Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

PUP.conduit.A and more? [Closed] [Solved]

PUP conduitA

  • This topic is locked This topic is locked

#31
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Here's my MBAM log. Looks good! Although, you want to know something? I'm stumped because my webpages took an extremely long time to load, and the typing in the chats so slow that I've been using another person's computer. I hope you have some tricks up your sleeve. :spoton: LESI


Agreed, that MBAM log looks good. :) Let's run SecurityCheck to see if you have any out of date programs on your machine. Once we check that and update any programs needed, as your machine is malware free, we'll have the techs over in the Hardware Forum check your hardware and make sure that you machine doesn't have hardware issues. :)


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post

SecurityCheck Log

  • 0

Advertisements


#32
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,

 

Big thunderstorm last night, so just did the job this morning!

Thank You, LESI  :D

 

 Results of screen317's Security Check version 0.99.86  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 65  
 Adobe Reader XI  
 Mozilla Firefox (29.0) 
 Google Chrome 35.0.1916.153  
 Google Chrome 36.0.1985.125  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 

  • 0

#33
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Big thunderstorm last night, so just did the job this morning!

Thank You, LESI :D


No worries, I understand. :) and you are quite welcome. :thumbsup:


Great news, your logs are CLEAN! :thumbsup: :) but we still have a few things we need to address namely:
  • I need to remove the tools we installed on your machine.
  • We also have some programs on your machine that need updating to help protect you in the future.
  • I'll also provide a link to the Hardware Support forum so they can give your machine a checkup.
Step 1: Tool Removal with Delfix and Creation of a clean restore point
  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can uninstall ESET Online Scanner at this time.

I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.


Step 2: Update Avast Antivirus and Installation of FileHippo

Avast anti-virus needs updating. Please update it by following the instructions below.
  • Right click on the Avast orb in your try and select Open Avast user interface.
  • Then click on Settings and then Update.
  • From there you can update both the program (if necessary) and the virus definitions.
Keeping your software updated

Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is Filehippo. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.

Download Filehippo Updatechecker


Step 3: Tips, Information, Optional Unchecky Installation and Link to Hardware Forum

Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.

Be careful of the websites you visit.

When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take you time and read each screen as you go. :)

To help protect yourself while on the web, I recommend you read How did I get infected in the first place?

Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.

Click here to be taken to Unchecky.com

Click the very large Download button.

Click Save

Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)

Once open, click the Install button.


unchecky1_zps667e512d.jpg


Then click Finish

unchecky2_zpsca4e7d0d.jpg


Unchecky is now installed and will help you keep unwanted check boxes unchecked. :thumbsup:


Link to Hardware Forum

Please click the link below to go to the Hardware Forum. Once there, start a new topic describing the problem and let them know that your machine was just cleaned in the Virus, Spyware Malware Removal forum. :)

http://www.geekstogo...nd-peripherals/
  • 0

#34
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Pystryker,
 
Thank you for all this help.  I feel so much relief and I really enjoyed the process.  You mentioned sending me to get help with my printer software, and getting the printer connectivity issue resolved in another location.  Where do I go for that?

My log is below.
 
I'd like to donate to you...in case I can't find that location, please tell me where to find the link to do so.
 
