8ECD8D0F04D} - System32\Tasks\BuzzSocialPoints_li_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {40752DD2-118B-4B0B-BB9F-49F16D6911CF} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe => No running process found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => Moved successfully.
C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe => Moved successfully.
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}" => Key deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKLM\Software\Wow6432Node\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin" => Key deleted successfully.
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Mozilla\Firefox\Extensions\\{e4f94d1e-2f53-401e-8885-681602c0ddd8} => value deleted successfully.
C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => Moved successfully.
"HKU\S-1-5-21-4211978626-972589915-279576106-1000\SOFTWARE\Google\Chrome\Extensions\hhepndnhfbdjmegechokkbabcphcihdi" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gikoeigmfnoggdlhnobkbbbkohiahbko" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hhepndnhfbdjmegechokkbabcphcihdi" => Key deleted successfully.
McComponentHostService => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E22359C-36A6-498E-8F4D-B8ECD8D0F04D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E22359C-36A6-498E-8F4D-B8ECD8D0F04D}" => Key deleted successfully.
C:\Windows\System32\Tasks\BuzzSocialPoints_li_Checker => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BuzzSocialPoints_li_Checker" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40752DD2-118B-4B0B-BB9F-49F16D6911CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40752DD2-118B-4B0B-BB9F-49F16D6911CF}" => Key deleted successfully.
C:\Windows\System32\Tasks\BuzzSocialPoints_DNS_Checker => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BuzzSocialPoints_DNS_Checker" => Key deleted successfully.
EmptyTemp: => Removed 35.4 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:34:10 ====
Right now, I see the browser takes a little time showing the whirls and waiting for a few seconds to go to a specific site/location etc. Other than there is no too much waiting noticed.
I think I paid between 11 and 15 dollars(it was in euros) for Spyboat
Mainly Firefox browser is used on this computer

OCD
2015-01-31, 08:36
Hi spyCype,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Flush the FireFox Cache
(these directions are specific to Firefox 19, if you have a different version the exact steps might be slightly different)

In Firefox, Options
Select Options
Select Privacy tab
Find the section that reads: You might want to clear your recent history or remove individual cookies
Select clear your recent history
Click the Details drop-down arrow
Make sure a check mark is placed in the following boxes:

Cookies
Cache

Next select the Time Range to Clear drop-down menu
Select Everything (this will only delete all the cookies and cache, and will save the other items not selected)
Click Clear Now

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool

Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.

=========================

In your next post please provide the following:

AdwCleaner[S0].txt
JRT.txt
new FRST.txt

spyCype
2015-02-02, 18:50
I followed the order you suggested, however it created a file called AdwCleaner[S2]
instead of [S0]. Then I used JRT, I tried 4 times, and finally I received the file you wanted me to post. Then I did the FRST.
After the completion of all these tasks unfortunately, I could find the AdwCleaner[S2] file on my computer, so I did re run the program and obtained a file called AdwCleaner[S3]. Hope this helps. thank you so much.

===================

# AdwCleaner v4.109 - Report created 02/02/2015 at 11:36:33
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : cp2012 - CP2012-HP
# Running from : C:\Users\cp2012\Desktop\adwcleaner_4.109.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 en-US)


-\\ Google Chrome v40.0.2214.94


*************************

AdwCleaner[R0].txt - [45258 octets] - [21/04/2014 08:55:01]
AdwCleaner[R1].txt - [10852 octets] - [18/01/2015 03:25:39]
AdwCleaner[R2].txt - [1154 octets] - [31/01/2015 13:20:19]
AdwCleaner[R3].txt - [1163 octets] - [02/02/2015 11:34:58]
AdwCleaner[S0].txt - [45294 octets] - [21/04/2014 08:56:33]
AdwCleaner[S1].txt - [10884 octets] - [18/01/2015 03:27:01]
AdwCleaner[S2].txt - [1218 octets] - [31/01/2015 13:25:53]
AdwCleaner[S3].txt - [1085 octets] - [02/02/2015 11:36:33]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1145 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by cp2012 on 01/02/2015 at 13:40:59.41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\GOOGLETOOLBARNOTIFIER.EXE-7AE0A20E.pf



