Jump to content

Recommended Posts

Hi

 

I have a form of a redirect infection. I did run Malwarebytes. Adw amd Hitman pro. I also cleaned up the brousers and search providers etc.

 

Its not going away. I don't find that much on the internet about this that is very helpful. I need some help

 

Paul Rabenold

 

Here are the results of Farbar (FRST.txt and Addition.txt)

 

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by McKeil-2 (administrator) on MCKEIL-2-PC on 23-01-2015 21:01:38
Running from C:\Users\McKeil-2\Desktop
Loaded Profiles: McKeil-2 (Available profiles: McKeil-2)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\stacsv64.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0.2\ABService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(GFI Software Ltd.) C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\sqlservr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
() C:\Program Files\Everything\Everything.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.SHELBY\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Windows\SysWOW64\srvany.exe
(Shelby Systems, Inc.) C:\Windows\SysWOW64\ShelbyServices.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdhost.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1894696 2010-01-07] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [4119920 2010-01-15] (Dell Inc.)
HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-11-19] (Dell Inc.)
HKLM\...\Run: [intelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2327952 2010-07-21] (Microsoft Corporation)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [246304 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1266224 2014-07-20] (Trend Micro Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-05] ()
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [brStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1055952 2014-09-29] (Carbonite, Inc.)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\MountPoints2: {29a92962-06c9-11e0-9cfb-f04da2a8c034} - "G:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll (Carbonite, Inc.)
BootExecute: autocheck autochk *  sdnclean64.exesicalDrive2-鈀⟸Ǫ!Ȁ

