the istartsurf comes up in mozilla firefox, google chrome and internet explorer, please help me get rid of it.

more than 10 days but no reply till now ...... pls help somehow....

Hi,

Does the problem still exist?

I am running Windows 8.1 on a disk top and I found "Wangzsong" as an unknown and unwanted used on my system. I have deleted the folder and run Malwarebites, but found nothing. Unfortunate I cannot now get on line with the PC to download anything or do anything. This is being sent from my Raspberry Pi. Many thanks for any help or advise would be most welcome.

Keep getting a dialog box with this message when booting up - windows 8.1, Toshiba Satellite
The dialog box cannot be minimized, only pushed off to the side of my screen :


START MENU UPDATED.
The Start Menu was updated to the latest version.

What's New:

Critical fix for apps requiring Adobe Flash Driver
Critical Fix for Start Menu
Increased Battery life with performance improvements
New dull-acreen start menu for touch screens'
General bug fixes
Updated Terms of Use

OK ?

When I click on terms of use it takes me to Sweet Labs

SWEETLABS TERMS OF SERVICE
SweetLabs, Inc. (“we” or “SweetLabs”) welcomes You to our websites, software, products and services (our “Services”) owned and operated by SweetLabs which post, include or link to these Terms of Service (the “Agreement”).
THIS AGREEMENT GOVERNS YOUR USE OF THE SERVICES PROVIDED BY SWEETLABS. By using, downloading, installing or visiting our services, YOU OR THE ENTITY OR COMPANY THAT YOU REPRESENT ("YOU"), acknowledge that you accept the terms, conditions, restrictions and policies outlined in this agreement, including our Privacy Policy, AVAILABLE AT http://r.sweetlabs.com/win-privacy-policy. Please read the following agreement carefully.
1. LICENSE. You accept this Agreement by actually using the Services. You may not use the Services if you do not accept this Agreement. Subject to Your compliance with all the terms of this Agreement, SweetLabs hereby grants You a limited, personal, non-assignable, non-sublicenseable, non-exclusive, non-transferable license to use the Services solely for Your personal use and solely in accordance with any documentation that accompanies it.
2. USAGE. You agree to use the Services only for the purposes that are permitted by this Agreement and by any applicable law, regulation, or generally accepted practices or guidelines in any relevant jurisdiction (including any laws governing the export or import of data or software to and from the United States or other relevant jurisdictions). You may not use the Services, if you are under the age of thirteen (13) or you are a person barred from using or receiving the Services under the laws of the United States or other relevant jurisdiction.
3. RESTRICTIONS. You agree not to, and agree not to permit anyone else to: (i) misuse the Services, or engage in any activity that damages, interferes with or disrupts the Services; (ii) copy or distribute the Services; (iii) modify, reverse engineer, disassemble, decompile or otherwise attempt to discover the source code or structure, sequence and organization of the Services; (iv) license, sell, rent, lease, transfer or host the Services; (v) use the Services to infringe the intellectual property rights or proprietary rights, or rights of publicity or privacy, of any third party; (vi) use the Services to violate any law, statute, ordinance or regulation; (vii) use the Services to disseminate information or materials that is infringing, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, or otherwise objectionable; or (viii) use the Services to disseminate any software viruses or any other computer code, files or programs that may interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment.

The term of use keeps going on and on for another 10 paragraphs.

What is this ?

Note - we've been having problems with this PC recently. I have done restores twice to dates in early February. Wondering if this Sweet Labs is the culprit. The dialog box from sweet Labs will not go away unless I click OK

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A8-5500 APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 4
RAM: 5310 Mb
Graphics Card: AMD Radeon HD 7560D, 768 Mb
Hard Drives: C: Total - 926979 MB, Free - 886068 MB;
Motherboard: LENOVO,
Antivirus: Windows Defender, Disabled

Help please!

I went to open my Microsoft account...and someone else is logged in! I have now ran both anti-malware (Malwarebytes) and anti-spyware (SAS) (nothing in malware, but spyware caught 43 items, which are now gone).

Just a little bit more clearing up to do
We need to delete a couple of folders that did contain what looks like other parts of the malware
Delete any existing fixlist.txt from desktop

Download attached fixlist.txt file and save it to your downloads folder.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Attached Files

fixlist.txt (91 Bytes)

Hi Kanu,
You will have to do a number of things to minimize the threat of a hack, and return the network to normal.

• Download the latest Router Firmware, instructions, etc., and install the latest firmware.
  Get it from here: http://ftp.dlink.ru/pub/ADSL/
• After updating the firmware, Set the router to the correct settings for your Internet provider
• Change the Password for the Admin user on the Router
• Flush the DNS Cache on all computers on the network.
• Check the IP configuration for machines on the network.

You can use the MiniToolbox to Flush DNS and provide the IP configuration, as follows:
-----------------------------------------------
Please download MiniToolBox and run it on a machine connected to the network..
Double click MiniToolBox.exe to launch the program.
Checkmark only the following boxes in the list:

• Flush DNS
• List IP configuration
• List Winsock Entries

Click Go to start the scan.
When finished a log Result.txt will open.
Please post the contents of that log.

askey127

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
Processor: AMD E-350 Processor, AMD64 Family 20 Model 1 Stepping 0
Processor Count: 2
RAM: 2666 Mb
Graphics Card: AMD Radeon HD 6310 Graphics, 384 Mb
Hard Drives: C: Total - 286074 MB, Free - 19420 MB; D: Total - 14905 MB, Free - 1656 MB; E: Total - 4055 MB, Free - 1108 MB;
Motherboard: Hewlett-Packard, 3577
Antivirus: AVG AntiVirus Free Edition 2014, Disabled

# AdwCleaner v4.112 - Logfile created 22/03/2015 at 15:05:56
# Updated 09/03/2015 by Xplode
# Database : 2015-03-22.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Catherine - CATSPC
# Running from : C:\Users\Catherine\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : donutleadsServiceCore
[#] Service Deleted : cherimoya

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Browser
Folder Deleted : C:\ProgramData\PicColorData
Folder Deleted : C:\ProgramData\donutleads
Folder Deleted : C:\ProgramData\YoutubeAdBloucke
Folder Deleted : C:\ProgramData\b68c88518ad03ef6
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Program Files (x86)\LuckyTab
Folder Deleted : C:\Program Files (x86)\donutleads
Folder Deleted : C:\Program Files (x86)\YoutubeAdBloucke
Folder Deleted : C:\Program Files (x86)\NEExttCouipa
Folder Deleted : C:\Program Files (x86)\Common Files\DealAlly
Folder Deleted : C:\Program Files (x86)\Common Files\Hoist Search
Folder Deleted : C:\Users\CATHER~1\AppData\Local\Temp\AdvanceElite
Folder Deleted : C:\Users\CATHER~1\AppData\Local\Temp\Box Rock
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Catherine\AppData\Local\Browser Extensions
Folder Deleted : C:\Users\Catherine\AppData\Local\Rainmaker_Software_Group_
Folder Deleted : C:\Users\Catherine\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Catherine\AppData\Roaming\GameHugArcade
Folder Deleted : C:\Users\Catherine\AppData\Roaming\Rainmaker Software Group LLC.?
Folder Deleted : C:\Users\Catherine\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
Folder Deleted : C:\Users\Catherine\Documents\ProPCCleaner
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Catherine\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Catherine\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Catherine\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\adegbidlfjmhhpkihoekilhmmplolfjc
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aekpinfjhbjjambebminemcjnhmaoghb
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apoblgfhdkiakicdffbdohifbijligio
File Deleted : C:\Windows\patsearch.bin
File Deleted : C:\Windows\DtcInstall.log
File Deleted : C:\Windows\SysWOW64\ColorMedia.dll
File Deleted : C:\Windows\SysWOW64\ColorMediaOff.ini
File Deleted : C:\Windows\System32\drivers\Msft_Kernel_webinstrNHKT_01009.Wdf
File Deleted : C:\Windows\System32\ColorMediaOff.ini
File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage
File Deleted : C:\Users\Catherine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : bench-sys
Task Deleted : LaunchApp
Task Deleted : SMupdate1
Task Deleted : YTDownloader
Task Deleted : LuckyTab
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup
Task Deleted : Validate Installation
Task Deleted : Check Updates
Task Deleted : GeniusBox

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\blmchfpimpbbdmgpcieclabeafkljbhm
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho
Key Deleted : HKCU\Software\Classes\pokki
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep
Key Deleted : HKLM\SOFTWARE\Classes\Extension.jshep.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051fe6ec-f619-458b-9e99-a3baa732debd}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6ac3fcfb-10d8-4746-b679-9c31eaf6238c}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9b9c99f7-2ee5-4731-bfb3-49cc3d2af495}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{051fe6ec-f619-458b-9e99-a3baa732debd}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9b9c99f7-2ee5-4731-bfb3-49cc3d2af495}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{051fe6ec-f619-458b-9e99-a3baa732debd}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9b9c99f7-2ee5-4731-bfb3-49cc3d2af495}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{051fe6ec-f619-458b-9e99-a3baa732debd}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6ac3fcfb-10d8-4746-b679-9c31eaf6238c}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9b9c99f7-2ee5-4731-bfb3-49cc3d2af495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051fe6ec-f619-458b-9e99-a3baa732debd}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6ac3fcfb-10d8-4746-b679-9c31eaf6238c}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9b9c99f7-2ee5-4731-bfb3-49cc3d2af495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5081D2D4-1637-404C-B74F-50526718257D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC865B26-C31D-4D23-B17B-96548EEF03F6}
Key Deleted : HKCU\Software\eSupport.com
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\DriverRestore
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Key Deleted : HKCU\Software\ProPCCleanerConfig
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKCU\Software\AppDataLow\Software\SpeeditUp
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\LuckyTab
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKLM\SOFTWARE\PicColor Utility
Key Deleted : HKLM\SOFTWARE\GeniusBox
Key Deleted : HKLM\SOFTWARE\SmileFiles
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D0F43D9-C1D7-733C-01F8-4A3001BF8CC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\PicColor Utility
Key Deleted : [x64] HKLM\SOFTWARE\WebBar
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] -
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 127.0.0.1:5050
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v41.0.2272.101


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [252 bytes] - [29/10/2014 18:41:43]
AdwCleaner[R1].txt - [14809 bytes] - [12/03/2015 19:57:21]
AdwCleaner[R2].txt - [14590 bytes] - [22/03/2015 13:31:46]
AdwCleaner[R3].txt - [15499 bytes] - [22/03/2015 15:01:32]
AdwCleaner[S0].txt - [15162 bytes] - [22/03/2015 15:05:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15222 bytes] ##########

i use mozilla firefox, every time i open a new tab or window the language is changed to dutch

its driving me nuts :mad:

Ive changed it back to English about 60 times now litarly

could any one help out? :confused:

my dad already ran a virus scan and nothing came up, although i did recently try to download a mine craft mod that had a dutch kick starter thing

Hi Teacherlife,
-------------------------------------------------------
IF You Don't Have Firefox, (Look in Control Panel > Programs and Features) click on the Windows version here and install it : https://www.mozilla.org/en-US/firefox/new/
During the installation you can likely import settings from Internet Explorer if you wish.