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02/02/2015 at 10:10:21.89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015
Ran by cp2012 (administrator) on CP2012-HP on 02-02-2015 11:10:58
Running from C:\Users\cp2012\Desktop
Loaded Profiles: cp2012 (Available profiles: cp2012)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\SysWOW64\runonce.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Dropbox, Inc.) C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Content Manager\CmTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Leader Technologies/Epson) C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDOnAccess.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [My Scrap Nook Home Page Guard 64 bit] => "C:\PROGRA~2\MYSCRA~2\bar\1.bin\AppIntegrator64.exe"
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [LTCM Client] => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-07-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-08-16] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe [2226704 2013-03-07] (Research In Motion Limited)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [DW6] => "C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe"
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3666224 2013-09-20] (Safer-Networking Ltd.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3362336 2014-01-10] (Fitbit, Inc.)
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-21-4211978626-972589915-279576106-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-27] (Google Inc.)
HKU\S-1-5-18\...\Run: [ISUSPM] => -scheduler
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL File Not Found
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => "c:\progra~3\fastan~1\fastan~1.dll" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\cp2012\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Epson all-in-one Registration.lnk
ShortcutTarget: Epson all-in-one Registration.lnk -> C:\Users\cp2012\AppData\Roaming\Leadertech\PowerRegister\Epson all-in-one Registration.exe (Leader Technologies/Epson)
Startup: C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/
HKU\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCON/19
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4211978626-972589915-279576106-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 24.226.1.93 24.226.10.193 24.226.10.194 24.226.1.94 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\cp2012\AppData\Roaming\Mozilla\Firefox\Profiles\6od7941t.default-1401247939329
FF DefaultSearchEngine: Google
FF Homepage: https://www.google.ca/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files\Musicnotes\npmusicn64.dll (Musicnotes, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Musicnotes.com/Musicnotes Viewer -> C:\Program Files (x86)\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.13 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.13.2 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4211978626-972589915-279576106-1000: @citrixonline.com/appdetectorplugin -> C:\Users\cp2012\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Buzz Social Points - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial@buzzsocialpoints.com.xpi [2015-01-27]
FF HKLM-x32\...\Firefox\Extensions: [VIP1X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-08-16]
FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF HKLM-x32\...\Firefox\Extensions: [{78DADB4B-7468-4c1c-8612-00FBF356A9FF}] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi
FF Extension: YouTube Downloader Extension - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_FF.xpi [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{9D2AA73B-6049-4799-B8AC-925723370070}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