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-12934214-2758422551-2789243025-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-12934214-2758422551-2789243025-1001 -> {6671AFB8-8912-42B7-BC2A-4A863A3061B3} URL =
BHO: No Name -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} ->  No File
BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKLM-x32 - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Toolbar: HKU\S-1-5-21-12934214-2758422551-2789243025-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe64.dll (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\TmBpIe32.dll (Trend Micro Inc.)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1186\2.0.1039\TmopIEPlg32.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -  No File
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll (Trend Micro Inc.)
Handler-x32: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\McKeil-2\AppData\Roaming\Mozilla\Firefox\Profiles\iikcgkzu.default
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-12934214-2758422551-2789243025-1001: @citrixonline.com/appdetectorplugin -> C:\Users\McKeil-2\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-09-26]
FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.0.1069\9.0.1069\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-01-15]
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-01-15]
FF HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (Google Wallet) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-01]
CHR Extension: (Trend Micro Toolbar) - C:\Users\McKeil-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-01-15]
CHR HKLM-x32\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912 2014-08-21] (AOMEI Tech Co., Ltd.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 GFIBckHAtt; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHInst.exe [858480 2010-07-30] (GFI Software Ltd.)
R2 GFIBckHSched; C:\Program Files (x86)\GFI\GFI Backup 2009 - Home Edition\GFIHSched.exe [2324848 2010-07-30] (GFI Software Ltd.)
S3 GoToAssist; C:\Program Files (x86)\Citrix\GoToAssist Corporate\1055\G2AC_Service.exe [309568 2015-01-19] (Citrix Online, a division of Citrix Systems, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 MSSQL$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\sqlservr.exe [62379184 2014-07-10] (Microsoft Corporation)
R3 MSSQLFDLauncher$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\fdlauncher.exe [42160 2014-07-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1187376 2014-07-20] (Trend Micro Inc.)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ReportServer$SHELBY; c:\Program Files\Microsoft SQL Server\MSRS10_50.SHELBY\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2194088 2014-07-10] (Microsoft Corporation)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ShelbyServices; C:\Windows\SysWOW64\SRVANY.exe [8192 2003-04-18] () [File not signed]
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-19] (Enigma Software Group USA, LLC.)
S4 SQLAgent$SHELBY; c:\Program Files\Microsoft SQL Server\MSSQL10_50.SHELBY\MSSQL\Binn\SQLAGENT.EXE [442536 2014-07-10] (Microsoft Corporation)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe [247808 2010-04-07] (IDT, Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R2 WBA_Agent_Client; C:\Program Files (x86)\Brother\BRAgent\BRAgtSrv.exe [86016 2009-01-27] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-11-19] (Dell Inc.) [File not signed]
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2015-01-22] (Emsisoft GmbH)
R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2014-08-19] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2014-08-19] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2014-08-19] () [File not signed]
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-01-22] (Emsisoft GmbH)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-01-19] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-19] ()
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-15] (Glarysoft Ltd)