If you just installed it, or you already have it:
---------------------------------------------------------
Set Firefox as Default and Always Ask Where to Save Downloads
Open Firefox, then hit the Alt key if necessary, so you can see the menu bar at the top.
In the top menu bar, click on Tools, and select Options.
In the new dialog window that pops up:

Click on the General icon in the top bar, and Click the button labeled Make Firefox My Default browser
Click the radiobutton labeled Always ask me where to save files
Click the checkbox labeled Always check to see if Firefox is the Default browser on startup.
Click OK.

Let me know if this part works for you.
Then we can get started.
askey127

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Leticia at 2015-03-18 21:41:05 Run:1
Running from D:\
Loaded Profiles: Leticia (Available profiles: Leticia & michael)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [Coupon Alert Home Page Guard 64 bit] => C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\AppIntegrator64.exe [548936 2013-06-04] ()
HKLM-x32\...\Run: [ApnTBMon] => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2049896 2013-12-20] (YTDownloader)
HKLM-x32\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [3211776 2014-07-08] ()
HKLM-x32\...\Run: [Coupon Alert Search Scope Monitor] => "C:\PROGRA~2\COUPON~2\bar\1.bin\2psrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [CouponAlert_2p Browser Plugin Loader] => C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbrmon.exe [30096 2013-06-04] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [AnyProtect Scanner] => "C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe"
HKLM-x32\...\Run: [fst_us_148] => "C:\Program Files (x86)\fst_us_148\fst_us_148.exe"
HKLM-x32\...\RunOnce: [upfst_us_148.exe] => C:\Users\Leticia\AppData\Local\fst_us_148\upfst_us_148.exe [3352544 2014-07-07] ()
HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Run: [SPDriver] => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.exe [3211776 2014-07-08] ()
HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Run: [Exetender] => C:\Program Files (x86)\Hoopla\GPlayer.exe [5043096 2014-03-05] (Exent Technologies Ltd.)
HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Run: [Easy Speed PC] => C:\Program Files (x86)\Probit Software\Easy Speed PC\ESPCLauncher.exe
HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Run: [Yahoo! Search] => C:\Users\Leticia\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [634624 2014-12-21] (Pay By Ads LTD)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AddonNP.lnk
ShortcutTarget: AddonNP.lnk -> C:\Program Files (x86)\NewPlayer\AddonNP.exe ()
Startup: C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
ShortcutTarget: DesktopWeatherAlerts.lnk -> C:\Users\Leticia\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe (No File)
Startup: C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk
ShortcutTarget: PricePeepUpdater.lnk -> C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe ()
Startup: C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk
ShortcutTarget: Weather Alerts.lnk -> C:\Users\Leticia\AppData\Local\WeatherAlerts\WeatherAlerts.exe (Local Weather LLC)
Startup: C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk
ShortcutTarget: FrostWire On Startup.lnk -> C:\Program Files (x86)\FrostWire 5\FrostWire.exe (FrostWire)
Startup: C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-580940030-35127617-3160781262-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-580940030-35127617-3160781262-1001\User: Group Policy restriction detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [S-1-5-21-580940030-35127617-3160781262-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-580940030-35127617-3160781262-1001] => http=127.0.0.1:13828
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/?p=mKO_AwFzXI...G85BLui9M8aaXI TVl_ekr8W_bIE88YTif6l1vNGwRC9cZ_I9tX2JUm2mQYVI8QHRlr1sR6fF1WiiX8O2TNW6C9WIR 31yhHrjKtQCqHDhBP81OO5f10ZDU6xcvZxlvM0mde&q={searchTerms}
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/?p=mKO_AwFzXI...G85BLui9M8aaXI TVl_ekr8W_bIE88YTif6l1vNGwRC9cZ_I9tX2JUm2mQYVI8QHRlr1sR6fF1WiiX8O2TNW6C9WIR 31yhHrjKtQCqHDhBP81OO5f10ZDU6xcvZxlvM0mde&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-580940030-35127617-3160781262-1001 - (No Name) - {7b9f8c21-46ec-4c0b-8683-e755ef84577a} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll No File
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.net/search.aspx?s=E38zadku1,4c000c15-cb58-4f23-b0a2-2a12673d72db,&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXI...G85BLui9M8aaXI TVl_ekr8W_bIE88YTif6l1vNGwRC9cZ_I9tX2JUm2mQYVI8QHRlr1sR6fF1WiiX8O2TNW6C9WIR 31yhHrjKtQCqHDhBP81OO5f10ZDU6xcvZxlvM0mde&q={searchTerms}
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?p=mKO_AwFzXI...G85BLui9M8aaXI TVl_ekr8W_bIE88YTif6l1vNGwRC9cZ_I9tX2JUm2mQYVI8QHRlr1sR6fF1WiiX8O2TNW6C9WIR 31yhHrjKtQCqHDhBP81OO5f10ZDU6xcvZxlvM0mde&q={searchTerms}
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5108&q={searchTerms}
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> URL http://search.conduit.com/Results.as...ce=58&CUI=&UM= 4&UP=SP65083C4B-FD76-441B-98F1-9677FF492F31&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> SuggestionsURL_JSON http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=bndl1_14_26&cd=2XzuyEtN2Y1L1Qzuzy0CyE0EtA yCyByCzz0DtBtCyCzyzy0DtN0D0Tzu0SzytBtBtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1 G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2StAzy0E0AyC0A0A0FtG0AyEtByEtGyBtA0A tBtGyCtBzzyBtGtAyBzy0A0B0A0CyD0CtD0F0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0FyEtByCt BtDyCtGzyyCtCyDtG0D0E0CtCtGzy0Fzz0FtGtBtC0A0ByEyCtB0CtC0B0DyC2Q&cr=46005761 8&ir=
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = http://www.mystart.com/results.php?gen=ms&pr=vmn&id=mystarttb&v=5_4&ent=ch_5108&q={searchTerms}
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_cmi_14_28_ch&cd=2XzuyEtN2Y1L1Qzuzy0C yE0EtAyCyByCzz0DtBtCyCzyzy0DtN0D0Tzu0SzytBtBtN1L2XzutBtFtBtCtFtCyEtFtBtN1L1 CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StAzztD0DtA0AyBtAtG0B0CtD0BtGyD0CyC zytGyBtAzyyEtGtCyEtB0CtBtCzztCzzyEyCyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0FyEtByCt BtDyCtGzyyCtCyDtG0D0E0CtCtGzy0Fzz0FtGtBtC0A0ByEyCtB0CtC0B0DyC2Q&cr=58236296 9&ir=
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.net/search.aspx?s=E38zadku1,4c000c15-cb58-4f23-b0a2-2a12673d72db,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> {B45B6130-384E-452D-A2DB-0F3910B9CAB7} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=241
BHO: iWebar -> {11111111-1111-1111-1111-110311551110} -> C:\Program Files (x86)\iWebar\iWebar-bho64.dll No File
BHO: PalMall -> {11111111-1111-1111-1111-110511801132} -> C:\Program Files (x86)\PalMall\PalMall-bho64.dll (BND)
BHO: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho64.dll (Cinema Plus)
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro64.dll No File
BHO: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\x64\dca-bho.dll (Compete, Inc.)
BHO: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll" No File
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No File
BHO-x32: Solid Savings -> {11111111-1111-1111-1111-110211621178} -> C:\Program Files (x86)\Solid Savings\Solid Savings-bho.dll (Innovative Apps)
BHO-x32: iWebar -> {11111111-1111-1111-1111-110311551110} -> C:\Program Files (x86)\iWebar\iWebar-bho.dll No File
BHO-x32: PalMall -> {11111111-1111-1111-1111-110511801132} -> C:\Program Files (x86)\PalMall\PalMall-bho.dll (BND)
BHO-x32: Cinema-Plus-1.2 -> {11111111-1111-1111-1111-110611051148} -> C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-bho.dll (Cinema Plus)
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Toolbar BHO -> {3a421c8f-e238-4aeb-8874-b8b5f2cc4772} -> C:\PROGRA~2\COUPON~2\bar\1.bin\2pbar.dll No File
BHO-x32: SearchDonkey -> {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} -> C:\Program Files (x86)\SearchDonkey\IE\common.dll (WebAppTech Coding, LLC)
BHO-x32: getsav-in 5.0 -> {57437FFF-AF43-472E-9BBD-41AA710B1297} -> C:\Users\michael\AppData\Local\getsav-in\ie\getsav-in_1368186302.dll ()
BHO-x32: Search Assistant BHO -> {60e91567-ef8a-4520-bce2-83aba5256799} -> C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pSrcAs.dll No File
BHO-x32: NetCrawl 1.0.0.5 -> {769a91da-209f-47fe-88b9-b0321b0982c8} -> C:\Program Files (x86)\NetCrawl\NetCrawlBHO.dll (NetCrawl)
BHO-x32: Playtopus Games -> {8EBA1B69-99D8-4135-BD43-729BA79D5CC4} -> C:\Users\michael\AppData\Local\Playtopus\Playtopus.dll (Playtopus)
BHO-x32: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO-x32: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files (x86)\Wajam\IE\priam_bho.dll No File
BHO-x32: Consumer Input DCA BHO -> {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} -> C:\Program Files (x86)\Consumer Input\InternetExplorer\dca-bho.dll (Compete, Inc.)
BHO-x32: MyStart Toolbar -> {ccb24e92-62c4-4c53-95d2-65f9eed476bc} -> C:\Program Files (x86)\mystarttb\mystartDx.dll No File
BHO-x32: findopolis 1.0.0.5 -> {ccfd8427-0c44-4b91-abbb-d6aa65f7d2a1} -> C:\Program Files (x86)\findopolis\findopolisBHO.dll (findopolis)
BHO-x32: Ask Shopping Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" No File
BHO-x32: WeCareReminder Class -> {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} -> C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
BHO-x32: PennyBee -> {ECCD8756-E877-457F-8C44-4EC20055DDB5} -> C:\Program Files (x86)\PennyBee\InternetExplorerBHO.dll No File
BHO-x32: No Name -> {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} -> No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll" No File
Toolbar: HKLM - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx64.dll No File
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Coupon Alert - {3462c343-be19-4143-af70-cefb56f46fc6} - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbar.dll No File
Toolbar: HKLM-x32 - Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport.dll" No File
Toolbar: HKLM-x32 - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll No File
Toolbar: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> Ask Shopping Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ORJ\Passport_x64.dll" No File
Toolbar: HKU\S-1-5-21-580940030-35127617-3160781262-1001 -> No Name - {3462C343-BE19-4143-AF70-CEFB56F46FC6} - No File
FF Plugin-x32: @CouponAlert_2p.com/Plugin -> C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\NP2pStub.dll No File
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Hoopla\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin HKU\S-1-5-21-580940030-35127617-3160781262-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF HKLM-x32\...\Firefox\Extensions: [2pffxtbr@CouponAlert_2p.com] - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin
FF Extension: No Name - C:\Program Files (x86)\CouponAlert_2p\bar\1.bin [2013-06-04]
FF HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Firefox\Extensions: [{8a1a43a3-ee9f-4fff-9c5c-b3063ee1f0e0}] - C:\Program Files (x86)\Re-markit-soft\157.xpi
FF HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi
CHR StartupUrls: Default -> "hxxp://www-search.net/?s=E38zadku1,4c000c15-cb58-4f23-b0a2-2a12673d72db,"
CHR DefaultSuggestURL: Default -> https://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Extension: (iWebar) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2014-07-10]
CHR Extension: (Search) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-10]
CHR Extension: (video MediaPlay-Air) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-07-10]
CHR Extension: (MySearchDial) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-07-10]
CHR Extension: (Rocket New Tab) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom [2014-07-10]
CHR Extension: (findopolis) - C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojlbmmdblljkdkicbjdfplphhplkndeg [2014-12-21]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - No Path
CHR HKLM\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - No Path
CHR HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - No Path
CHR HKU\S-1-5-21-580940030-35127617-3160781262-1001\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - No Path
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ\CRX\ToolbarCR.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dghncoeocefmhkhiphdgikkamjeglbfh] - C:\Program Files (x86)\mystarttb\chrome-newtab-search.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - No Path
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\michael\AppData\Local\Wajam\Chrome\wajam.crx [2013-05-02]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/d...najaicnklhfplh [Not Found]
R4 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [32808 2013-05-24] (Just Develop It) <==== ATTENTION
S2 consumerinput_update; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2014-03-08] (ConsumerInput)
S3 consumerinput_updatem; C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [106296 2014-03-08] (ConsumerInput)
R4 CouponAlert_2pService; C:\Program Files (x86)\CouponAlert_2p\bar\1.bin\2pbarsvc.exe [42504 2013-06-04] (COMPANYVERS_NAME)
R4 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-06-30] () [File not signed]
R4 PennyBee; C:\Program Files (x86)\PennyBee\PennyBee.exe [54272 2014-07-07] () [File not signed] <==== ATTENTION
R4 Re-markit; C:\Program Files (x86)\Re-markit-soft\Re-markit157.exe [195072 2014-03-08] () [File not signed] <==== ATTENTION
R4 servervo; C:\Users\Leticia\AppData\Roaming\VOPackage\VOsrv.exe [71680 2014-07-10] () [File not signed] <==== ATTENTION
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2708328 2014-08-27] (Search Module Ltd.)
S2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-07-08] (ShopperPro)
R2 Update findopolis; C:\Program Files (x86)\findopolis\updatefindopolis.exe [529136 2015-01-05] ()
R2 Update NetCrawl; C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe [524576 2014-12-21] ()
R2 Util findopolis; C:\Program Files (x86)\findopolis\bin\utilfindopolis.exe [529136 2015-01-05] ()
R4 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-05-02] (Wajam) [File not signed] <==== ATTENTION
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [42856 2014-08-27] ()
R2 X5XSEx_Pr152; C:\Program Files (x86)\Hoopla\X5XSEx_Pr152.Sys [56584 2013-07-18] (Exent Technologies Ltd.)