Chrome:
=======
CHR Profile: C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SEOquake) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\akdgnmcogleenhbclghghlkkdndkjdjc [2014-06-17]
CHR Extension: (Google Wallet) - C:\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR HKLM-x32\...\Chrome\Extension: [ebjipgnedcljapmafeafekmlebefcafp] - C:\Program Files (x86)\Kotato\YouTube Downloader\YTD_GC.crx [2014-08-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
S3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1435680 2014-01-10] (Fitbit, Inc.)
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-07-30] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-08-16] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-07-30] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311608 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2014-10-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-20] (AVG Technologies)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2012-04-12] ()
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [63904 2013-10-10] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 10:10 - 2015-02-02 10:10 - 00000716 _____ () C:\Users\cp2012\Desktop\JRT.txt
2015-02-01 17:43 - 2015-02-01 17:43 - 00430868 _____ () C:\Users\cp2012\Downloads\Attachments_201521.zip
2015-02-01 13:41 - 2015-02-01 13:41 - 00006464 _____ () C:\Windows\system32\PerfStringBackup.TMP
2015-01-31 23:17 - 2015-01-31 23:17 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT.exe
2015-01-31 13:19 - 2015-01-31 13:19 - 02194432 _____ () C:\Users\cp2012\Desktop\adwcleaner_4.109.exe
2015-01-31 08:51 - 2015-01-31 08:51 - 00022974 _____ () C:\Users\cp2012\Downloads\viewDownload(1).go
2015-01-30 21:32 - 2015-02-02 11:10 - 00000000 ____D () C:\Users\cp2012\Desktop\FRST-OlderVersion
2015-01-28 09:23 - 2015-01-28 09:23 - 00852573 _____ () C:\Users\cp2012\Desktop\SecurityCheck.exe
2015-01-27 15:56 - 2015-02-01 13:34 - 00003344 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-27 15:56 - 2015-02-01 13:34 - 00003212 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-27 10:54 - 2015-02-02 11:11 - 00022758 _____ () C:\Users\cp2012\Desktop\FRST.txt
2015-01-27 10:54 - 2015-01-28 09:58 - 00044203 _____ () C:\Users\cp2012\Desktop\Addition.txt
2015-01-27 09:13 - 2015-01-27 09:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 08:30 - 2015-01-26 08:30 - 00323010 _____ () C:\Users\cp2012\Downloads\viewDownload.go
2015-01-25 16:28 - 2015-01-25 16:28 - 00001500 _____ () C:\Users\Public\Desktop\LibreOffice 4.3.lnk
2015-01-25 16:28 - 2015-01-25 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2015-01-25 13:27 - 2015-01-25 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-01-25 13:26 - 2015-01-25 13:26 - 00001847 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-25 13:26 - 2015-01-25 13:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-25 13:26 - 2015-01-25 13:26 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2015-01-25 13:24 - 2015-01-25 13:24 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files\iTunes
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files\iPod
2015-01-25 13:24 - 2015-01-25 13:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-25 06:13 - 2015-01-25 06:13 - 04745728 _____ (AVAST Software) C:\Users\cp2012\Desktop\aswMBR(1).exe
2015-01-25 06:09 - 2015-01-25 06:48 - 00000000 ____D () C:\Users\cp2012\Desktop\ScanFiles
2015-01-25 06:08 - 2015-01-28 09:32 - 00000000 ____D () C:\Users\cp2012\Downloads\FRST-OlderVersion
2015-01-23 22:33 - 2015-01-23 22:46 - 00000000 ____D () C:\10af7caede595e38e1
2015-01-21 13:14 - 2015-01-21 13:14 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT(2).exe
2015-01-21 10:32 - 2015-02-02 11:08 - 00003366 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-21 10:32 - 2015-02-02 11:08 - 00003234 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4211978626-972589915-279576106-1000
2015-01-18 19:37 - 2015-01-18 19:48 - 00000000 ____D () C:\Users\cp2012\Desktop\ParkingDetroit
2015-01-18 16:08 - 2015-01-18 16:08 - 01707939 _____ (Thisisu) C:\Users\cp2012\Desktop\JRT(1).exe
2015-01-18 03:35 - 2015-01-18 03:35 - 00000000 ____D () C:\Windows\ERUNT
2015-01-18 03:33 - 2015-01-18 03:33 - 00010884 _____ () C:\Users\cp2012\Desktop\AdwCleaner[S1].txt
2015-01-18 03:16 - 2015-01-18 03:16 - 00000988 _____ () C:\Users\cp2012\Desktop\checkup.txt
2015-01-14 09:56 - 2015-01-14 09:56 - 00069765 _____ () C:\Users\cp2012\Downloads\statement(2).aspx
2015-01-14 09:56 - 2015-01-14 09:56 - 00068746 _____ () C:\Users\cp2012\Downloads\statement(1).aspx
2015-01-14 09:55 - 2015-01-14 09:55 - 00068746 _____ () C:\Users\cp2012\Downloads\statement.aspx
2015-01-13 14:51 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-13 14:51 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-13 14:51 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-13 14:51 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-13 14:51 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-13 14:51 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-13 14:51 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-13 14:51 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-13 14:51 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-13 14:51 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-13 14:51 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-13 11:18 - 2015-01-13 12:18 - 00003879 _____ () C:\Users\cp2012\Desktop\aswMBR.txt
2015-01-13 11:18 - 2015-01-13 12:18 - 00000512 _____ () C:\Users\cp2012\Desktop\MBR.dat
2015-01-13 11:13 - 2015-01-13 11:13 - 05198336 _____ (AVAST Software) C:\Users\cp2012\Desktop\aswMBR.exe
2015-01-13 11:13 - 2015-01-13 11:13 - 00045991 _____ () C:\Users\cp2012\Downloads\Addition.txt
2015-01-13 11:12 - 2015-01-27 10:40 - 00042503 _____ () C:\Users\cp2012\Downloads\FRST.txt
2015-01-13 11:10 - 2015-02-02 11:11 - 00000000 ____D () C:\FRST
2015-01-13 11:10 - 2015-02-02 11:10 - 02131456 _____ (Farbar) C:\Users\cp2012\Desktop\FRST64.exe
2015-01-13 11:10 - 2015-01-13 11:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-CP2012-HP-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2015-01-13 11:09 - 2015-01-13 11:09 - 00000000 ____D () C:\Users\cp2012\CP2012-HP
2015-01-13 11:06 - 2015-01-13 11:06 - 00002237 _____ () C:\Users\cp2012\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 11:06 - 2015-01-13 11:06 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-01-13 11:05 - 2015-01-13 11:05 - 04215584 _____ () C:\Users\cp2012\Desktop\tweaking.com_registry_backup_setup.exe
2015-01-12 12:52 - 2015-01-12 12:52 - 00153894 _____ () C:\Users\cp2012\Desktop\Copy of Squirt Calender 2015 --Schram.xlsx
2015-01-03 18:13 - 2015-01-03 18:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2015-01-03 17:30 - 2015-01-03 18:02 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Anvsoft
2015-01-03 17:30 - 2015-01-03 17:30 - 00000000 ____D () C:\Users\cp2012\Documents\Any Video Converter