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-01-23] ()
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-07-10] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [121944 2014-07-14] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [305832 2014-07-14] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [50976 2014-07-09] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [106296 2014-07-09] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [93664 2014-07-14] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [407864 2014-07-09] (Trend Micro Inc.)
R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [106296 2014-06-30] (Trend Micro Inc.)
U2 TMAgent; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:01 - 2015-01-23 21:02 - 00027043 _____ () C:\Users\McKeil-2\Desktop\FRST.txt
2015-01-23 21:01 - 2015-01-23 21:01 - 00000000 ____D () C:\FRST
2015-01-23 20:59 - 2015-01-23 20:59 - 02126848 _____ (Farbar) C:\Users\McKeil-2\Desktop\FRST64.exe
2015-01-23 20:51 - 2015-01-23 20:51 - 00043664 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2015-01-23 20:11 - 2015-01-23 20:41 - 00000000 ____D () C:\Users\McKeil-2\Desktop\mbar
2015-01-23 20:11 - 2015-01-23 20:41 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-23 20:03 - 2015-01-23 20:03 - 00000745 _____ () C:\Users\McKeil-2\Desktop\Start Emsisoft Emergency Kit.lnk
2015-01-23 20:02 - 2015-01-23 20:03 - 00000000 ____D () C:\EEK
2015-01-23 19:44 - 2014-12-28 03:01 - 01707939 _____ (Thisisu) C:\Users\McKeil-2\Desktop\JRT_NEW.exe
2015-01-23 17:27 - 2015-01-23 20:50 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Everything
2015-01-23 17:27 - 2015-01-23 17:27 - 00001027 _____ () C:\Users\McKeil-2\Desktop\Search Everything.lnk
2015-01-23 17:27 - 2015-01-23 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything
2015-01-23 17:27 - 2015-01-23 17:27 - 00000000 ____D () C:\Program Files\Everything
2015-01-23 16:50 - 2015-01-23 16:51 - 346037874 _____ () C:\Users\McKeil-2\Desktop\bkup 01232015_reg.reg
2015-01-23 16:35 - 2015-01-23 16:35 - 00000286 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}.job
2015-01-23 16:31 - 2015-01-23 16:31 - 00000092 _____ () C:\Users\McKeil-2\Desktop\Metrocast email shortcut.txt
2015-01-23 16:00 - 2015-01-23 16:00 - 00001144 _____ () C:\Windows\PFRO.log
2015-01-23 06:19 - 2015-01-23 06:19 - 00003288 ____N () C:\bootsqm.dat
2015-01-23 06:17 - 2015-01-23 06:17 - 00000000 __SHD () C:\found.000
2015-01-22 13:03 - 2015-01-22 13:03 - 00000000 ____D () C:\Users\McKeil-2\Documents\Visual Studio 2005
2015-01-22 10:57 - 2015-01-22 10:57 - 723369977 _____ () C:\Windows\MEMORY.DMP
2015-01-22 10:57 - 2015-01-22 10:57 - 00279824 _____ () C:\Windows\Minidump\012215-30014-01.dmp
2015-01-22 10:57 - 2015-01-22 10:57 - 00000000 ____D () C:\Windows\Minidump
2015-01-22 10:32 - 2015-01-22 10:32 - 00001237 _____ () C:\Windows\system32\Belarc Advisor - Free Personal PC Audit, for software, hardware and security configuration information on your computer_ Software license management, IT asset management, cyber security audits,.htm.lnk
2015-01-20 11:41 - 2015-01-20 11:41 - 00011017 _____ () C:\Users\McKeil-2\Documents\DANDDDRAWINGS_2014.xlsx
2015-01-19 16:59 - 2015-01-19 17:00 - 00406780 _____ () C:\Users\McKeil-2\Desktop\ESETPoweliksCleaner.exe_20150119.165957.8820.log
2015-01-19 14:36 - 2015-01-19 14:36 - 498242522 _____ () C:\Users\McKeil-2\Desktop\bkupreg.reg
2015-01-19 14:25 - 2015-01-23 20:51 - 00001709 _____ () C:\Windows\setupact.log
2015-01-19 14:25 - 2015-01-19 14:25 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-19 14:15 - 2015-01-23 20:59 - 00516744 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 14:08 - 2015-01-19 14:08 - 00016576 _____ () C:\Users\McKeil-2\Documents\cc_20150119_140853.reg
2015-01-19 13:42 - 2015-01-19 13:42 - 00000569 _____ () C:\Windows\Tasks\RegCure Pro_sch_EF54FF63-A00A-11E4-91C6-F04DA2A8C034.job
2015-01-19 13:41 - 2015-01-19 13:41 - 00000338 _____ () C:\Windows\system32\.crusader
2015-01-19 13:35 - 2015-01-19 13:41 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-01-19 13:06 - 2015-01-20 17:56 - 00001323 _____ () C:\Users\McKeil-2\Desktop\SpyHunter.lnk