R1 {173745cd-3937-468f-98f6-d68898d32d98}w64; C:\Windows\System32\drivers\{173745cd-3937-468f-98f6-d68898d32d98}w64.sys [48784 2015-01-05] (StdLib)
R1 {1de0dec0-675e-482f-a756-fd24c6796c8e}w64; C:\Windows\System32\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys [48832 2014-12-17] (StdLib)
R4 sbmntr; \??\C:\Program Files (x86)\YTDownloader\sbmntr.sys [X]
R4 SPDRIVER_1.35.1.155; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys [X]
R2 SPDRIVER_1.37.0.193; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.37.0.193\jsdrv.sys [X]
Task: {06A8DB4B-697B-4937-A068-F07D3CDF4853} - System32\Tasks\iWebar-chromeinstaller => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe <==== ATTENTION
Task: {0764F78F-264B-4817-AFAE-90D757395FA8} - System32\Tasks\{E5428C95-CA2F-40EF-961A-A50957D5AFCD} => pcalua.exe -a "C:\Program Files (x86)\FMS\Uninstall.exe"
Task: {0B9DE1FD-6C98-4658-B995-F485959034C2} - System32\Tasks\SPBIW_UpdateTask_Time_333836343835303334352d2d5b50342a415545 6c5a236c => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
Task: {121CD599-9FDE-4C4D-A726-6D7440767531} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1 => C:\Program Files (x86)\PalMall\PalMall-codedownloader.exe [2014-07-10] (BND) <==== ATTENTION
Task: {16229990-4EAF-4D96-AEBA-AB7FA0AC9D4A} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-5.exe [2014-07-10] (BND) <==== ATTENTION
Task: {17965C67-2C46-4B4C-A453-002C32CE88D0} - System32\Tasks\ConsumerInputUpdateTaskMachineUA => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2014-03-08] (ConsumerInput) <==== ATTENTION
Task: {285B017D-14AB-4DE4-8374-FA4A703FA34F} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6 => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-novainstaller.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {2930FB7C-EB87-46CD-BC4B-824B9D4979C3} - System32\Tasks\CIMT_daily_S-1-5-21-580940030-35127617-3160781262-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2014-11-26] () <==== ATTENTION
Task: {29F60423-AF23-4493-83A0-73A4F892E4D8} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-12-08] () <==== ATTENTION
Task: {2BC6A59F-CA65-42E2-9F99-D74285AE19D8} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11 => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-11.exe [2014-07-10] (BND) <==== ATTENTION
Task: {2E8E3D23-1F09-4B15-8EAF-FDF5353E7679} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2 => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-2.exe [2014-07-10] (BND) <==== ATTENTION
Task: {331D2001-C1B4-466F-9D84-F2DABC4DC27D} - System32\Tasks\Updater26278.exe => C:\Users\michael\AppData\Local\Updater26278\Updater26278.exe <==== ATTENTION
Task: {37D99F27-D4AE-4635-A258-40294D5C787C} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1 => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe <==== ATTENTION
Task: {41233670-5E85-4A6E-B050-39EEB0DAEBEE} - System32\Tasks\CIMT_S-1-5-21-580940030-35127617-3160781262-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe [2014-11-26] () <==== ATTENTION
Task: {41978C42-8932-4E56-A176-012B8111F094} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ATTENTION
Task: {42719407-214D-4D8A-BC82-8CFA2F5BFB63} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4 => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-4.exe [2014-07-10] (BND) <==== ATTENTION
Task: {48BA66C5-9CE5-4F6C-9B0C-7F91D9CBE1D5} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {60E68DCF-CA13-40CC-AFC2-CADABCC81EFB} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2 => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-2.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {6C59312F-3E0C-46D2-9043-0D85E52B9485} - System32\Tasks\temp_56ce3484-b669-4c8b-8489-666612b8aac7-2 => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-2.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {733F4A68-09B5-45DB-90DE-2AA2C8621D00} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-12-08] () <==== ATTENTION
Task: {7613DA2A-23C5-4EB6-B4BA-CD8873A5F804} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {79524917-C578-4213-82D3-82BD2487BCC2} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11 => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-11.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {931367DF-98DD-4FA5-A3AE-AAC77F7A6B25} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4 => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-4.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {A4EA2991-D0EA-4538-B5E6-1B00D1B7D584} - System32\Tasks\Advanced-System Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2014-12-09] () <==== ATTENTION
Task: {ACF03591-CAAA-4893-9852-26CAEE647C1D} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-7 => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-nova.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {B76D503E-28B5-4F6E-9C84-D817454EB592} - System32\Tasks\iWebar-firefoxinstaller => C:\Program Files (x86)\iWebar\iWebar-firefoxinstaller.exe <==== ATTENTION
Task: {CC3DB9BC-6B77-41F4-A297-B5261BD9793A} - System32\Tasks\ConsumerInputUpdateTaskMachineCore => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe [2014-03-08] (ConsumerInput) <==== ATTENTION
Task: {DE50D567-8466-439B-B1D5-DE6DE7CD057F} - System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3 => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-3.exe [2014-07-10] (Cinema Plus) <==== ATTENTION
Task: {E2A4AA41-14D6-41C2-9BDC-5F21B97346BB} - System32\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 => C:\Program Files (x86)\video MediaPlay-Air\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.exe [2014-07-10] (enter) <==== ATTENTION
Task: {E3E359BD-21F1-403E-A745-D1E0BA925049} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-12-08] () <==== ATTENTION
Task: {EDF770DA-FE8D-43C5-BAA1-810147FEE27B} - System32\Tasks\Yahoo! Search Updater => C:\Users\Leticia\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrsetup.exe [2014-12-21] (Pay By Ads LTD) <==== ATTENTION
Task: {EEA0FC31-811F-4D14-86AD-53F73EB27D8E} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5 => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-5.exe [2014-07-10] (BND) <==== ATTENTION
Task: {F7A9DCD4-1569-49E3-AFA8-65865697C144} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-7 => C:\Program Files (x86)\PalMall\PalMall-nova.exe [2014-10-06] (FileProperties_CompanyName) <==== ATTENTION
Task: {FB804D2A-5867-41B3-BD6C-0A0CAD6D3610} - System32\Tasks\Yahoo! Search => C:\Users\Leticia\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.18.5\dsrlte.exe [2014-12-21] (Pay By Ads LTD) <==== ATTENTION
Task: {FC5B2C3D-8693-4E07-BE3D-E0E04438AF8B} - System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6 => C:\Program Files (x86)\PalMall\PalMall-nova.exe [2014-10-06] (FileProperties_CompanyName) <==== ATTENTION
Task: C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11.job => C:\Program Files (x86)\video MediaPlay-Air\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.job => C:\Program Files (x86)\video MediaPlay-Air\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1.job => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11.job => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2.job => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3.job => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-3.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4.job => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6.job => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-novainstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-7.job => C:\Program Files (x86)\Cinema-Plus-1.2\Cinema-Plus-1.2-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1.job => C:\Program Files (x86)\PalMall\PalMall-codedownloader.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11.job => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-11.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2.job => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-2.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4.job => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-4.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5.job => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user.job => C:\Program Files (x86)\PalMall\98bd8955-5681-454d-960c-17eab7511bad-5.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6.job => C:\Program Files (x86)\PalMall\PalMall-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-7.job => C:\Program Files (x86)\PalMall\PalMall-nova.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\CIMT_daily_S-1-5-21-580940030-35127617-3160781262-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\CIMT_S-1-5-21-580940030-35127617-3160781262-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job => C:\Program Files (x86)\Consumer Input\Update\ConsumerInputUpdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-chromeinstaller.job => C:\Program Files (x86)\iWebar\iWebar-chromeinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\iWebar-firefoxinstaller.job => C:\Program Files (x86)\iWebar\iWebar-firefoxinstaller.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\temp_56ce3484-b669-4c8b-8489-666612b8aac7-2.job => C:\Program Files (x86)\Cinema-Plus-1.2\56ce3484-b669-4c8b-8489-666612b8aac7-2.exe <==== ATTENTION
C:\Program Files (x86)\CouponAlert_2p
C:\Program Files (x86)\AskPartnerNetwork
C:\Program Files (x86)\YTDownloader
C:\Program Files (x86)\ShopperPro
C:\PROGRA~2\COUPON~2
C:\Program Files (x86)\AnyProtectEx
C:\Program Files (x86)\fst_us_148
C:\Users\Leticia\AppData\Local\fst_us_148
C:\Program Files (x86)\ShopperPro
C:\Program Files (x86)\Optimizer Pro
C:\Program Files (x86)\Hoopla
C:\Program Files (x86)\Probit Software
C:\Users\Leticia\AppData\Local\Pay-By-Ads
C:\Program Files (x86)\NewPlayer
C:\Users\Leticia\AppData\Local\WeatherAlerts
C:\Program Files (x86)\PricePeep
C:\Program Files (x86)\FrostWire 5
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\iWebar
C:\Program Files (x86)\PalMall
C:\Program Files (x86)\Cinema-Plus-1.2
C:\ProgramData\ShopperPro
C:\Program Files (x86)\Consumer Input
C:\Program Files (x86)\Solid Savings
C:\Program Files (x86)\SearchDonkey
C:\Users\michael\AppData\Local\getsav-in
C:\Program Files (x86)\NetCrawl
C:\Users\michael\AppData\Local\Playtopus
C:\Program Files (x86)\Wajam
C:\Program Files (x86)\mystarttb
C:\Program Files (x86)\findopolis
C:\ProgramData\WeCareReminder
C:\Program Files (x86)\PennyBee
C:\Program Files (x86)\Re-markit-soft
C:\ProgramData\AskPartnerNetwork
C:\Program Files (x86)\MyPC Backup
C:\Program Files (x86)\Consumer Input
C:\Program Files (x86)\CouponAlert_2p
C:\Program Files (x86)\NewPlayer
C:\Program Files (x86)\PennyBee
C:\Program Files (x86)\Re-markit-soft
C:\Users\Leticia\AppData\Roaming\VOPackage
C:\Program Files\Common Files\Goobzo
C:\Program Files\Common Files\ShopperPro
C:\Program Files (x86)\findopolis
C:\Program Files (x86)\NetCrawl
C:\Windows\System32\drivers\{173745cd-3937-468f-98f6-d68898d32d98}w64.sys
C:\Windows\System32\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys
C:\Program Files (x86)\YTDownloader
C:\Program Files (x86)\FMS
C:\Program Files (x86)\RegClean Pro
C:\Users\michael\AppData\Local\Updater26278
C:\PROGRA~1\COMMON~1\System\SysMenu.dll
C:\Program Files (x86)\ASP
2015-01-05 22:51 - 2015-01-05 13:26 - 00048784 _____ (StdLib) C:\WINDOWS\system32\Drivers\{173745cd-3937-468f-98f6-d68898d32d98}w64.sys
2014-12-21 22:19 - 2014-12-21 22:19 - 00000000 ____D () C:\Users\Leticia\AppData\Roaming\ASP
2014-12-21 22:09 - 2014-12-21 22:09 - 00003506 _____ () C:\WINDOWS\System32\Tasks\Yahoo! Search
2014-12-21 22:08 - 2014-12-21 22:08 - 00003510 _____ () C:\WINDOWS\System32\Tasks\Yahoo! Search Updater
2014-12-21 22:08 - 2014-12-21 22:08 - 00000000 ____D () C:\Users\Leticia\AppData\Local\Pay-By-Ads
2014-12-21 22:08 - 2014-12-21 22:08 - 00000000 ____D () C:\Users\Leticia\AppData\Local\Local_Weather_LLC
2015-01-05 22:53 - 2014-07-10 13:31 - 00003108 _____ () C:\WINDOWS\System32\Tasks\RegClean Pro
2015-01-05 22:51 - 2014-12-17 13:49 - 00001350 _____ () C:\Users\Leticia\Desktop\Clean Registry for Free!.lnk
2015-01-05 22:50 - 2014-07-10 13:45 - 00000000 ____D () C:\Users\Leticia\AppData\Local\fst_us_148
2015-01-05 22:50 - 2014-07-10 13:21 - 00000000 ____D () C:\Program Files (x86)\findopolis
2014-12-21 22:08 - 2014-12-17 13:53 - 00003076 _____ () C:\WINDOWS\System32\Tasks\Advanced-System Protector_startup
2014-12-21 22:08 - 2014-07-10 13:33 - 00003068 _____ () C:\WINDOWS\System32\Tasks\Right Backup_startup
2014-12-21 22:07 - 2014-07-10 13:46 - 00003830 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00003156 _____ () C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00002460 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00002240 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00001600 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00001600 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1.job
2014-12-21 22:07 - 2014-07-10 13:46 - 00001390 _____ () C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2.job
2014-12-21 22:07 - 2014-07-10 13:38 - 00002140 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4.job
2014-12-21 22:07 - 2014-07-10 13:38 - 00002112 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user.job
2014-12-21 22:07 - 2014-07-10 13:38 - 00002112 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5.job
2014-12-21 22:07 - 2014-07-10 13:38 - 00001522 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1.job
2014-12-21 22:07 - 2014-07-10 13:38 - 00001336 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2.job
2014-12-21 22:07 - 2014-07-10 13:37 - 00003470 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11.job
2014-12-21 22:07 - 2014-07-10 13:37 - 00002814 _____ () C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6.job
2014-12-21 22:06 - 2014-07-10 13:31 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-07-10 13:31 - 2014-07-10 14:37 - 0573493 _____ (ClickMeIn Limited) C:\Users\Leticia\AppData\Local\AnyProtectScannerSetup.exe
C:\Users\Leticia\AppData\Local\Temp\ShopperProJSFull.exe
C:\Users\Leticia\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Leticia\AppData\Local\Temp\SPSetup.exe
C:\Users\Leticia\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_31441.exe
C:\Users\michael\AppData\Local\Temp\SPSetup.exe
File: C:\windows\system32\mscoree.dll
File: C:\windows\SysWOW64\mscoree.dll
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh advfirewall set allprofiles state on
Reboot:
end