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-02 11:12 - 2012-09-13 22:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-02 11:11 - 2013-06-23 19:25 - 00000000 ___RD () C:\Users\cp2012\Dropbox
2015-02-02 11:11 - 2013-06-23 19:22 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Dropbox
2015-02-02 11:09 - 2012-04-12 16:43 - 00000000 ____D () C:\ProgramData\PDFC
2015-02-02 11:08 - 2012-08-27 11:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-02 11:08 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-02 11:08 - 2009-07-13 23:51 - 00089059 _____ () C:\Windows\setupact.log
2015-02-02 11:07 - 2012-07-05 22:09 - 01817050 _____ () C:\Windows\WindowsUpdate.log
2015-02-02 11:03 - 2012-08-27 11:28 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-02 10:52 - 2012-07-14 02:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-01 22:48 - 2012-07-05 22:19 - 00003934 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0C9F7652-FBD3-4B12-89F2-B7F72B5A1255}
2015-02-01 20:25 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\c-Anya
2015-02-01 13:42 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-01 13:42 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-01 11:17 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\b-Moira
2015-02-01 07:24 - 2012-07-09 08:35 - 00000000 ____D () C:\Users\cp2012\AppData\Local\CrashDumps
2015-02-01 01:49 - 2012-11-28 14:50 - 00000000 ____D () C:\Users\cp2012\Desktop\Cy
2015-02-01 01:44 - 2011-02-11 12:15 - 00792262 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-02-01 00:19 - 2012-11-28 14:49 - 00000000 ____D () C:\Users\cp2012\Desktop\a-Jake
2015-02-01 00:12 - 2012-11-28 14:48 - 00000000 ____D () C:\Users\cp2012\Desktop\Anula
2015-01-31 23:55 - 2014-09-19 17:51 - 00000000 ____D () C:\Users\cp2012\Desktop\WalgrrensSept2014
2015-01-31 13:42 - 2012-08-27 11:28 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Google
2015-01-31 13:34 - 2009-07-14 00:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-31 13:27 - 2010-11-20 22:47 - 02257108 _____ () C:\Windows\PFRO.log
2015-01-31 13:26 - 2014-04-21 08:54 - 00000000 ____D () C:\AdwCleaner
2015-01-31 07:01 - 2012-12-05 08:39 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForcp2012
2015-01-31 07:01 - 2012-12-05 08:39 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForcp2012.job
2015-01-30 21:36 - 2013-10-04 12:31 - 00840192 ___SH () C:\Users\cp2012\Desktop\Thumbs.db
2015-01-30 21:31 - 2012-07-21 18:11 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-30 21:31 - 2012-07-10 13:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-01-27 15:57 - 2012-11-28 19:04 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Apple Computer
2015-01-27 15:55 - 2009-07-13 23:45 - 00509264 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-27 15:54 - 2012-10-11 14:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 10:58 - 2012-08-27 11:28 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-01-27 10:58 - 2012-08-27 11:28 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-25 16:31 - 2012-08-03 08:48 - 00129800 _____ () C:\Users\cp2012\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-25 16:28 - 2013-11-27 14:52 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2015-01-25 16:27 - 2012-11-28 19:03 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Apple
2015-01-25 13:24 - 2014-09-15 06:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-25 13:24 - 2012-11-28 19:03 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-25 06:52 - 2012-12-07 18:45 - 00000000 ____D () C:\Users\cp2012\.smplayer
2015-01-25 04:43 - 2012-07-14 02:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-25 04:43 - 2012-07-14 02:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-25 04:43 - 2012-04-12 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-21 15:15 - 2012-10-18 16:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-21 14:58 - 2012-07-05 22:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Adobe
2015-01-21 10:41 - 2014-10-14 12:46 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-21 10:39 - 2014-06-03 13:46 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-18 19:27 - 2014-03-23 21:24 - 00000000 ____D () C:\Users\cp2012\AppData\Local\Windows Live
2015-01-13 21:27 - 2013-06-23 19:25 - 00001025 _____ () C:\Users\cp2012\Desktop\Dropbox.lnk
2015-01-13 21:27 - 2013-06-23 19:23 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-13 14:55 - 2013-07-14 08:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-13 14:51 - 2012-07-11 22:21 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-13 11:09 - 2012-07-05 22:11 - 00000000 ____D () C:\Users\cp2012
2015-01-12 08:42 - 2012-07-05 22:20 - 00000000 ____D () C:\Users\cp2012\AppData\Local\PDFC
2015-01-09 16:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-08 09:55 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-03 18:27 - 2012-07-20 15:57 - 00000000 ____D () C:\Users\cp2012\AppData\Roaming\SoftGrid Client
2015-01-03 18:23 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Resources
2015-01-03 16:44 - 2012-12-07 18:54 - 00012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Files in the root of some directories =======