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Enigma Software Group
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 ____D () C:\sh4ldr
2015-01-19 13:06 - 2015-01-19 13:06 - 00000000 _____ () C:\autoexec.bat
2015-01-19 13:05 - 2015-01-19 13:05 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-19 13:05 - 2015-01-19 13:05 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-19 11:57 - 2015-01-19 11:57 - 00037928 _____ () C:\Users\McKeil-2\Documents\cc_20150119_115731.reg
2015-01-19 09:32 - 2015-01-19 09:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shelby Systems, Inc
2015-01-18 21:41 - 2015-01-23 15:59 - 00000000 ____D () C:\AdwCleaner
2015-01-18 20:25 - 2015-01-18 20:25 - 00001353 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-01-18 20:25 - 2015-01-18 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-01-18 20:25 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-01-18 19:32 - 2015-01-18 19:34 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\SUPERAntiSpyware.com
2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-01-18 19:32 - 2015-01-18 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-16 20:04 - 2015-01-16 20:04 - 00017016 _____ () C:\Users\McKeil-2\Documents\MONTHLY DRAW_2015.xlsx
2015-01-15 12:20 - 2015-01-15 12:20 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-15 12:20 - 2015-01-15 12:20 - 00000993 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-15 12:18 - 2015-01-18 19:28 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-01-15 12:13 - 2015-01-15 12:11 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-01-15 12:13 - 2015-01-15 12:11 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-01-15 12:13 - 2015-01-15 12:11 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 11:51 - 2015-01-15 11:51 - 00002531 _____ () C:\Users\Public\Desktop\TurboTax 2014.lnk
2015-01-15 11:51 - 2015-01-15 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2014
2015-01-15 11:35 - 2015-01-23 07:25 - 00000010 _____ () C:\Users\McKeil-2\AppData\Local\sponge.last.runtime.cache
2015-01-15 11:34 - 2015-01-15 13:28 - 00000234 _____ () C:\Users\McKeil-2\Desktop\Shelby Systems Support.url
2015-01-15 11:33 - 2015-01-18 19:22 - 00000254 _____ () C:\Users\McKeil-2\Desktop\Shelby Community Forum.url
2015-01-15 10:38 - 2015-01-15 10:38 - 00002036 _____ () C:\Users\McKeil-2\Desktop\NEW LIFE CHRISTIAN CHURCH - Shortcut.lnk
2015-01-15 10:37 - 2015-01-23 20:53 - 00000338 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-15 10:37 - 2015-01-15 10:37 - 00002984 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2015-01-15 10:37 - 2015-01-15 10:37 - 00002646 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-15 10:37 - 2015-01-15 10:37 - 00001054 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-15 10:37 - 2015-01-15 10:37 - 00001042 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2015-01-15 10:37 - 2015-01-15 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-15 10:36 - 2015-01-23 20:53 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-15 10:36 - 2015-01-15 10:36 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-15 10:36 - 2015-01-15 10:36 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\GlarySoft
2015-01-15 10:36 - 2015-01-15 10:36 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\DiskDefrag
2015-01-15 10:30 - 2015-01-15 10:30 - 00000000 ___HD () C:\TMRescueDisk
2015-01-15 10:26 - 2015-01-15 10:26 - 00001443 _____ () C:\Users\McKeil-2\Desktop\Trend Micro Internet Security.lnk
2015-01-15 10:26 - 2015-01-15 10:26 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Internet Security
2015-01-15 10:25 - 2015-01-15 10:26 - 00003326 _____ () C:\Windows\System32\Tasks\Trend Micro Inspect of Platinum
2015-01-15 10:25 - 2014-07-14 02:39 - 00305832 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmcomm.sys
2015-01-15 10:25 - 2014-07-14 02:39 - 00121944 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmactmon.sys