Blessings, LESI  :D
 
# DelFix v10.7 - Logfile created 28/07/2014 at 22:25:36
# Updated 27/04/2014 by Xplode
# Username : Martha - HP-ALLINONE
# Operating System : Windows 8.1  (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Martha\Desktop\FRST-OlderVersion
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\TDSSKiller.3.0.0.40_11.07.2014_01.04.13_log.txt
Deleted : C:\TDSSKiller.3.0.0.40_25.07.2014_00.14.21_log.txt
Deleted : C:\Users\Martha\Desktop\Addition.txt
Deleted : C:\Users\Martha\Desktop\AdwCleaner.07.09.14[S0].txt
Deleted : C:\Users\Martha\Desktop\FRST.txt
Deleted : C:\Users\Martha\Desktop\FRST64.exe
Deleted : C:\Users\Martha\Desktop\OTL.exe
Deleted : C:\Users\Martha\Downloads\Addition.txt
Deleted : C:\Users\Martha\Downloads\AdwCleaner (1).exe
Deleted : C:\Users\Martha\Downloads\AdwCleaner (2).exe
Deleted : C:\Users\Martha\Downloads\adwcleaner.exe
Deleted : C:\Users\Martha\Downloads\esetsmartinstaller_enu (1).exe
Deleted : C:\Users\Martha\Downloads\esetsmartinstaller_enu(1).exe
Deleted : C:\Users\Martha\Downloads\esetsmartinstaller_enu(2).exe
Deleted : C:\Users\Martha\Downloads\esetsmartinstaller_enu(3).exe
Deleted : C:\Users\Martha\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Martha\Downloads\Extras.Txt
Deleted : C:\Users\Martha\Downloads\FRST.exe
Deleted : C:\Users\Martha\Downloads\FRST.txt
Deleted : C:\Users\Martha\Downloads\FRST64 (1).exe
Deleted : C:\Users\Martha\Downloads\FRST64 (2).exe
Deleted : C:\Users\Martha\Downloads\FRST64 (3).exe
Deleted : C:\Users\Martha\Downloads\FRST64 (4).exe
Deleted : C:\Users\Martha\Downloads\FRST64.exe
Deleted : C:\Users\Martha\Downloads\JRT (1).exe
Deleted : C:\Users\Martha\Downloads\JRT (2).exe
Deleted : C:\Users\Martha\Downloads\JRT.exe
Deleted : C:\Users\Martha\Downloads\OTL.Txt
Deleted : C:\Users\Martha\Downloads\SecurityCheck (1).exe
Deleted : C:\Users\Martha\Downloads\SecurityCheck (2).exe
Deleted : C:\Users\Martha\Downloads\SecurityCheck (3).exe
Deleted : C:\Users\Martha\Downloads\SecurityCheck (4).exe
Deleted : C:\Users\Martha\Downloads\SecurityCheck.exe
Deleted : C:\Users\Martha\Downloads\SystemLook.txt
Deleted : C:\Users\Martha\Downloads\SystemLook_x64.exe
Deleted : C:\Users\Martha\Downloads\tdsskiller (1).exe
Deleted : C:\Users\Martha\Downloads\tdsskiller (2).exe
Deleted : C:\Users\Martha\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #5 [OTL Restore Point - 7/9/2014 12:52:06 AM | 07/09/2014 04:52:06]
Deleted : RP #6 [Removed Java 7 Update 60 | 07/16/2014 20:32:07]
Deleted : RP #7 [Installed HP Support Solutions Framework | 07/19/2014 05:33:55]
Deleted : RP #8 [Removed HP Support Solutions Framework | 07/23/2014 01:28:56]
 
New restore point created !
 
########## - EOF - ##########

  • 0

#35
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Thank you for all this help. I feel so much relief and I really enjoyed the process. You mentioned sending me to get help with my printer software, and getting the printer connectivity issue resolved in another location. Where do I go for that?


You're quite welcome, and I appreciate your staying until we finished. :) That link to the hardware forum also covers peripherals, and they should be able to help with the printer issue as well. :thumbsup:
 

I'd like to donate to you...in case I can't find that location, please tell me where to find the link to do so.


That's very generous of you. :) The link is at the bottom of my signature in this post.
  • 0

#36
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)<br /><br />If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.<br /><br />Everyone else please begin a New Topic.
  • 0

#37
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. You will need to download and run the 32-bit version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

FRST Log

Addition.txt Log

  • 0

#38
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,

 

I got your internal email return message re: reopening my topic: in re: to still having PUPs and slow browser.

I await your instruction for which programs to run.

 

Thank You,

LESI  :yes:


  • 0

#39
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts
Pystryker,
 
Here are my scans from Farber Recovery below.  Things are running a little faster tonight...I did update the Windows from the filehippo suggested list as well as Avast and downloaded most all of the other suggestions.  There was one not for WIN 8.1....and I can't operate the ERUNT...and I also downloaded IOBit which caught a lot of viruses the other day, at a friend's suggestion.  I've run the Super AntiSpyware at bootup and it keeps catching errors, and MalwareBytes seems to show a clean slate.  

Although things were very slow all day, tonight the speed has picked up but not right after I downloaded the WIN update suggested by filehippo...so not sure why...but I'll keep you posted.

LESI   :yeah:   Can't wait to get my printer running again too.
 