2012-08-13 03:59 - 2012-08-13 03:59 - 125106169 _____ () C:\Program Files\openofficeorg1.cab
2012-08-13 03:58 - 2012-08-13 03:58 - 3162112 _____ () C:\Program Files\openofficeorg341.msi
2012-08-13 03:58 - 2012-08-13 03:58 - 0473600 _____ () C:\Program Files\setup.exe
2012-08-13 03:58 - 2012-08-13 03:58 - 0000294 _____ () C:\Program Files\setup.ini
2013-06-26 17:14 - 2014-03-20 22:39 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-10-01 08:46 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.Exception.log
2013-10-01 08:42 - 2014-03-16 22:32 - 0005569 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2013-10-01 08:46 - 2014-12-04 17:00 - 0000462 _____ () C:\Users\cp2012\AppData\Roaming\Rim.DesktopHelper.Exception.log
2013-10-01 08:57 - 2014-12-04 17:00 - 0000539 _____ () C:\Users\cp2012\AppData\Roaming\Rim.Transcoder.Exception.log
2012-12-07 18:54 - 2015-01-03 16:44 - 0012288 _____ () C:\Users\cp2012\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-21 23:44 - 2013-05-21 23:44 - 0000877 _____ () C:\Users\cp2012\AppData\Local\recently-used.xbel

Some content of TEMP:
====================
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4jkmb.dll
C:\Users\cp2012\AppData\Local\Temp\Quarantine.exe
C:\Users\cp2012\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-25 23:49

==================== End Of Log ============================

OCD
2015-02-02, 19:19
Hi spyCype,

Each time you run AdwCleaner the log it will generate will have a different number assigned to that scan [S0, S1, S2 etc or R0, R1, R2 etc] depending on if I asked you to just run a scan [R+ number] or do a scan plus a clean [S + number].

If I need you to run AdwCleaner again, just post the most recent log it has provided. Also, all logs can be found here: C:\AdwCleaner\ (provided C is your hard drive location).