2015-01-15 10:25 - 2014-07-14 02:39 - 00093664 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmevtmgr.sys
2015-01-15 10:25 - 2014-07-09 11:03 - 00407864 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmnciesc.sys
2015-01-15 10:25 - 2014-07-09 11:02 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmeevw.sys
2015-01-15 10:25 - 2014-07-09 11:02 - 00050976 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\TMEBC64.sys
2015-01-15 10:25 - 2014-06-30 06:06 - 00106296 _____ (Trend Micro Inc.) C:\Windows\system32\Drivers\tmusa.sys
2015-01-15 10:23 - 2015-01-15 10:23 - 00000059 _____ () C:\Windows\system32\SupportTool.exe.bat
2015-01-15 10:22 - 2015-01-15 10:22 - 00000000 ____D () C:\Program Files\Trend Micro
2015-01-15 10:18 - 2015-01-15 10:18 - 00000036 _____ () C:\Users\McKeil-2\AppData\Local\housecall.guid.cache
2015-01-15 10:11 - 2015-01-15 10:26 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\Trend Micro
2015-01-15 09:54 - 2015-01-18 21:35 - 00002443 _____ () C:\Windows\wininit.ini
2015-01-15 09:45 - 2015-01-15 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-14 11:11 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 11:11 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 11:11 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 11:11 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 11:11 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 11:11 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 11:11 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 11:11 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 11:11 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 11:11 - 2014-12-11 12:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 11:11 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 11:11 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 11:11 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-12-30 19:35 - 2014-12-30 19:35 - 00000000 ____D () C:\Users\McKeil-2\Documents\New folder
2014-12-25 11:34 - 2014-12-25 11:34 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-23 21:01 - 2009-07-14 00:13 - 00917342 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-23 21:01 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 21:01 - 2009-07-13 23:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 20:53 - 2014-01-24 10:03 - 00000086 _____ () C:\Windows\SysWOW64\BRAgent.dat
2015-01-23 20:52 - 2012-09-25 07:57 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 20:51 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 20:18 - 2013-03-27 10:25 - 00000000 ____D () C:\Users\McKeil-2\Documents\TurboTax
2015-01-23 20:11 - 2014-09-06 10:24 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-23 20:11 - 2014-09-06 10:23 - 00097496 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-23 17:27 - 2011-08-25 16:21 - 00000000 ____D () C:\Program Files (x86)\Everything
2015-01-23 16:38 - 2012-04-25 10:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-23 14:37 - 2011-06-14 10:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Skype
2015-01-23 14:23 - 2012-09-25 07:57 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-23 13:54 - 2012-07-29 09:18 - 00000000 ____D () C:\Users\McKeil-2\Documents\Outlook Files
2015-01-23 13:24 - 2010-12-03 13:01 - 00000000 ____D () C:\Users\McKeil-2\Documents\LTI
2015-01-23 08:59 - 2012-04-23 08:07 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 07:01 - 2011-05-30 10:04 - 00003950 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}
2015-01-22 17:24 - 2014-02-01 07:42 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-22 17:05 - 2013-01-22 10:14 - 00000000 ____D () C:\Users\McKeil-2\Documents\Donor Receipt 12 month Letter
2015-01-22 16:32 - 2013-02-19 09:44 - 00000000 ____D () C:\Users\McKeil-2\Documents\Donor Receipt Excel Data file
2015-01-22 16:02 - 2010-12-03 13:02 - 00000000 ____D () C:\Users\McKeil-2\Documents\PERSONAL
2015-01-22 13:03 - 2014-10-28 11:05 - 00000000 ____D () C:\Users\McKeil-2\Documents\SQL Server Management Studio