*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Coupon Alert Home Page Guard 64 bit => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnTBMon => Value not found.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\YTDownloade r => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SPDriver => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Coupon Alert Search Scope Monitor => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\CouponAlert _2p Browser Plugin Loader => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AnyProtect Scanner => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fst_us_148 => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\upfst_u s_148.exe => Value not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Run\\SPDriver => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Optimizer Pro => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Exetender => Value not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Easy Speed PC => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo! Search => Value not found.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
"C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL" => Value Data removed successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AddonNP.lnk => Moved successfully.
C:\Program Files (x86)\NewPlayer\AddonNP.exe => Moved successfully.
C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk => Moved successfully.
C:\Users\Leticia\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe not found.
C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PricePeepUpdater.lnk => Moved successfully.
C:\Program Files (x86)\PricePeep\PricePeepUpdater.exe => Moved successfully.
C:\Users\Leticia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk => Moved successfully.
C:\Users\Leticia\AppData\Local\WeatherAlerts\WeatherAlerts.exe => Moved successfully.
C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FrostWire On Startup.lnk => Moved successfully.
C:\Program Files (x86)\FrostWire 5\FrostWire.exe not found.
C:\Users\michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk => Moved successfully.
C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe not found.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-580940030-35127617-3160781262-1004\User => Moved successfully.
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-580940030-35127617-3160781262-1001\User => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Main\\Search Bar => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7b9f8c21-46ec-4c0b-8683-e755ef84577a} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{7b9f8c21-46ec-4c0b-8683-e755ef84577a}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}" => Key deleted successfully.
HKCR\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL http://search.conduit.com/Results.as...ce=58&CUI=&UM= => Value not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value deleted successfully.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}" => Key deleted successfully.
HKCR\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5} => Key not found.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" => Key deleted successfully.
HKCR\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => Key not found.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}" => Key deleted successfully.
HKCR\CLSID\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} => Key not found.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}" => Key deleted successfully.
HKCR\CLSID\{7F4EFF06-7032-458e-AE16-1C1D8255C28A} => Key not found.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B45B6130-384E-452D-A2DB-0F3910B9CAB7}" => Key deleted successfully.
HKCR\CLSID\{B45B6130-384E-452D-A2DB-0F3910B9CAB7} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}" => Key deleted successfully.
"HKCR\CLSID\{11111111-1111-1111-1111-110311551110}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511801132} => Key not found.
HKCR\CLSID\{11111111-1111-1111-1111-110511801132} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148} => Key not found.
HKCR\CLSID\{11111111-1111-1111-1111-110611051148} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key deleted successfully.
"HKCR\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully.
"HKCR\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} => Key not found.
HKCR\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
"HKCR\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211621178} => Key not found.
HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110211621178} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{11111111-1111-1111-1111-110311551110}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110311551110}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511801132} => Key not found.
HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511801132} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611051148} => Key not found.
HKCR\Wow6432Node\CLSID\{11111111-1111-1111-1111-110611051148} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{3a421c8f-e238-4aeb-8874-b8b5f2cc4772}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} => Key not found.
HKCR\Wow6432Node\CLSID\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{57437FFF-AF43-472E-9BBD-41AA710B1297}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{57437FFF-AF43-472E-9BBD-41AA710B1297}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{60e91567-ef8a-4520-bce2-83aba5256799}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{60e91567-ef8a-4520-bce2-83aba5256799}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{769a91da-209f-47fe-88b9-b0321b0982c8} => Key not found.
HKCR\Wow6432Node\CLSID\{769a91da-209f-47fe-88b9-b0321b0982c8} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} => Key not found.
HKCR\Wow6432Node\CLSID\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ccfd8427-0c44-4b91-abbb-d6aa65f7d2a1} => Key not found.
HKCR\Wow6432Node\CLSID\{ccfd8427-0c44-4b91-abbb-d6aa65f7d2a1} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
"HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} => Key not found.
"HKCR\Wow6432Node\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{ECCD8756-E877-457F-8C44-4EC20055DDB5}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{ECCD8756-E877-457F-8C44-4EC20055DDB5}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browse r Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
"HKCR\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{ccb24e92-62c4-4c53-95d2-65f9eed476bc} => value deleted successfully.
"HKCR\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3462c343-be19-4143-af70-cefb56f46fc6} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{3462c343-be19-4143-af70-cefb56f46fc6}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value not found.
HKCR\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ccb24e92-62c4-4c53-95d2-65f9eed476bc} => value deleted successfully.
HKCR\Wow6432Node\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc} => Key not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3462C343-BE19-4143-AF70-CEFB56F46FC6} => value deleted successfully.
HKCR\CLSID\{3462C343-BE19-4143-AF70-CEFB56F46FC6} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@CouponAlert_2p.com/Plugin" => Key deleted successfully.
HKLM\Software\Wow6432Node\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0 => Key not found.
C:\Program Files (x86)\Hoopla\npExentCtl.dll not found.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\MozillaPlugins\@lightspark.github.com/Lightspark;version=1" => Key deleted successfully.
C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\2pffxtbr@CouponAlert_ 2p.com => value deleted successfully.
C:\Program Files (x86)\CouponAlert_2p\bar\1.bin => Moved successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Mozilla\Firefox\Extensions\\{8a1a43a3-ee9f-4fff-9c5c-b3063ee1f0e0} => value deleted successfully.
HKU\S-1-5-21-580940030-35127617-3160781262-1001\Software\Mozilla\Firefox\Extensions\\ConsumerInput@Compete => Value not found.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam => Moved successfully.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf directory not found.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa => Moved successfully.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom => Moved successfully.
C:\Users\Leticia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojlbmmdblljkdkicbjdfplphhplkndeg directory not found.
"HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklf a" => Key deleted successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdno m" => Key deleted successfully.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa" => Key deleted successfully.
"HKU\S-1-5-21-580940030-35127617-3160781262-1001\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjapl odkpfmlo => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dghncoeocefmhkhiphdgikk amjeglbfh" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\iagcajndpnfncplednpbnka hadegklfa" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnm ckjnmdnom" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjj opdfpjfjp" => Key deleted successfully.
C:\Users\michael\AppData\Local\Wajam\Chrome\wajam.crx => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajai cnklhfplh" => Key deleted successfully.
BackupStack => Service not found.
consumerinput_update => Service not found.
consumerinput_updatem => Service not found.
CouponAlert_2pService => Service not found.
NewPlayerUpdaterService => Service not found.
PennyBee => Service not found.
Re-markit => Service not found.
servervo => Service not found.
SMUpd => Service not found.
SPBIUpd => Service deleted successfully.
Update findopolis => Service not found.
Update NetCrawl => Service not found.
Util findopolis => Service not found.
WajamUpdater => Service not found.
SMUpdd => Service deleted successfully.
X5XSEx_Pr152 => Service not found.
{173745cd-3937-468f-98f6-d68898d32d98}w64 => Unable to stop service
{173745cd-3937-468f-98f6-d68898d32d98}w64 => Service deleted successfully.
{1de0dec0-675e-482f-a756-fd24c6796c8e}w64 => Unable to stop service
{1de0dec0-675e-482f-a756-fd24c6796c8e}w64 => Service deleted successfully.
sbmntr => Unable to stop service
sbmntr => Service deleted successfully.
SPDRIVER_1.35.1.155 => Unable to stop service
SPDRIVER_1.35.1.155 => Service deleted successfully.
SPDRIVER_1.37.0.193 => Unable to stop service
SPDRIVER_1.37.0.193 => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{06A8DB4B-697B-4937-A068-F07D3CDF4853}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06A8DB4B-697B-4937-A068-F07D3CDF4853}" => Key deleted successfully.
C:\Windows\System32\Tasks\iWebar-chromeinstaller => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-chromeinstaller" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0764F78F-264B-4817-AFAE-90D757395FA8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0764F78F-264B-4817-AFAE-90D757395FA8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{E5428C95-CA2F-40EF-961A-A50957D5AFCD} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5428C95-CA2F-40EF-961A-A50957D5AFCD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B9DE1FD-6C98-4658-B995-F485959034C2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B9DE1FD-6C98-4658-B995-F485959034C2}" => Key deleted successfully.
C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_333836343835303334352d2d5b5 0342a415545 6c5a236c not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_33383634383 5303334352d2d5b50342a415545 6c5a236c => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{121CD599-9FDE-4C4D-A726-6D7440767531} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16229990-4EAF-4D96-AEBA-AB7FA0AC9D4A} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-5_user => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17965C67-2C46-4B4C-A453-002C32CE88D0} => Key not found.
C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineUA not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineUA => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{285B017D-14AB-4DE4-8374-FA4A703FA34F} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-6 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2930FB7C-EB87-46CD-BC4B-824B9D4979C3} => Key not found.
C:\Windows\System32\Tasks\CIMT_daily_S-1-5-21-580940030-35127617-3160781262-1001 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIMT_daily_S-1-5-21-580940030-35127617-3160781262-1001 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29F60423-AF23-4493-83A0-73A4F892E4D8} => Key not found.