=====================================================================================================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-08-2014
Ran by Martha (administrator) on HP-ALLINONE on 04-08-2014 23:27:42
Running from C:\Users\Martha\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(RaMMicHaeL) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(FileHippo.com) C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SUPERAntiSpyware.com) C:\Users\Martha\Downloads\SASCore64.exe
(SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2013-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1601856 2014-06-23] (IObit)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-08] (Hewlett-Packard)
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [FreeScreenSharing] => C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [SUPERAntiSpyware] => C:\Users\Martha\Downloads\SUPERAntiSpyware.exe [7761176 2014-08-02] (SUPERAntiSpyware)
HKU\S-1-5-21-1584447337-3020926857-578221619-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272840 2014-03-31] (Microsoft Corporation)
HKU\S-1-5-21-1584447337-3020926857-578221619-1004\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-1584447337-3020926857-578221619-500\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21446272 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-1584447337-3020926857-578221619-500\...\Run: [FreeScreenSharing] => C:\Users\Martha\AppData\Local\FreeScreenSharing\FreeScreenSharing.exe [2266104 2013-06-26] ()
HKU\S-1-5-21-1584447337-3020926857-578221619-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
Startup: C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/...=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKLM - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=HPDTDFJS
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/...=AVASDF&PC=AV01
SearchScopes: HKCU - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default
FF DefaultSearchEngine: Microsoft (Bing)
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @startmeeting.com/launcher - C:\Users\Martha\AppData\Local\SMPlugins\npsmlauncher.dll (Start Meeting)
FF Plugin HKCU: gamevenus.com/CertifiedBrowser - C:\Users\Martha\AppData\Roaming\GVU Technologies\YouTubeDownloaderConverter\npCertifiedBrowser.dll (GVU Technologies)
FF Plugin HKCU: hp.com/HPDetect - C:\Users\Martha\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll (HP)
FF user.js: detected! => C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\user.js
FF SearchPlugin: C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\searchplugins\bing-avast.xml
FF Extension: Ads Removal - C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\Extensions\[email protected] [2014-08-02]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Martha\AppData\Roaming\Mozilla\Firefox\Profiles\ad89ajwx.default\Extensions\[email protected] [2014-08-02]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Youtube Mp3 Converter\BrowserPlugin\Firefox\[email protected] [2014-01-13]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-04]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Google Drive) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-25]
CHR Extension: (YouTube) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Google Search) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Gmail) - C:\Users\Martha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 !SASCORE; C:\Users\Martha\Downloads\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-04] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [103936 2014-01-13] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [107624 2014-07-29] (RaMMicHaeL)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-19] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-19] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-19] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-04] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S1 SASDIFSV; C:\Users\Martha\Downloads\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Users\Martha\Downloads\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-19] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-04 23:27 - 2014-08-04 23:28 - 00025247 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-08-04 23:26 - 2014-08-04 23:27 - 00000000 ____D () C:\FRST
2014-08-04 23:26 - 2014-08-04 23:26 - 02094080 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-08-04 23:24 - 2014-08-04 23:24 - 01084928 _____ (Farbar) C:\Users\Martha\Downloads\FRST.exe
2014-08-04 21:51 - 2014-08-04 21:51 - 00014336 _____ () C:\Users\Martha\Downloads\Uninstall.dat
2014-08-04 21:48 - 2014-08-04 21:48 - 00001664 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-08-04 21:48 - 2014-08-04 21:48 - 00000000 ____D () C:\Users\Martha\Downloads\Plugins
2014-08-04 21:37 - 2014-08-04 21:37 - 18615872 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (4).exe
2014-08-04 14:19 - 2014-08-04 14:19 - 00000350 _____ () C:\WINDOWS\PFRO.log
2014-08-04 12:14 - 2014-08-04 21:30 - 00000000 ____D () C:\Users\Martha\Tracing
2014-08-04 10:58 - 2014-08-04 10:58 - 00000000 ____D () C:\WINDOWS\en