2015-01-22 10:26 - 2013-10-24 09:33 - 00002094 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2015-01-22 10:26 - 2013-10-24 09:33 - 00002082 _____ () C:\Users\Public\Desktop\Belarc Advisor.lnk
2015-01-20 16:38 - 2014-06-03 16:39 - 00000270 _____ () C:\Windows\SysWOW64\debug.log
2015-01-19 14:22 - 2014-10-28 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shelby v5
2015-01-19 14:22 - 2011-05-20 16:07 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-01-19 11:55 - 2010-11-19 22:39 - 00000000 ____D () C:\Windows\Panther
2015-01-19 09:28 - 2014-10-28 11:21 - 00001604 _____ () C:\Users\Public\Desktop\ShelbyEZ-VIEW.lnk
2015-01-19 09:28 - 2014-10-28 11:20 - 00000059 _____ () C:\Windows\SysWOW64\SSV5DATE.INI
2015-01-19 09:28 - 2014-10-28 11:20 - 00000000 ____D () C:\Program Files (x86)\Shelby Systems
2015-01-19 09:28 - 2014-10-28 11:14 - 00000109 _____ () C:\Windows\SysWOW64\ShelbyServices.ini
2015-01-19 09:28 - 2010-12-02 10:13 - 00001291 _____ () C:\Windows\Formset.ini
2015-01-19 09:05 - 2012-07-30 14:24 - 00000000 ____D () C:\Program Files (x86)\Citrix
2015-01-19 09:02 - 2010-12-13 08:59 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\Citrix
2015-01-18 21:35 - 2014-06-03 16:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-01-18 20:30 - 2014-06-03 16:59 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-01-17 19:59 - 2014-10-04 12:03 - 00000000 ____D () C:\Users\McKeil-2\Documents\BIBLESTUDYNOTES
2015-01-15 16:57 - 2010-12-03 13:01 - 00000000 ____D () C:\Users\McKeil-2\Documents\INTEGRITY
2015-01-15 14:33 - 2010-11-25 18:49 - 00000000 ____D () C:\Users\McKeil-2\AppData\Local\VirtualStore
2015-01-15 14:32 - 2012-10-25 16:38 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\TeamViewer
2015-01-15 14:14 - 2014-09-06 10:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-15 14:14 - 2009-07-13 23:45 - 00437448 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-15 14:13 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\security
2015-01-15 13:27 - 2010-12-01 20:47 - 00122888 _____ () C:\Users\McKeil-2\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-15 12:15 - 2014-06-03 17:00 - 00000000 ____D () C:\Windows\pss
2015-01-15 12:14 - 2014-04-16 08:43 - 00000000 ____D () C:\ProgramData\Oracle
2015-01-15 12:13 - 2014-04-16 08:42 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-15 12:11 - 2014-04-16 08:43 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-01-15 11:53 - 2012-10-04 09:21 - 00001545 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2015-01-15 11:50 - 2011-04-03 16:22 - 00000000 ____D () C:\Program Files (x86)\TurboTax
2015-01-15 10:38 - 2011-05-02 09:11 - 00247808 ___SH () C:\Users\McKeil-2\Documents\Thumbs.db
2015-01-15 10:34 - 2014-09-06 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-15 10:34 - 2013-10-24 10:28 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-15 10:31 - 2012-03-15 09:36 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-01-15 10:15 - 2011-05-20 16:09 - 00000000 ___RD () C:\Users\McKeil-2\Dropbox
2015-01-15 10:15 - 2011-05-20 16:06 - 00000000 ____D () C:\Users\McKeil-2\AppData\Roaming\Dropbox
2015-01-15 09:46 - 2011-06-14 10:05 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-15 09:46 - 2011-06-14 10:05 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 09:45 - 2014-09-06 08:49 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-15 09:42 - 2009-07-14 00:08 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-14 12:04 - 2014-08-21 09:08 - 00000000 ____D () C:\Users\McKeil-2\Documents\NEW LIFE CHRISTIAN CHURCH
2015-01-13 05:30 - 2012-09-25 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-01-09 10:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-31 12:50 - 2014-12-12 13:37 - 00004717 _____ () C:\ThankYou.txt
2014-12-31 12:50 - 2014-11-06 16:49 - 00005865 _____ () C:\GiftRec.txt
2014-12-28 14:56 - 2014-10-28 11:21 - 01568768 _____ (Shelby Systems, Inc.) C:\Windows\SysWOW64\ssv5axtax.dll
2014-12-28 14:56 - 2014-10-28 11:21 - 00921600 _____ (Shelby Systems Inc.) C:\Windows\SysWOW64\ssv5axgn.dll