C:\Windows\System32\Tasks\RegClean Pro_DEFAULT not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_DEFAULT => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BC6A59F-CA65-42E2-9F99-D74285AE19D8} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-11 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E8E3D23-1F09-4B15-8EAF-FDF5353E7679} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{331D2001-C1B4-466F-9D84-F2DABC4DC27D} => Key not found.
C:\Windows\System32\Tasks\Updater26278.exe not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater26278.exe => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37D99F27-D4AE-4635-A258-40294D5C787C} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-1 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41233670-5E85-4A6E-B050-39EEB0DAEBEE} => Key not found.
C:\Windows\System32\Tasks\CIMT_S-1-5-21-580940030-35127617-3160781262-1001 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIMT_S-1-5-21-580940030-35127617-3160781262-1001 => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{41978C42-8932-4E56-A176-012B8111F094}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{41978C42-8932-4E56-A176-012B8111F094}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTDownloaderUpd => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloaderUpd" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42719407-214D-4D8A-BC82-8CFA2F5BFB63} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-4 => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{48BA66C5-9CE5-4F6C-9B0C-7F91D9CBE1D5}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48BA66C5-9CE5-4F6C-9B0C-7F91D9CBE1D5}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMup date3" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{60E68DCF-CA13-40CC-AFC2-CADABCC81EFB} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C59312F-3E0C-46D2-9043-0D85E52B9485} => Key not found.
C:\Windows\System32\Tasks\temp_56ce3484-b669-4c8b-8489-666612b8aac7-2 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_56ce3484-b669-4c8b-8489-666612b8aac7-2 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{733F4A68-09B5-45DB-90DE-2AA2C8621D00} => Key not found.
C:\Windows\System32\Tasks\RegClean Pro not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7613DA2A-23C5-4EB6-B4BA-CD8873A5F804}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7613DA2A-23C5-4EB6-B4BA-CD8873A5F804}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMu pdate2" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79524917-C578-4213-82D3-82BD2487BCC2} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-11 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{931367DF-98DD-4FA5-A3AE-AAC77F7A6B25} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-4 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A4EA2991-D0EA-4538-B5E6-1B00D1B7D584} => Key not found.
C:\Windows\System32\Tasks\Advanced-System Protector_startup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced-System Protector_startup => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACF03591-CAAA-4893-9852-26CAEE647C1D} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-7 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-7 => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B76D503E-28B5-4F6E-9C84-D817454EB592}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B76D503E-28B5-4F6E-9C84-D817454EB592}" => Key deleted successfully.
C:\Windows\System32\Tasks\iWebar-firefoxinstaller => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-firefoxinstaller" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC3DB9BC-6B77-41F4-A297-B5261BD9793A} => Key not found.
C:\Windows\System32\Tasks\ConsumerInputUpdateTaskMachineCore not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ConsumerInputUpdateTaskMachineCor e => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE50D567-8466-439B-B1D5-DE6DE7CD057F} => Key not found.
C:\Windows\System32\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\56ce3484-b669-4c8b-8489-666612b8aac7-3 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2A4AA41-14D6-41C2-9BDC-5F21B97346BB} => Key not found.
C:\Windows\System32\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3E359BD-21F1-403E-A745-D1E0BA925049} => Key not found.
C:\Windows\System32\Tasks\RegClean Pro_UPDATES not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegClean Pro_UPDATES => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDF770DA-FE8D-43C5-BAA1-810147FEE27B} => Key not found.
C:\Windows\System32\Tasks\Yahoo! Search Updater not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search Updater => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EEA0FC31-811F-4D14-86AD-53F73EB27D8E} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-5 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7A9DCD4-1569-49E3-AFA8-65865697C144} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-7 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-7 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB804D2A-5867-41B3-BD6C-0A0CAD6D3610} => Key not found.
C:\Windows\System32\Tasks\Yahoo! Search not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Yahoo! Search => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC5B2C3D-8693-4E07-BE3D-E0E04438AF8B} => Key not found.
C:\Windows\System32\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\98bd8955-5681-454d-960c-17eab7511bad-6 => Key not found.
C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-11.job not found.
C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6.job not found.
C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-7.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6.job not found.
C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-7.job not found.
C:\WINDOWS\Tasks\CIMT_daily_S-1-5-21-580940030-35127617-3160781262-1001.job not found.
C:\WINDOWS\Tasks\CIMT_S-1-5-21-580940030-35127617-3160781262-1001.job not found.
C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineCore.job not found.
C:\WINDOWS\Tasks\ConsumerInputUpdateTaskMachineUA.job not found.
C:\WINDOWS\Tasks\iWebar-chromeinstaller.job => Moved successfully.
C:\WINDOWS\Tasks\iWebar-firefoxinstaller.job => Moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job not found.
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job not found.
C:\WINDOWS\Tasks\temp_56ce3484-b669-4c8b-8489-666612b8aac7-2.job not found.
C:\Program Files (x86)\CouponAlert_2p => Moved successfully.
"C:\Program Files (x86)\AskPartnerNetwork" => File/Directory not found.
C:\Program Files (x86)\YTDownloader => Moved successfully.
C:\Program Files (x86)\ShopperPro => Moved successfully.
"C:\PROGRA~2\COUPON~2" => File/Directory not found.
"C:\Program Files (x86)\AnyProtectEx" => File/Directory not found.
"C:\Program Files (x86)\fst_us_148" => File/Directory not found.
"C:\Users\Leticia\AppData\Local\fst_us_148" => File/Directory not found.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
C:\Program Files (x86)\Optimizer Pro => Moved successfully.
"C:\Program Files (x86)\Hoopla" => File/Directory not found.
C:\Program Files (x86)\Probit Software => Moved successfully.
C:\Users\Leticia\AppData\Local\Pay-By-Ads => Moved successfully.
C:\Program Files (x86)\NewPlayer => Moved successfully.
C:\Users\Leticia\AppData\Local\WeatherAlerts => Moved successfully.
C:\Program Files (x86)\PricePeep => Moved successfully.
"C:\Program Files (x86)\FrostWire 5" => File/Directory not found.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
"C:\Program Files (x86)\iWebar" => File/Directory not found.
"C:\Program Files (x86)\PalMall" => File/Directory not found.
"C:\Program Files (x86)\Cinema-Plus-1.2" => File/Directory not found.
C:\ProgramData\ShopperPro => Moved successfully.
"C:\Program Files (x86)\Consumer Input" => File/Directory not found.
"C:\Program Files (x86)\Solid Savings" => File/Directory not found.
"C:\Program Files (x86)\SearchDonkey" => File/Directory not found.
"C:\Users\michael\AppData\Local\getsav-in" => File/Directory not found.
"C:\Program Files (x86)\NetCrawl" => File/Directory not found.
C:\Users\michael\AppData\Local\Playtopus => Moved successfully.
C:\Program Files (x86)\Wajam => Moved successfully.
"C:\Program Files (x86)\mystarttb" => File/Directory not found.
"C:\Program Files (x86)\findopolis" => File/Directory not found.
"C:\ProgramData\WeCareReminder" => File/Directory not found.
C:\Program Files (x86)\PennyBee => Moved successfully.
C:\Program Files (x86)\Re-markit-soft => Moved successfully.
"C:\ProgramData\AskPartnerNetwork" => File/Directory not found.
"C:\Program Files (x86)\MyPC Backup" => File/Directory not found.
"C:\Program Files (x86)\Consumer Input" => File/Directory not found.
"C:\Program Files (x86)\CouponAlert_2p" => File/Directory not found.
"C:\Program Files (x86)\NewPlayer" => File/Directory not found.
"C:\Program Files (x86)\PennyBee" => File/Directory not found.
"C:\Program Files (x86)\Re-markit-soft" => File/Directory not found.
C:\Users\Leticia\AppData\Roaming\VOPackage => Moved successfully.
C:\Program Files\Common Files\Goobzo => Moved successfully.
C:\Program Files\Common Files\ShopperPro => Moved successfully.
"C:\Program Files (x86)\findopolis" => File/Directory not found.
"C:\Program Files (x86)\NetCrawl" => File/Directory not found.
C:\Windows\System32\drivers\{173745cd-3937-468f-98f6-d68898d32d98}w64.sys => Moved successfully.
C:\Windows\System32\drivers\{1de0dec0-675e-482f-a756-fd24c6796c8e}w64.sys => Moved successfully.
"C:\Program Files (x86)\YTDownloader" => File/Directory not found.
"C:\Program Files (x86)\FMS" => File/Directory not found.
"C:\Program Files (x86)\RegClean Pro" => File/Directory not found.
C:\Users\michael\AppData\Local\Updater26278 => Moved successfully.
"C:\PROGRA~1\COMMON~1\System\SysMenu.dll" => File/Directory not found.
"C:\Program Files (x86)\ASP" => File/Directory not found.
"C:\WINDOWS\system32\Drivers\{173745cd-3937-468f-98f6-d68898d32d98}w64.sys" => File/Directory not found.
C:\Users\Leticia\AppData\Roaming\ASP => Moved successfully.
"C:\WINDOWS\System32\Tasks\Yahoo! Search" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\Yahoo! Search Updater" => File/Directory not found.
"C:\Users\Leticia\AppData\Local\Pay-By-Ads" => File/Directory not found.
C:\Users\Leticia\AppData\Local\Local_Weather_LLC => Moved successfully.
"C:\WINDOWS\System32\Tasks\RegClean Pro" => File/Directory not found.
"C:\Users\Leticia\Desktop\Clean Registry for Free!.lnk" => File/Directory not found.
"C:\Users\Leticia\AppData\Local\fst_us_148" => File/Directory not found.
"C:\Program Files (x86)\findopolis" => File/Directory not found.
"C:\WINDOWS\System32\Tasks\Advanced-System Protector_startup" => File/Directory not found.
C:\WINDOWS\System32\Tasks\Right Backup_startup => Moved successfully.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-11.job" => File/Directory not found.
"C:\WINDOWS\Tasks\2b6328a9-11c8-46e0-8547-2efb3aafcaa4-3.job" => File/Directory not found.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-3.job" => File/Directory not found.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-4.job" => File/Directory not found.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-6.job" => File/Directory not found.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-1.job" => File/Directory not found.
"C:\WINDOWS\Tasks\56ce3484-b669-4c8b-8489-666612b8aac7-2.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-4.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5_user.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-5.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-1.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-2.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-11.job" => File/Directory not found.
"C:\WINDOWS\Tasks\98bd8955-5681-454d-960c-17eab7511bad-6.job" => File/Directory not found.
"C:\Program Files (x86)\NetCrawl" => File/Directory not found.
C:\Users\Leticia\AppData\Local\AnyProtectScannerSetup.exe => Moved successfully.
C:\Users\Leticia\AppData\Local\Temp\ShopperProJSFull.exe => Moved successfully.
C:\Users\Leticia\AppData\Local\Temp\ShopperProJSINJFull.exe => Moved successfully.
C:\Users\Leticia\AppData\Local\Temp\SPSetup.exe => Moved successfully.
C:\Users\Leticia\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_N360_31441.exe => Moved successfully.
C:\Users\michael\AppData\Local\Temp\SPSetup.exe => Moved successfully.