2014-08-04 10:57 - 2014-08-04 10:57 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-08-04 10:57 - 2014-08-04 10:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-08-04 10:55 - 2014-08-04 10:55 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-08-04 10:54 - 2014-08-04 10:54 - 00001476 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-04 10:53 - 2014-08-04 10:53 - 00002504 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-08-04 10:51 - 2014-08-04 10:51 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-04 10:50 - 2014-08-04 10:50 - 00000381 _____ () C:\WINDOWS\DirectX.log
2014-08-04 10:48 - 2014-08-04 10:48 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-04 09:34 - 2014-08-04 09:34 - 01239752 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\wlsetup-web.exe
2014-08-04 00:41 - 2014-08-04 00:41 - 00001052 _____ () C:\Users\Martha\Desktop\MBAM.08.03.14.txt
2014-08-02 21:44 - 2014-08-02 21:44 - 07761176 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware.exe
2014-08-02 11:57 - 2014-08-02 11:57 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13 (2).zip
2014-08-02 11:56 - 2014-08-02 11:56 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-08-02 11:56 - 2014-08-02 11:56 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2014-08-02 11:53 - 2014-08-02 11:53 - 00000156 _____ () C:\WINDOWS\setupact.log
2014-08-02 11:53 - 2014-08-02 11:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-02 11:52 - 2014-08-02 11:56 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-02 11:52 - 2014-08-02 11:52 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-08-02 11:51 - 2014-08-02 11:51 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 01406976 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 00450096 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 00360496 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 56270848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-08-02 11:50 - 2014-08-02 11:50 - 03872984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-08-02 11:50 - 2014-08-02 11:50 - 02825432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 02792152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\SET7E8B.tmp
2014-08-02 11:50 - 2014-08-02 11:50 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 02037336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01958616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-08-02 11:50 - 2014-08-02 11:50 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01033304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01024216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00946392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00757301 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-08-02 11:50 - 2014-08-02 11:50 - 00624344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-08-02 10:28 - 2014-08-02 10:28 - 00002370 _____ () C:\WINDOWS\System32\Tasks\ASC7_SkipUac_Martha
2014-08-02 10:28 - 2014-08-02 10:28 - 00000268 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Martha.job
2014-08-02 10:27 - 2014-08-02 10:27 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\ProductData
2014-08-02 10:26 - 2014-08-02 10:26 - 00003170 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Update
2014-08-02 10:26 - 2014-06-04 15:17 - 00034080 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe
2014-08-02 10:25 - 2014-08-02 10:25 - 00002434 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-02 10:25 - 2014-08-02 10:25 - 00001174 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-08-02 10:25 - 2014-08-02 10:25 - 00000312 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-08-02 10:25 - 2014-08-02 10:25 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Apple Computer
2014-08-02 10:25 - 2014-08-02 10:25 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-02 10:24 - 2014-08-02 11:45 - 00002151 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-08-02 10:24 - 2014-08-02 10:24 - 00002860 _____ () C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-08-02 10:24 - 2014-08-02 10:24 - 00001116 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-02 10:24 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll20140802102554.dll
2014-08-02 10:24 - 2014-06-04 15:17 - 00128288 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll
2014-08-02 10:24 - 2014-06-04 15:17 - 00021184 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
2014-08-02 10:23 - 2014-08-02 10:23 - 00003220 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Scan
2014-08-02 10:23 - 2014-08-02 10:23 - 00003166 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-08-02 10:23 - 2014-08-02 10:23 - 00003164 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Update
2014-08-02 10:23 - 2014-08-02 10:23 - 00001205 _____ () C:\Users\Public\Desktop\Start Menu 8.lnk
2014-08-02 10:23 - 2014-08-02 10:23 - 00001116 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-08-02 10:23 - 2014-08-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-08-02 10:23 - 2014-08-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-08-02 10:22 - 2014-08-02 10:22 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup (2).exe
2014-08-02 10:21 - 2014-08-02 10:25 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\IObit