==================== Files in the root of some directories =======
2015-01-15 10:18 - 2015-01-15 10:18 - 0000036 _____ () C:\Users\McKeil-2\AppData\Local\housecall.guid.cache
2014-06-03 17:07 - 2014-06-03 17:07 - 0000017 _____ () C:\Users\McKeil-2\AppData\Local\resmon.resmoncfg
2015-01-15 11:35 - 2015-01-23 07:25 - 0000010 _____ () C:\Users\McKeil-2\AppData\Local\sponge.last.runtime.cache
2011-06-14 10:16 - 2011-06-14 10:16 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2012-09-26 13:40 - 2014-06-17 18:04 - 0004921 _____ () C:\ProgramData\hpzinstall.log
2012-10-04 09:21 - 2015-01-15 11:53 - 0001545 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some content of TEMP:
====================
C:\Users\McKeil-2\AppData\Local\Temp\Quarantine.exe
C:\Users\McKeil-2\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

 

Addition.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by McKeil-2 at 2015-01-23 21:04:24
Running from C:\Users\McKeil-2\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Internet Security (Enabled - Up to date) {F2F88E6A-3C7A-545F-268A-5D0BDD38EE06}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Trend Micro Internet Security (Enabled - Up to date) {49996F8E-1A40-5BD1-1C3A-6679A6BFA4BB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.11 - STMicroelectronics)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
AOMEI Backupper Standard Edition 2.0.2 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
B209a-m (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Brother BRAgent 1.34.0001 (HKLM-x32\...\{9390DEE7-32CF-4A2E-A47B-30270D624AA1}) (Version: 1.34.0001 - Brother)
Brother MFL-Pro Suite MFC-7360N (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Carbonite (HKLM-x32\...\Carbonite Backup) (Version: 5.7.0 build 4390 (Sep-29-2014) - Carbonite)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{AFB80939-4486-49D8-A04E-2B05C0F2DE39}) (Version: 1.0.252 - Citrix)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 15.0.2.0 - Synaptics Incorporated)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
Dropbox (HKU\S-1-5-21-12934214-2758422551-2789243025-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
GDR 4033 for SQL Server 2008 R2 (KB2977320) (64-bit) (HKLM\...\KB2977320) (Version: 10.52.4033.0 - Microsoft Corporation)
Glary Utilities 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Drive (HKLM-x32\...\{240D2B48-E06E-446F-A806-01CF36882EB7}) (Version: 1.19.8268.4572 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 11.1.0.1055 - Citrix Online, a division of Citrix Systems, Inc.)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
HP Photosmart Plus B209a-m All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{9FEF1A18-8F26-4F49-A5A4-956C12210624}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Product Detection (HKLM-x32\...\{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}) (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
hppMSRedist (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hppusgP1000 (x32 Version: 1.1.0.1 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2141 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{563F041C-DFDB-437B-A1E8-E141E0906076}) (Version: 8.0.225.0 - Microsoft)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{E30E7561-A466-4393-B8BF-FD93E733EF3C}) (Version: 8.0.6362.202 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version:  - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{E8F7904A-4780-4F3F-B153-21BE32857120}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{1D4A3734-9328-440F-960C-42B4CE481EB4}) (Version: 10.52.4033.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x64) (HKLM\...\{53D7A054-4598-4947-A159-E8FCC77720AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 (x64) (HKLM\...\{817BCC2B-76A8-4C8B-8B55-FD916C6969CC}) (Version: 2.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio 2008 Shell (integrated mode) - ENU (HKLM-x32\...\{BA0C9AAF-1327-3F06-B49C-349B4BE8F740}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PS_AIO_06_B209a-m_SW_Min (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 1.3.3 - Dell Inc.)
Rapport (Version: 3.5.1205.20 - Trusteer) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roxio Creator DE 10.3 (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.3 - Roxio)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
Shelby SOAP Install (HKLM-x32\...\{19E65209-31B3-41B1-B4B9-ACF9ACBF2594}) (Version: 1.00.0000 - Shelby Systems)
Shelby v5 Server Setup (HKLM-x32\...\{F4BCB5DB-7713-4A76-9EFF-82EA130241A9}) (Version: 5.14.2000 - Shelby Systems, Inc.)
Shelby v5 Workstation Setup (HKLM-x32\...\{131E485E-1FBF-44D0-A6BA-8960EA316968}) (Version: 5.14.2000 - Shelby Systems, Inc.)
Shelby v5 Workstation Setup (x32 Version: 5.10.2000 - Shelby Systems, Inc.) Hidden
Shelby v5 Workstation Setup (x32 Version: 5.11.3000 - Shelby Systems, Inc.) Hidden
Shelby v5 Workstation Setup (x32 Version: 5.11.6000 - Shelby Systems, Inc.) Hidden
Shelby v5 Workstation Setup (x32 Version: 5.13.2350 - Shelby Systems, Inc.) Hidden
Shelby v5 Workstation Setup (x32 Version: 5.14.1001 - Shelby Systems, Inc.) Hidden
Shelby v5 Workstation Setup (x32 Version: 5.14.2000 - Shelby Systems, Inc.) Hidden
ShelbyIntelMail (HKLM-x32\...\{39AEF0C7-099C-421B-A2D3-BFA9D744BD32}) (Version: 1.0.0.0 - Shelby Systems)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2008 R2 Reporting Services (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 BI Development Studio (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Full text search (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Management Studio (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Reporting Services (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Trend Micro Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.)
Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden
TurboTax 2010 (HKLM-x32\...\TurboTax 2010) (Version:  - Intuit, Inc)
TurboTax 2011 (HKLM-x32\...\TurboTax 2011) (Version:  - Intuit, Inc)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc)
v511constantcontact (HKLM-x32\...\{3C762D9D-D904-4D60-8BB6-169B7AC81447}) (Version: 1.0.0.0 - Shelby Systems)
v513constantcontact (HKLM-x32\...\{A8B04D04-ED73-40AE-8DC5-5DE53D1A708D}) (Version: 1.0.0.4 - Shelby Systems)
v5constantcontact (HKLM-x32\...\{82CF54D4-C8B3-4532-AFC8-F2B59DC45CB9}) (Version: 1.0.0.0 - Shelby Systems)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.900 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-12934214-2758422551-2789243025-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\McKeil-2\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