========================= File: C:\windows\system32\mscoree.dll ========================

MD5: 2A857CCAFE18B1D396484AC9CC0B9B80
Creation and modification date: 2013-08-22 06:04 - 2013-08-22 06:04
Size: 0382976
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: mscoree.dll
Original Name: mscoree.dll
Product Name: Microsoft® Windows® Operating System
Description: Microsoft .NET Runtime Execution Engine
File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
Product Version: 6.3.9600.16384
Copyright: © Microsoft Corporation. All rights reserved.

====== End Of File: ======


========================= File: C:\windows\SysWOW64\mscoree.dll ========================

MD5: 84F20198CAE435DE32ABDB4511550BD7
Creation and modification date: 2013-08-21 22:40 - 2013-08-21 22:40
Size: 0330240
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: mscoree.dll
Original Name: mscoree.dll
Product Name: Microsoft® Windows® Operating System
Description: Microsoft .NET Runtime Execution Engine
File Version: 6.3.9600.16384 (winblue_rtm.130821-1623)
Product Version: 6.3.9600.16384
Copyright: © Microsoft Corporation. All rights reserved.

====== End Of File: ======


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state on =========

Ok.


========= End of CMD: =========



The system needed a reboot.

==== End of Fixlog 21:42:12 ====

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz, Intel64 Family 6 Model 37 Stepping 2
Processor Count: 4
RAM: 3891 Mb
Graphics Card: Intel(R) HD Graphics, 1721 Mb
Hard Drives: C: Total - 295335 MB, Free - 219428 MB;
Motherboard: LENOVO, 2537C84
Antivirus: ThreatTrack Security VIPRE, Updated and Enabled

I should note that my Lenovo had its battery in and power cable connected. It was also hooked up to a wireless logitec keyboard, a usb cable mouse, and monitor via an old multi-pin hdmi cable at the time of the problem.


Hello, a few hours ago my laptop suddenly froze and started behaving in a way that I've never seen before and I believe something has compromised my security.
Before the incident I was working on Microsoft Word 2013, had google chrome with 3 open tabs, (which consisted of 2 Rutgers University links and this link that had 3 streaming music playlists for studying. http://www.300hours.com/blog/6-quick...d#.VQ94y_nF-VU ), and was running a system scan on my antivirus.

I then started up OriginPro9.1 which is a data analysis and graphing software. As soon as I clicked on it the CPU/RAM monitoring widget I have on my desktop spiked its CPU usage to over 50% and even hit 100% multiple times (which is far more than it has ever gone up in the past, even with chrome, word, and origin open simultaneously). It continued to fluctuate between 1% and 100%
Then I couldnt exit out of any programs and the screen eventually turned completely black except that I could still control my mouse pointer. I tried to force quit but nothing happened. Then after a few minutes I got a popup on the black screen that said something about a logon error and that i should hit [esc] or turn the laptop off manually if [esc] didnt work.
Eventually some grey desktop background appeared, along with my taskbar and CPU meter. I still had no control of the system. Lastly, my own desktop background reappeared only without the taskbar. I waited some more and then the process started repeating itself in the exact manner I just described. After I sat through 2 complete cycles of that, I shut off the laptop and booted up again. I would have shut off the laptop much sooner but i didnt want to lose my word document that I had yet to save.

Strangely, throughout the entire duration of the crash, the music i was streaming never stopped playing as well as the CPU meter continued giving live data.

Ever since I rebooted, having as little as a single tab on chrome open spikes the CPU usage over 35% along with my RAM consumption periodically increasing from 40% to 65% and is still rising... I've run several full system scans with my internet security/antivirus program that I just payed $50 for a couple weeks ago and no threats come up.

I'm at a complete loss about what happened and what I should do, and I really need some help. Thank you.

I apologised in my first post for the initial delay which is unavoidable on such a very popular forum manned only by trained volunteers, (for FREE, in our own time and for no other gratification than helping people such as yourself).

However, I answered on 30 Dec, (albeit a considerable time after you posted), and you didn’t reply until 3 weeks later which is why there was no response.


Secondly, none of the tools you ran could cause any damage as they were only diagnostic tools, (those that show the current state of the computer). I didn’t get as far as “fixing” anything because you didn’t reply for 22 days.

I don’t intend to respond to this again but will finally say that I’m pleased that ingratitude is something we rarely come across.

Good luck

Satchfan

Over the weekend my brother in law asked me if i could reinstall windows 7 on his sister's laptop because she accidently downloaded a virus into it. I booted the recovery partition & got this error message "An Error has occured. Error: F3-F100-0010 Click OK to shut down your PC." When i googled the error i found out it was being caused by the virus so i ran the Windows Malicious Software Removal Tool & it removed 53 infections then it asked to restart the computer. When the computer restarted windows did not load, instead i got the message "No Bootable Devices - Insert boot disk and press any key" I restarted the laptop again & tried loading the recovery partition by holding the zero key at startup & the same thing happened. The owner of the laptop doesn't have any cd's for it & i don't have a windows 7 cd either. Even if i did have a install dvd the information on the product key & serial tag have faded away as seen in the attached photos. I'll also attach an image of what the monitor displays instead of loading windows.

Known Specs.
Toshiba Satellite E-205
Windows 7 Home Premium, 64-bit
Serial Number available upon request.

P.S. I was able to make the serial number readable by shining a flashlight on it at a 30 degree angle. Tried it on product key, no luck unfortunately.

Attached Images

	0323151240.jpg (308.8 KB)
	0323151236.jpg (210.0 KB)
	0323151237.jpg (212.8 KB)

Oh yeah, I forgot to mention but after this happened I couldn't boot from CD and one of my USB ports isn't visible for booting. I guess now I understand the details to that better. Also a couple of times the position of the bootable USBs reversed.

It took longer than it should have because I couldn't reach the file text due to the stick being bootable I think, and so I had to keep restarting way more than needed. So I did manually and here is the log...

Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by SYSTEM at 2015-03-24 01:39:53
Running from g:\
Boot Mode: Recovery

================== Search Files: "Bootcat.cache;vmbus.sys;vmstorfl.sys;MpFilter.sys;mpsohci.sys;iaStor.sys;g fibto.sys;compbat.sys;amdxata.sys" =============

C:\Windows\winsxs\amd64_wvmbus.inf_31bf3856ad364e35_6.1.7601.17514_none_97a 6ab0ec0a6e89a\vmbus.sys
[2012-07-01 11:36][2010-11-20 05:34] 0199552 ____A (Microsoft Corporation) 86EA3E79AE350FEA5331A1303054005F

C:\Windows\winsxs\amd64_wstorflt.inf_31bf3856ad364e35_6.1.7601.17514_none_1 eb9f40a2eecbab3\vmstorfl.sys
[2012-07-01 11:35][2010-11-20 05:34] 0046464 ____A (Microsoft Corporation) 7785DC213270D2FC066538DAF94087E7

C:\Windows\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.21680_none_aa ccc8deb1e48f1e\amdxata.sys
[2013-02-20 15:59][2011-03-10 22:18] 0027008 ____A (Advanced Micro Devices) 91F0F51F579BE0C3E8A85B57A8637D2D

C:\Windows\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17577_none_aa 54fe0598b884c4\amdxata.sys
[2013-02-20 15:59][2011-03-10 22:41] 0027008 ____A (Advanced Micro Devices) 540DAF1CEA6094886D72126FD7C33048

C:\Windows\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7601.17514_none_aa 92dcaf988a9119\amdxata.sys
[2012-07-01 11:35][2010-11-20 05:32] 0027008 ____A (Advanced Micro Devices) 1142A21DB581A84EA5597B03A26EBAA0

C:\Windows\System32\DriverStore\FileRepository\wvmbus.inf_amd64_neutral_fca 91999602b0343\vmbus.sys
[2012-07-01 11:36][2010-11-20 05:34] 0199552 ____A (Microsoft Corporation) 86EA3E79AE350FEA5331A1303054005F

C:\Windows\System32\DriverStore\FileRepository\wstorflt.inf_amd64_neutral_3 db956c41708f7f5\vmstorfl.sys
[2012-07-01 11:35][2010-11-20 05:34] 0046464 ____A (Microsoft Corporation) 7785DC213270D2FC066538DAF94087E7

C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_amd64_neutral_16d 1c1de1eca8452\iaStor.sys
[2011-04-25 19:07][2011-04-25 19:07] 0557848 ____N (Intel Corporation) 26CF4275034214ECEDD8EC17B0A18A99

C:\Windows\System32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_67 db50590108ebd9\amdxata.sys
[2012-07-01 11:35][2010-11-20 05:32] 0027008 ____A (Advanced Micro Devices) 1142A21DB581A84EA5597B03A26EBAA0

C:\Windows\System32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_5c 3d0d1e97e99e10\amdxata.sys
[2013-02-20 15:59][2011-03-10 22:41] 0027008 ____A (Advanced Micro Devices) 540DAF1CEA6094886D72126FD7C33048

X:\Windows\winsxs\amd64_wvmbus.inf_31bf3856ad364e35_6.1.7600.16385_none_957 59746c3b86500\vmbus.sys
[2009-07-13 19:01][2009-07-13 19:01] 0200272 ____A (Microsoft Corporation) 1501699D7EDA984ABC4155A7DA5738D1

X:\Windows\winsxs\amd64_wstorflt.inf_31bf3856ad364e35_6.1.7600.16385_none_1 c88e04231fe3719\vmstorfl.sys
[2009-07-13 19:01][2009-07-13 19:01] 0046672 ____A (Microsoft Corporation) FFD7A6F15B14234B5B0E5D49E7961895

X:\Windows\winsxs\amd64_amdsata.inf_31bf3856ad364e35_6.1.7600.16385_none_a8 61c8e79b9c0d7f\amdxata.sys
[2009-07-13 19:01][2009-07-13 19:01] 0028752 ____A (Advanced Micro Devices) B4AD0CACBAB298671DD6F6EF7E20679D

X:\Windows\System32\DriverStore\FileRepository\wvmbus.inf_amd64_neutral_f6b 968c04185b840\vmbus.sys
[2009-07-13 19:01][2009-07-13 19:01] 0200272 ____A (Microsoft Corporation) 1501699D7EDA984ABC4155A7DA5738D1

X:\Windows\System32\DriverStore\FileRepository\wstorflt.inf_amd64_neutral_f 91032fad599ad3e\vmstorfl.sys
[2009-07-13 19:01][2009-07-13 19:01] 0046672 ____A (Microsoft Corporation) FFD7A6F15B14234B5B0E5D49E7961895

X:\Windows\System32\DriverStore\FileRepository\amdsata.inf_amd64_neutral_fa 9a4835d180b5fc\amdxata.sys
[2009-07-13 19:01][2009-07-13 19:01] 0028752 ____A (Advanced Micro Devices) B4AD0CACBAB298671DD6F6EF7E20679D

X:\Windows\System32\drivers\amdxata.sys
[2009-07-13 19:01][2009-07-13 19:01] 0028752 ____A (Advanced Micro Devices) B4AD0CACBAB298671DD6F6EF7E20679D

X:\Windows\System32\drivers\vmbus.sys
[2009-07-13 19:01][2009-07-13 19:01] 0200272 ____A (Microsoft Corporation) 1501699D7EDA984ABC4155A7DA5738D1

X:\Windows\System32\drivers\vmstorfl.sys
[2009-07-13 19:01][2009-07-13 19:01] 0046672 ____A (Microsoft Corporation) FFD7A6F15B14234B5B0E5D49E7961895

====== End Of Search ======

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-03-2015
Ran by Angela Marie at 2015-03-23 20:30:38 Run:1
Running from C:\Users\Angela Marie\Desktop
Loaded Profiles: Angela Marie (Available profiles: Angela Marie)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP3Writer.dll ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP3Writer.dll ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP3Encoder.dll ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\CoreAAC.ax ()
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
CustomCLSID: HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}\InprocServer32 -> C:\Users\Angela Marie\AppData\Roaming\Smilebox\MP4Splitter.ax (Gabest)
Task: {210262EA-62FB-460B-8875-089708AF001D} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {210262EA-62FB-460B-8875-089708AF001D} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {6BED0B58-AF8E-4017-B66C-364665E269FD} - System32\Tasks\Uninstaller_SkipUac_Angela_Marie => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {6BED0B58-AF8E-4017-B66C-364665E269FD} - System32\Tasks\Uninstaller_SkipUac_Angela_Marie => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {75506C85-EF94-4C77-8587-F6A1DC40DDFA} - System32\Tasks\ASC8_SkipUac_Angela Marie => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {75506C85-EF94-4C77-8587-F6A1DC40DDFA} - System32\Tasks\ASC8_SkipUac_Angela Marie => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {75A5EB1E-18BE-4300-8896-716152BE7FB3} - System32\Tasks\Driver Booster SkipUAC (Angela Marie) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {75A5EB1E-18BE-4300-8896-716152BE7FB3} - System32\Tasks\Driver Booster SkipUAC (Angela Marie) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {A80C7AD3-06A9-4545-ADDA-2116FE9E5168} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {A80C7AD3-06A9-4545-ADDA-2116FE9E5168} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {CED74CB3-BE86-4415-A98A-BB16B6EBE928} - System32\Tasks\RegCure Pro Startup => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe [2015-01-19] (ParetoLogic, Inc.)
Task: {CED74CB3-BE86-4415-A98A-BB16B6EBE928} - System32\Tasks\RegCure Pro Startup => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe [2015-01-19] (ParetoLogic, Inc.)
Task: {DCAF7118-5FF3-4F5B-9F55-5A0BA42958A4} - System32\Tasks\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939} => pcalua.exe -a "C:\Users\Angela Marie\Desktop\LimeWire.exe" -d "C:\Users\Angela Marie\Desktop"
Task: {DCAF7118-5FF3-4F5B-9F55-5A0BA42958A4} - System32\Tasks\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939} => pcalua.exe -a "C:\Users\Angela Marie\Desktop\LimeWire.exe" -d "C:\Users\Angela Marie\Desktop"
Task: {EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {210262EA-62FB-460B-8875-089708AF001D} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {210262EA-62FB-460B-8875-089708AF001D} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {6BED0B58-AF8E-4017-B66C-364665E269FD} - System32\Tasks\Uninstaller_SkipUac_Angela_Marie => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {6BED0B58-AF8E-4017-B66C-364665E269FD} - System32\Tasks\Uninstaller_SkipUac_Angela_Marie => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-20] (IObit)
Task: {75506C85-EF94-4C77-8587-F6A1DC40DDFA} - System32\Tasks\ASC8_SkipUac_Angela Marie => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {75506C85-EF94-4C77-8587-F6A1DC40DDFA} - System32\Tasks\ASC8_SkipUac_Angela Marie => C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe [2015-01-27] (IObit)
Task: {75A5EB1E-18BE-4300-8896-716152BE7FB3} - System32\Tasks\Driver Booster SkipUAC (Angela Marie) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {75A5EB1E-18BE-4300-8896-716152BE7FB3} - System32\Tasks\Driver Booster SkipUAC (Angela Marie) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe [2015-03-09] (IObit)
Task: {A80C7AD3-06A9-4545-ADDA-2116FE9E5168} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {A80C7AD3-06A9-4545-ADDA-2116FE9E5168} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe [2015-01-23] (IObit)
Task: {B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2015-02-13] (IObit)
Task: {EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: C:\Windows\Tasks\RegCure Pro Startup.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\RegCure Pro Startup.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe
Task: C:\Windows\Tasks\RegCure Pro_sch_BB0268C4-D00D-11E4-8B38-001E6880F4F1.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegCure Pro_sch_BB0268C4-D00D-11E4-8B38-001E6880F4F1.job => C:\Program Files\ParetoLogic\RegCure Pro\RegCurePro.exe <==== ATTENTION
2015-03-21 04:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-21 04:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-03-21 04:33 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 8\webres.dll
2015-03-21 04:34 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2015-03-21 04:34 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2015-03-21 04:34 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2015-03-21 04:34 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2015-03-21 04:34 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-03-21 04:34 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl

*****************

"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{1383A31C-26AC-4d88-91F1-EEAD77D81FA6} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{4665E44B-8B9A-4515-A086-E94ECE374608} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC}" => Key deleted successfully.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{6AC7C19E-8CA0-4E3D-9A9F-2881DE29E0AC} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{919AB5F1-1C34-47a2-9C02-17128222C7CF}" => Key deleted successfully.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{BBFC1A2A-D3A2-4610-847D-26592022F86E} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{D3D9D58B-45B5-48AB-B199-B8C40560AEC7} => Key not found.
"HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}" => Key deleted successfully.
HKU\S-1-5-21-870383816-1840095418-3521214770-1000_Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{210262EA-62FB-460B-8875-089708AF001D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{210262EA-62FB-460B-8875-089708AF001D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BED0B58-AF8E-4017-B66C-364665E269FD} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Angela_Marie => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Angela_Marie" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BED0B58-AF8E-4017-B66C-364665E269FD} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Angela_Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Angela_Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75506C85-EF94-4C77-8587-F6A1DC40DDFA} => Key not found.
C:\Windows\System32\Tasks\ASC8_SkipUac_Angela Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_Angela Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75506C85-EF94-4C77-8587-F6A1DC40DDFA} => Key not found.
C:\Windows\System32\Tasks\ASC8_SkipUac_Angela Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_Angela Marie => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75A5EB1E-18BE-4300-8896-716152BE7FB3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A5EB1E-18BE-4300-8896-716152BE7FB3}" => Key deleted successfully.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Angela Marie) => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Angela Marie)" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A5EB1E-18BE-4300-8896-716152BE7FB3} => Key not found.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Angela Marie) not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Angela Marie) => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A80C7AD3-06A9-4545-ADDA-2116FE9E5168} => Key not found.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A80C7AD3-06A9-4545-ADDA-2116FE9E5168} => Key not found.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CED74CB3-BE86-4415-A98A-BB16B6EBE928}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CED74CB3-BE86-4415-A98A-BB16B6EBE928}" => Key deleted successfully.
C:\Windows\System32\Tasks\RegCure Pro Startup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegCure Pro Startup" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CED74CB3-BE86-4415-A98A-BB16B6EBE928} => Key not found.
C:\Windows\System32\Tasks\RegCure Pro Startup not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RegCure Pro Startup => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCAF7118-5FF3-4F5B-9F55-5A0BA42958A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCAF7118-5FF3-4F5B-9F55-5A0BA42958A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCAF7118-5FF3-4F5B-9F55-5A0BA42958A4} => Key not found.
C:\Windows\System32\Tasks\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939} not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5CAF0FD-6685-4D06-AA57-9E47BC31D939} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56}" => Key deleted successfully.
C:\Windows\System32\Tasks\ParetoLogic Registration3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} => Key not found.
C:\Windows\System32\Tasks\ParetoLogic Registration3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{210262EA-62FB-460B-8875-089708AF001D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{210262EA-62FB-460B-8875-089708AF001D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Update not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Update => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BED0B58-AF8E-4017-B66C-364665E269FD} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Angela_Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Angela_Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BED0B58-AF8E-4017-B66C-364665E269FD} => Key not found.
C:\Windows\System32\Tasks\Uninstaller_SkipUac_Angela_Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Uninstaller_SkipUac_Angela_Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75506C85-EF94-4C77-8587-F6A1DC40DDFA} => Key not found.
C:\Windows\System32\Tasks\ASC8_SkipUac_Angela Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_Angela Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75506C85-EF94-4C77-8587-F6A1DC40DDFA} => Key not found.
C:\Windows\System32\Tasks\ASC8_SkipUac_Angela Marie not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_SkipUac_Angela Marie => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A5EB1E-18BE-4300-8896-716152BE7FB3} => Key not found.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Angela Marie) not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Angela Marie) => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A5EB1E-18BE-4300-8896-716152BE7FB3} => Key not found.
C:\Windows\System32\Tasks\Driver Booster SkipUAC (Angela Marie) not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Angela Marie) => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A80C7AD3-06A9-4545-ADDA-2116FE9E5168} => Key not found.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A80C7AD3-06A9-4545-ADDA-2116FE9E5168} => Key not found.
C:\Windows\System32\Tasks\ASC8_PerformanceMonitor not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASC8_PerformanceMonitor => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B57ABF83-A381-40AB-A6C3-2B9AE3B8C88D} => Key not found.
C:\Windows\System32\Tasks\Driver Booster Scan not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scan => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} => Key not found.
C:\Windows\System32\Tasks\ParetoLogic Registration3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3 => Key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EB6512AB-3BA3-4AEE-8E42-64B2D8EA2C56} => Key not found.
C:\Windows\System32\Tasks\ParetoLogic Registration3 not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Registration3 => Key not found.
C:\Windows\Tasks\RegCure Pro Startup.job => Moved successfully.
C:\Windows\Tasks\RegCure Pro Startup.job not found.
C:\Windows\Tasks\RegCure Pro_sch_BB0268C4-D00D-11E4-8B38-001E6880F4F1.job => Moved successfully.
C:\Windows\Tasks\RegCure Pro_sch_BB0268C4-D00D-11E4-8B38-001E6880F4F1.job not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madExcept_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madBasic_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\madDisAsm_.bpl" => File/Directory not found.
"C:\Program Files\IObit\Advanced SystemCare 8\webres.dll" => File/Directory not found.
C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl => Moved successfully.
"C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl" => File/Directory not found.
C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl => Moved successfully.
"C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl" => File/Directory not found.
C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl => Moved successfully.
"C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl" => File/Directory not found.

==== End of Fixlog 20:31:28 ====

I see that this subject was addressed in November and marked as closed. I did not learn form the thread what to do or if this is malware. Should I click on the OK prompt to accept the change to my start menu ? Should I uninstall it ?

When I boot up my Toshiba Satellite with windows 8.1 we get the following dialog box :

START MENU UPDATED.
The Start Menu was updated to the latest version.

What's New:

Critical fix for apps requiring Adobe Flash Driver
Critical Fix for Start Menu
Increased Battery life with performance improvements
New dull-acreen start menu for touch screens'
General bug fixes
Updated Terms of Use

OK ?

When I click on terms of use it takes me to Sweet Labs

SWEETLABS TERMS OF SERVICE
SweetLabs, Inc. (“we” or “SweetLabs”) welcomes You to our websites, software, products and services (our “Services”) owned and operated by SweetLabs which post, include or link to these Terms of Service (the “Agreement”).
THIS AGREEMENT GOVERNS YOUR USE OF THE SERVICES PROVIDED BY SWEETLABS. By using, downloading, installing or visiting our services, YOU OR THE ENTITY OR COMPANY THAT YOU REPRESENT ("YOU"), acknowledge that you accept the terms, conditions, restrictions and policies outlined in this agreement, including our Privacy Policy, AVAILABLE AT http://r.sweetlabs.com/win-privacy-policy. Please read the following agreement carefully.
1. LICENSE. You accept this Agreement by actually using the Services. You may not use the Services if you do not accept this Agreement. Subject to Your compliance with all the terms of this Agreement, SweetLabs hereby grants You a limited, personal, non-assignable, non-sublicenseable, non-exclusive, non-transferable license to use the Services solely for Your personal use and solely in accordance with any documentation that accompanies it.
2. USAGE. You agree to use the Services only for the purposes that are permitted by this Agreement and by any applicable law, regulation, or generally accepted practices or guidelines in any relevant jurisdiction (including any laws governing the export or import of data or software to and from the United States or other relevant jurisdictions). You may not use the Services, if you are under the age of thirteen (13) or you are a person barred from using or receiving the Services under the laws of the United States or other relevant jurisdiction.
3. RESTRICTIONS. You agree not to, and agree not to permit anyone else to: (i) misuse the Services, or engage in any activity that damages, interferes with or disrupts the Services; (ii) copy or distribute the Services; (iii) modify, reverse engineer, disassemble, decompile or otherwise attempt to discover the source code or structure, sequence and organization of the Services; (iv) license, sell, rent, lease, transfer or host the Services; (v) use the Services to infringe the intellectual property rights or proprietary rights, or rights of publicity or privacy, of any third party; (vi) use the Services to violate any law, statute, ordinance or regulation; (vii) use the Services to disseminate information or materials that is infringing, harmful, threatening, abusive, harassing, tortuous, defamatory, vulgar, obscene, libelous, or otherwise objectionable; or (viii) use the Services to disseminate any software viruses or any other computer code, files or programs that may interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment.

The term of use keeps going on and on for another 10 paragraphs.

What is this ?

Note - we've been having problems with this PC recently. I have done restores twice to dates in early February. Wondering if this Sweet Labs is the culprit. The dialog box from sweet Labs will not go away unless I click OK

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD A8-5500 APU with Radeon(tm) HD Graphics, AMD64 Family 21 Model 16 Stepping 1
Processor Count: 4
RAM: 5310 Mb
Graphics Card: AMD Radeon HD 7560D, 768 Mb
Hard Drives: C: Total - 926979 MB, Free - 884732 MB;
Motherboard: LENOVO,
Antivirus: Windows Defender, Disabled

Hello, just recently (about a week now) my pc has really slowed down considerably. When checking out other threads here, I saw one that basically fit what I'm going through, so I went ahead and followed the beginning instructions: Please download MiniToolBox and run it.
Double click MiniToolBox.exe to launch the program.
Checkmark only the following boxes in the list:

Flush DNS
List Installed Programs
List Users, Partitions and Memory size

Click Go to start the scan.
When finished a log Result.txt will open.
Please post the contents of that log in your next reply.

results of MiniToolBox:

MiniToolBox by Farbar Version: 09-03-2015
Ran by necklacemaker (administrator) on 23-03-2015 at 19:27:23
Running from "C:\Users\necklacemaker\Downloads"
Microsoft Windows 8.1 (X64)
Model: 10117 Manufacturer: LENOVO
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.


=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 17.0.0.124 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Refresh Manager (x32 Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon)
AMD Accelerated Video Transcoding (Version: 13.15.100.30718 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{DC255D56-5881-0F67-6E74-5926CECA90B0}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
BrowseForTheCause (HKLM-x32\...\{9B5462A7-44E9-4E92-A65F-55F6FEE5901A}) (Version: 1.0.0 - BrowseForTheCause)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0718.0631.9814 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0718.632.9814 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Consumer Input Update Helper (x32 Version: 1.3.25.149 - Compete Inc.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.1.4107 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Electric Sheep 2.7b34c (HKLM-x32\...\Electric Sheep) (Version: 2.7b34c - Electricsheep)
f.lux (HKCU\...\Flux) (Version: - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.1.2.2 - Genesys Logic)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Lenovo App Shop (HKLM-x32\...\Lenovo App Shop 45246) (Version: 3.10.0.45246.24 - Lenovo)
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.7408 - CyberLink Corp.)
Lenovo Power2Go (x32 Version: 6.0.7408 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Reach (HKLM-x32\...\{0B5E0E89-4BCA-4035-BBA1-D1439724B6E2}) (Version: 1.1.0.166 - Stoneware, Inc.)
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{1CA74803-5CB2-4C03-BDBE-061EDC81CC7F}) (Version: 2.8.004.00 - Lenovo Group Limited)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.2.4000 - Maxthon International Limited)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Mozilla Firefox 36.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 en-US)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
Nitro Pro 8 (HKLM\...\{392C767D-4EE2-49B5-A3B4-A4C3AB6DC145}) (Version: 8.5.7.1 - Nitro)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7005 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0227 - REALTEK Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Snap.Do (x32 Version: 11.112.1.19229 - ReSoft Ltd.) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1130 - SUPERAntiSpyware.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 5310.71 MB
Available physical RAM: 3401.66 MB
Total Pagefile: 6206.71 MB
Available Pagefile: 3865.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3982.86 MB

========================= Partitions: =====================================

1 Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:864 GB) NTFS

========================= Users: ========================================

User accounts for \\LIZ

Administrator Guest necklacemaker


**** End of log ****


- I hope I'm not jumping the gun here, please help!