Are you actively using AVG - anti-virus?
If not uninstall it via the Control Panel.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
CloseProcesses:
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4jkmb.dll
C:\Users\cp2012\AppData\Local\Temp\Quarantine.exe
C:\Users\cp2012\AppData\Local\Temp\sqlite3.dll
EmptyTemp:
Hosts:
CMD: ipconfig /flushdns
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware

Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).


Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

Select Scan tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)
Select type of scan to perform:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMScanTab_zps2c5e74bd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMScanTab_zps2c5e74bd.gif.html)

Threat Scan < --- Select this type of scan
Custom Scan
Hyper Scan

Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner

*Note:

It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)


Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply

Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.

=========================

In your next post please provide the following:


Fixlog.txt
MBAM log
ESET's log.txt
How's the computer running?

spyCype
2015-02-04, 06:51
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-02-2015
Ran by cp2012 at 2015-02-03 11:04:47 Run:3
Running from C:\Users\cp2012\Desktop
Loaded Profiles: cp2012 (Available profiles: cp2012)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
SearchScopes: HKLM -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {44AB3196-E782-4E57-B65F-8EFAAAF62DDC} URL = http://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4jkmb.dll
C:\Users\cp2012\AppData\Local\Temp\Quarantine.exe
C:\Users\cp2012\AppData\Local\Temp\sqlite3.dll
EmptyTemp:
Hosts:
CMD: ipconfig /flushdns
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC}" => Key deleted successfully.
HKCR\CLSID\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{44AB3196-E782-4E57-B65F-8EFAAAF62DDC} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"C:\Users\cp2012\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn4jkmb.dll" => File/Directory not found.
C:\Users\cp2012\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\cp2012\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => Removed 390.3 MB temporary data.


The system needed a reboot.

==== End of Fixlog 11:05:18 ====
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Roaming\OpenCandy\A8A80C67367A43F880893A78B532793B\OtshotInstaller7.exe.vir a variant of Win32/KeyDownload.A potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Roaming\OpenCandy\AEC368A6F271425384ECCFB7FC9C2CED\OtshotInstaller7.exe.vir a variant of Win32/KeyDownload.A potentially unwanted application
C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js Win32/Conduit.SearchProtect.A potentially unwanted application
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp a variant of Win32/Toolbar.Widgi.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\hk64tbSwi0.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\hk64tbSwir.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\hktbSwi0.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\hktbSwir.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\ldrtbSwi0.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\ldrtbSwir.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\tbSwi0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\tbSwi1.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\tbSwir.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\Swirlz\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3308528\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3309759\plugins\TBVerifier.dll.vir Win32/Toolbar.Conduit.AC potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12auxstb.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bar.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12barsvc.exe.vir Win32/Toolbar.MyWebSearch.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12bprtct.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brmon.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12brstub.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12datact.dll.vir a variant of Win32/Toolbar.MyWebSearch.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12dlghk.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12dyn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12feedmg.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12highin.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12hkstub.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12htmlmu.dll.vir a variant of Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12httpct.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12idle.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12ieovr.dll.vir a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12impipe.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12medint.exe.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12mlbtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12msg.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12Plugin.dll.vir a variant of Win32/Toolbar.MyWebSearch potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12radio.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12regfft.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12reghk.dll.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12regiet.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12script.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12skin.dll.vir a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12sknlcr.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12skplay.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrcAs.dll.vir a variant of Win32/Toolbar.MyWebSearch.AC potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12SrchMn.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12tpinst.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\12uabtn.dll.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\AppIntegrator64.exe.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\AppIntegratorStub64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\CREXT.DLL.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\CrExtP12.exe.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\Hpg64.dll.vir Win64/Toolbar.MyWebSearch.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\NP12Stub.dll.vir Win32/Toolbar.MyWebSearch.T potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\T8EXTEX.DLL.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\T8EXTPEX.DLL.vir Win32/Toolbar.MyWebSearch.AA potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\T8HTML.DLL.vir a variant of Win32/Toolbar.MyWebSearch.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyScrapNook_12\bar\1.bin\T8TICKER.DLL.vir Win32/Toolbar.MyWebSearch.W potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir Win32/SpeedingUpMyPC.O application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir a variant of Win32/SProtector.L potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir a variant of Win32/SProtector.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir a variant of Win64/SProtector.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProReminder.exe.vir Win32/Adware.SpeedingUpMyPC.V application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir Win32/Conduit.SearchProtect.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEIPlug.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEZSETP.dll.vir Win32/Toolbar.MyWebSearch.Q potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISb.dll.vir Win32/Toolbar.MyWebSearch potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlaidocmldibgopdbjiopphnjhaehnbn\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlaidocmldibgopdbjiopphnjhaehnbn\10.26.9.505_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkhlakkdjfjbohpngmfpijfgmlpnamd\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkhlakkdjfjbohpngmfpijfgmlpnamd\10.26.9.505_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmcedemcahkmaidbipmniofjcocajlgk\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmcedemcahkmaidbipmniofjcocajlgk\10.26.9.505_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hk64tbKey0.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hk64tbKey2.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hk64tbKeyB.dll.vir Win64/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hktbKey0.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hktbKey2.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\hktbKeyB.dll.vir Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\ldrtbKey0.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\ldrtbKey2.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\ldrtbKeyB.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\tbKey0.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\tbKey1.dll.vir Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\tbKey2.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\tbKeyB.dll.vir a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\cp2012\AppData\LocalLow\KeyBar_1.19\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantined
=========================================