17-01-2015 06:45:08 Windows Backup
18-01-2015 14:07:52 Windows Backup
18-01-2015 23:00:27 Windows Backup
19-01-2015 09:19:45 Configured Shelby v5 Server Setup
19-01-2015 12:37:36 Removed Rapport
19-01-2015 12:56:06 beore rdsrv removal
22-01-2015 11:20:40 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07FBE726-77E5-4782-9F52-58867FCF4B34} - System32\Tasks\{8F175A02-97AE-40CE-A817-D0AD87D26C31} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsMain
Task: {18C6A7A9-2054-474F-A127-4CF347030F89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {3240CC61-44F8-496C-B290-DB29E71E19B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {3F6EC6F5-E227-4FCF-BA6F-3C8C59002D6F} - System32\Tasks\{4DFBD16B-C084-45CA-8CF2-B8755F9FF5AB} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsMain
Task: {44B5AC95-7FC7-4233-9D60-3910A9F8AB58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {5A66AC11-17EE-485F-ACA3-FD58B5E1B263} - System32\Tasks\{A6B06C0F-E2C8-4932-AF95-52B66030821D} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {5B5D97F1-9AA3-402C-ACF0-277B51897DA2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {5ED52BDE-FC44-4EC7-8F24-2844DA7F5553} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\win32\Inspect\Inspect.exe [2014-07-20] (Trend Micro Inc.)
Task: {6D854A5C-325A-4D4E-869C-A433F1AB6687} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2010-07-21] (Microsoft Corporation)
Task: {7CEF366F-5439-48A2-A5BC-8FA3C78A611D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {8D5C86A9-C765-4BDC-B476-E0D227F63533} - System32\Tasks\{46E47F0A-E32C-443A-A910-DBD36ABCA6BE} => pcalua.exe -a C:\Windows\GFIBCK~1.EXE -c "C:\Windows\GFIBckHInstall.LOG"
Task: {93B251E6-B450-42B7-9278-2B0AF5036FA8} - System32\Tasks\{7BFDBE5D-93F9-4242-AE90-2888A4C66791} => pcalua.exe -a C:\Windows\GFIBCK~1.EXE -c "C:\Windows\GFIBckHInstall.LOG"
Task: {B26E55E6-BED5-441F-87D0-C77ED09D039F} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)
Task: {B498AABE-360E-4E38-8C8B-B7094A626B35} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C4DB429F-1ADE-4C7C-97FF-787B7987A06A} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-01-05] (Glarysoft Ltd)
Task: {D99DF314-07DC-42B2-8D7B-93B076F2F029} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {E15BC032-73D4-4E37-B98D-171C3A198412} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {E39BC32E-A55E-4AC9-BC92-A76A310A28F5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {FC2FC414-C9B6-4818-8F85-D4ABD19F3977} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_EF54FF63-A00A-11E4-91C6-F04DA2A8C034.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: C:\Windows\Tasks\User_Feed_Synchronization-{678FC7F5-E7A1-4C80-B784-BD0DA4D27B1B}.job => C:\Windows\system32\msfeedssync.exe

 

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.