2014-08-02 10:21 - 2014-08-02 10:25 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-08-02 10:21 - 2014-08-02 10:23 - 00000000 ____D () C:\ProgramData\IObit
2014-08-02 10:21 - 2014-08-02 10:21 - 00001191 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-08-02 10:21 - 2014-08-02 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-08-02 10:19 - 2014-08-02 10:19 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup.exe
2014-08-02 10:19 - 2014-08-02 10:19 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup (1).exe
2014-08-01 20:28 - 2014-08-01 20:28 - 00003142 _____ () C:\WINDOWS\System32\Tasks\{8DBC21F3-A951-4D97-B7EE-9AA918423402}
2014-08-01 19:05 - 2014-08-01 19:06 - 35260712 _____ () C:\Users\Martha\Downloads\Firefox Setup 32.0b3.exe
2014-08-01 10:10 - 2014-08-01 10:12 - 18549136 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (3).exe
2014-07-30 19:50 - 2014-07-30 19:50 - 31150504 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-i586 (1).exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00176040 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-30 19:48 - 2014-07-30 19:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-30 19:47 - 2014-07-30 19:47 - 31150504 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-i586.exe
2014-07-30 19:45 - 2014-07-30 19:44 - 00321448 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-07-30 19:44 - 2014-07-30 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-30 19:44 - 2014-07-30 19:44 - 00000000 ____D () C:\Program Files\Java
2014-07-30 19:43 - 2014-07-30 19:43 - 34176936 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-x64 (1).exe
2014-07-30 19:42 - 2014-07-30 19:42 - 00560408 _____ (SUPERAdBlocker.com) C:\Users\Martha\Downloads\Uninstall.exe
2014-07-30 19:28 - 2014-07-30 19:28 - 34176936 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-x64.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00895120 _____ (Google Inc.) C:\Users\Martha\Downloads\ChromeSetup.exe
2014-07-30 09:27 - 2014-07-30 09:27 - 18464664 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (2).exe
2014-07-30 00:59 - 2014-07-30 00:59 - 18464664 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (1).exe
2014-07-30 00:39 - 2014-08-04 16:39 - 00000536 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3.job
2014-07-30 00:39 - 2014-08-03 02:00 - 00000536 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23.job
2014-07-30 00:39 - 2014-07-30 00:39 - 00003598 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23
2014-07-30 00:39 - 2014-07-30 00:39 - 00003516 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3
2014-07-30 00:39 - 2014-07-30 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\SUPERAntiSpyware.com
2014-07-30 00:38 - 2014-08-04 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-30 00:38 - 2014-07-30 00:38 - 00001822 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-30 00:38 - 2014-07-30 00:38 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-30 00:25 - 2014-07-30 00:25 - 00000000 ____D () C:\ProgramData\Licenses
2014-07-30 00:24 - 2014-07-30 00:30 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-30 00:24 - 2014-07-30 00:24 - 04095448 _____ (BrightFort LLC ) C:\Users\Martha\Downloads\spywareblastersetup50.exe
2014-07-30 00:24 - 2014-07-30 00:24 - 00001093 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-07-30 00:24 - 2014-07-30 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-07-30 00:24 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSSTDFMT.DLL
2014-07-30 00:20 - 2014-07-30 00:20 - 04420728 _____ (Systweak Inc ) C:\Users\Martha\Downloads\rcp_dcomnew_sec_300.exe
2014-07-30 00:20 - 2014-07-30 00:20 - 04420728 _____ (Systweak Inc ) C:\Users\Martha\Downloads\rcp_dcomnew_sec_300 (1).exe
2014-07-29 16:45 - 2014-07-29 16:45 - 00466712 _____ (SUPERAntiSpyware.com) C:\Users\Martha\Downloads\SSUpdate64.exe
2014-07-29 11:09 - 2014-07-29 11:09 - 00448512 _____ (OldTimer Tools) C:\Users\Martha\Downloads\TFC.exe
2014-07-28 23:06 - 2014-07-28 23:06 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13 (1).zip
2014-07-28 23:04 - 2014-07-28 23:04 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13.zip
2014-07-28 23:03 - 2014-08-01 19:23 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Martha\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Betty\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Martha\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Betty\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-28 23:00 - 2014-07-28 23:00 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-28 22:58 - 2014-07-28 22:58 - 00791393 _____ (Lars Hederer ) C:\Users\Martha\Downloads\erunt-setup.exe
2014-07-28 22:43 - 2014-07-28 22:43 - 00001033 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-07-28 22:43 - 2014-07-28 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-07-28 22:43 - 2014-07-28 22:43 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-07-28 22:42 - 2014-07-28 22:42 - 00694968 _____ (RaMMicHaeL) C:\Users\Martha\Downloads\unchecky_setup.exe
2014-07-28 22:39 - 2014-07-28 22:39 - 00002013 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-07-28 22:39 - 2014-07-28 22:39 - 00001983 _____ () C:\Users\Martha\Desktop\Update Checker.lnk