Computer seems to be working okay, except when move from one tab to another new tab in Firefox it slows down, or some other time it comes up with flashplayer issues and slows down. Thank you so much.

OCD
2015-02-04, 09:05
Hi spyCype,

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt



Start
CloseProcesses:
C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js Win32/Conduit.SearchProtect.A
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp
EmptyTemp:
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) TFC

Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop

Close any open windows.
Double click the TFC icon to run the program

Vista, Windows 7 & 8 Right click and select "Run as Administrator"

TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean

=========================

http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot & Test

In your next post please provide the following:

Fixlog.txt
TFC log if available
Can you explain the Flash Player issue in greater detail?

spyCype
2015-02-04, 21:15
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 04-02-2015
Ran by cp2012 at 2015-02-04 13:52:10 Run:4
Running from C:\Users\cp2012\Desktop
Loaded Profiles: cp2012 (Available profiles: cp2012)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js Win32/Conduit.SearchProtect.A
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp
EmptyTemp:
End
*****************

Processes closed successfully.
"C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js Win32/Conduit.SearchProtect.A" => File/Directory not found.
"C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp" => File/Directory not found.
C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtD2EC.tmp => Moved successfully.
EmptyTemp: => Removed 370.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 13:52:13 ====
Getting user folders.

Stopping running processes.

Emptying Temp folders.


User: All Users

User: cp2012
->Temp folder emptied: 106808 bytes
->Temporary Internet Files folder emptied: 14903 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 5637176 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 56958 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 4250 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes

Emptying RecycleBin. Do not interrupt.

RecycleBin emptied: 0 bytes
Process complete!

Total Files Cleaned = 6.00 mb
======
The TFC did not generate a file, however, I copied and pasted whatever it showed, before I rebooted.
Regarding the shockwave/flashplayer, sometimes when I try to login to yahoo, it stops and the cursor keep whirling and would come up with a dialogue box to ask to continue or stop the flashplayer which is currently busy. Thank you so much.

OCD
2015-02-04, 21:27
Hi spyCype,


Regarding the shockwave/flashplayer, sometimes when I try to login to yahoo, it stops and the cursor keep whirling and would come up with a dialogue box to ask to continue or stop the flashplayer which is currently busy.


Does it happen on other sites as well, or just Yahoo?
Does it happen while using any particular browser?

spyCype
2015-02-06, 18:23
I noticed this with the yahoo 3 times recently. I have been using Firefox. we mostly use firefox. But I do not know is this something we need to address right away as I do not experience this all the time. Thank you so much.

OCD
2015-02-06, 20:42
Hi spyCype,

It could be something isolated to Yahoo. You will need to "test" and see if it happens on other sites while using Firefox. Or possibly try another browser (Internet Explorer, Chrome etc)

This is the version you currently have installed:Adobe Flash Player 16.0.0.296

Here is some additional information about Adobe Flash Player:
https://helpx.adobe.com/security/products/flash-player/apsa15-01.html
https://helpx.adobe.com/security/products/flash-player/apsb15-03.html
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

At this point it could be just a coincidence that you are having these issues, or it could be something more malicious.