2014-07-28 22:39 - 2014-07-28 22:39 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-07-28 22:38 - 2014-07-28 22:38 - 00264757 _____ () C:\Users\Martha\Downloads\FHSetup.exe
2014-07-28 22:25 - 2014-07-28 22:26 - 00002941 _____ () C:\DelFix.txt
2014-07-24 10:01 - 2014-07-24 10:01 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001343 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001337 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001179 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-07-24 09:47 - 2014-07-24 09:49 - 258325536 _____ () C:\Users\Martha\Downloads\PS_AIO_C4200_NonNet_Full_Win_WW_140_404 (2).exe
2014-07-22 19:31 - 2014-07-22 19:31 - 00172344 _____ (SUPERAntiSpyware.com) C:\Users\Martha\Downloads\SASCore64.exe
2014-07-22 18:35 - 2014-08-04 21:46 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-07-22 18:35 - 2014-08-04 21:46 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-07-19 01:33 - 2014-07-19 01:33 - 05017600 _____ () C:\Users\Martha\Downloads\HPSupportSolutionsFramework-11.50.0031.msi
2014-07-19 00:53 - 2014-08-04 15:04 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A29522CF-DB1F-4DA9-A129-EDE5E9A5699D}
2014-07-19 00:53 - 2014-07-19 00:53 - 00000000 __SHD () C:\Users\Martha\AppData\Local\EmieUserList
2014-07-19 00:53 - 2014-07-19 00:53 - 00000000 __SHD () C:\Users\Martha\AppData\Local\EmieSiteList
2014-07-19 00:44 - 2014-07-24 10:07 - 00002345 _____ () C:\Users\Public\Desktop\Add a Device - Photosmart C4200 Series.lnk
2014-07-19 00:26 - 2014-07-19 02:30 - 00188017 ____N () C:\WINDOWS\hpoins13.dat.temp
2014-07-19 00:26 - 2012-09-26 09:18 - 00000462 ____N () C:\WINDOWS\hpomdl13.dat.temp
2014-07-19 00:21 - 2014-07-19 00:23 - 258325536 _____ () C:\Users\Martha\Downloads\PS_AIO_C4200_NonNet_Full_Win_WW_140_404 (1).exe
2014-07-18 12:23 - 2014-07-18 12:23 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{C584B8BE-8B36-452E-95B9-89CC4F4F9F5F}
2014-07-18 12:13 - 2014-07-18 12:13 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\Martha\Downloads\setup.exe
2014-07-16 16:44 - 2014-07-16 16:45 - 29420456 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-i586.exe
2014-07-16 16:44 - 2014-07-16 16:45 - 29420456 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-i586 (1).exe
2014-07-16 16:36 - 2014-07-16 16:36 - 31012264 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-x64.exe
2014-07-14 23:37 - 2014-07-23 11:28 - 00000000 ____D () C:\Users\Martha\Desktop\CarePlusMore
2014-07-14 14:26 - 2014-07-14 14:26 - 00000192 _____ () C:\Users\Martha\Downloads\High Contrast Black.set
2014-07-10 01:26 - 2014-06-26 16:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-10 01:26 - 2014-06-26 16:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 19:31 - 2014-04-13 23:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:07 - 2014-06-18 21:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-09 19:07 - 2014-06-18 20:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-09 19:07 - 2014-06-18 19:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-09 19:07 - 2014-06-18 18:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-09 19:07 - 2014-06-16 18:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-09 19:07 - 2014-06-16 18:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-09 19:07 - 2014-06-06 10:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-09 19:06 - 2014-06-18 20:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-09 19:06 - 2014-06-18 20:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 19:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-09 19:06 - 2014-06-18 19:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 19:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 19:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-09 19:06 - 2014-06-18 19:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 19:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-09 19:06 - 2014-06-18 19:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 19:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-09 19:06 - 2014-06-18 18:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-09 19:06 - 2014-06-18 18:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-09 19:06 - 2014-06-18 18:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-09 19:06 - 2014-06-18 18:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-09 19:06 - 2014-06-18 18:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-09 19:06 - 2014-06-18 18:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-09 19:06 - 2014-06-18 18:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-09 19:06 - 2014-06-18 18:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-09 19:06 - 2014-06-18 18:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-09 19:06 - 2014-05-29 23:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-09 19:06 - 2014-05-29 08:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-09 19:06 - 2014-05-29 03:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-09 19:06 - 2014-05-29 02:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-09 19:06 - 2014-05-29 01:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-09 