Test and report back your findings.

Your logs are looking good! Other than the Flash Player issue how is your computer running?

spyCype
2015-02-07, 22:38
I have updated the flashplayer to 16.0.0.305. Other than that the computer runs good.

Please see the Spybot log files attached from to consecutive scans. Thank you for all your help.

Do you think Spybot can manage this computer as a virus screening program or should I concurrently use AVG as well.

Now, do I need to clean up all the programs that I downloaded for the computer checking such as faberware, JRT, adware etc. and its associated files on the desktop. Please advise.



===========
Search results from Spybot - Search & Destroy

07/02/2015 3:15:10 PM
Scan took 00:20:29.
26 items found.

DownLite: [SBI $503497B9] User settings (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\DownLite

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\affbeat.com\pap20.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\members.bet365.com\FCE.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\p.jwpcdn.com\com.longtailvideo.jwplayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\s.ytimg.com\soundData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\static.vidto.me\com.jeroenwijering.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.bet365.com\b365lipcs.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.bet365.com\b365push.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.bet365.com\betslip365.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.bet365.com\htrGgjy810GbjgGzynqGa1uwjkjwjshjx.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.bet365.com\htrGgjy810GhjsyjwutirtizqjGifyfGhjsyjwutihttpnj.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.filmon.com\#com.junkbyte\Console\UserData.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

Macromedia.FlashPlayer.Cookies: [SBI $5555F3D7] Text file (File, nothing done)
C:\Users\cp2012\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\H388G4VT\www.nowvideo.sx\player\cloudplayer.swf\novaPlayer.sol
Properties.size=0
Properties.md5=D41D8CD98F00B204E9800998ECF8427E

OtShot: [SBI $6680244F] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\ZalmanInstaller_otshot

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cookie: [SBI $49804B54] Browser: Cookie (5) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (24) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (13) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (1109) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2014-12-17 SDInformV2i-20141217.exe (1.0.0.0)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-03-06 spybotsd2-installer.exe (2.2.25.0)
2014-07-28 spybotsd2-translation-es.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-09-09 spybotsd2-translation-nlx.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2014-03-06 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2015-02-04 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-02-04 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-02-04 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-12-10 Includes\Spyware-001.sbi (*)
2015-01-14 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-01-21 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)


===================
Search results from Spybot - Search & Destroy

07/02/2015 3:34:26 PM
Scan took 00:16:29.
10 items found.

OtShot: [SBI $6680244F] Settings (Registry Key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\ZalmanInstaller_otshot

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-4211978626-972589915-279576106-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (1) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (1) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (26) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2014-12-17 SDInformV2i-20141217.exe (1.0.0.0)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe
2013-07-25 SDTray.exe
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-03-06 spybotsd2-installer.exe (2.2.25.0)
2014-07-28 spybotsd2-translation-es.exe (2.4.40.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-09-09 spybotsd2-translation-nlx.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2014-03-06 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2015-02-04 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-02-04 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-02-04 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-12-10 Includes\Spyware-001.sbi (*)
2015-01-14 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-01-21 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

=============================

OCD
2015-02-08, 06:35
Hi spyCype,

You are quite welcome.


Please see the Spybot log files attached from to consecutive scans.

What is your question about the Spybot logs?


Do you think Spybot can manage this computer as a virus screening program or should I concurrently use AVG as well.

Is your copy of Spybot a paid version or free?


Now, do I need to clean up all the programs that I downloaded for the computer checking such as faberware, JRT, adware etc. and its associated files on the desktop. Please advise.

We will clean up all the tools and logs in short order. Please do not remove anything just yet.

OCD
2015-02-10, 19:47
Hi spyCype,

Just checking in to see if you still need help?

OCD
2015-02-13, 05:58
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.

If you still require help, please start a new topic and include fresh FRST and aswMBR logs, along with a link to your previous thread.

Please do not add any logs that might have been requested previously, you would be starting fresh.

Applies only to the original poster, anyone else with similar problems please start your own topic.