19:05 - 2014-06-30 18:45 - 00688128 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-09 19:05 - 2014-06-28 03:48 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-09 19:05 - 2014-06-28 03:07 - 00385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-09 19:05 - 2014-06-06 09:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-09 19:05 - 2014-06-06 08:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-09 19:05 - 2014-05-31 06:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-09 19:05 - 2014-05-31 06:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-09 19:05 - 2014-05-30 23:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-09 19:05 - 2014-05-30 23:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 23:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-09 19:05 - 2014-05-30 23:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-09 19:05 - 2014-05-30 23:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 19:05 - 2014-05-30 22:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-09 19:05 - 2014-05-30 22:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-09 19:05 - 2014-05-30 22:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-09 19:05 - 2014-05-30 22:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-09 19:05 - 2014-05-30 22:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-09 19:05 - 2014-05-30 22:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-09 01:28 - 2014-07-28 22:25 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-09 01:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-07-08 15:30 - 2014-07-08 15:30 - 00000192 _____ () C:\Users\Martha\Downloads\SAS Default.set
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-04 23:28 - 2014-08-04 23:27 - 00025247 _____ () C:\Users\Martha\Downloads\FRST.txt
2014-08-04 23:27 - 2014-08-04 23:26 - 00000000 ____D () C:\FRST
2014-08-04 23:27 - 2013-10-15 01:34 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-04 23:27 - 2013-10-15 00:47 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Skype
2014-08-04 23:26 - 2014-08-04 23:26 - 02094080 _____ (Farbar) C:\Users\Martha\Downloads\FRST64.exe
2014-08-04 23:24 - 2014-08-04 23:24 - 01084928 _____ (Farbar) C:\Users\Martha\Downloads\FRST.exe
2014-08-04 23:02 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-04 23:01 - 2014-06-19 19:49 - 01919876 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-04 22:43 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-04 22:38 - 2014-02-12 02:29 - 00000364 _____ () C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2014-08-04 21:51 - 2014-08-04 21:51 - 00014336 _____ () C:\Users\Martha\Downloads\Uninstall.dat
2014-08-04 21:50 - 2013-10-14 14:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1584447337-3020926857-578221619-1001
2014-08-04 21:48 - 2014-08-04 21:48 - 00001664 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-08-04 21:48 - 2014-08-04 21:48 - 00000000 ____D () C:\Users\Martha\Downloads\Plugins
2014-08-04 21:48 - 2014-07-30 00:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-08-04 21:46 - 2014-07-22 18:35 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForMartha
2014-08-04 21:46 - 2014-07-22 18:35 - 00000360 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job
2014-08-04 21:37 - 2014-08-04 21:37 - 18615872 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (4).exe
2014-08-04 21:30 - 2014-08-04 12:14 - 00000000 ____D () C:\Users\Martha\Tracing
2014-08-04 21:29 - 2014-06-19 20:24 - 00000000 __RDO () C:\Users\Martha\OneDrive
2014-08-04 21:29 - 2013-10-15 01:34 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-04 21:29 - 2013-10-15 01:34 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-04 17:37 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Martha
2014-08-04 16:39 - 2014-07-30 00:39 - 00000536 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3.job
2014-08-04 15:04 - 2014-07-19 00:53 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A29522CF-DB1F-4DA9-A129-EDE5E9A5699D}
2014-08-04 14:27 - 2014-06-19 19:17 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-08-04 14:22 - 2014-07-04 00:38 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-08-04 14:20 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-04 14:19 - 2014-08-04 14:19 - 00000350 _____ () C:\WINDOWS\PFRO.log
2014-08-04 14:19 - 2014-05-09 14:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-04 11:03 - 2014-04-02 01:43 - 00000000 ____D () C:\Users\Martha\AppData\Local\Windows Live
2014-08-04 10:58 - 2014-08-04 10:58 - 00000000 ____D () C:\WINDOWS\en
2014-08-04 10:57 - 2014-08-04 10:57 - 00001323 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-08-04 10:57 - 2014-08-04 10:57 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-08-04 10:55 - 2014-08-04 10:55 - 00001392 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-08-04 10:54 - 2014-08-04 10:54 - 00001476 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-04 10:54 - 2012-09-11 10:18 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-04 10:53 - 2014-08-04 10:53 - 00002504 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2014-08-04 10:51 - 2014-08-04 10:51 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-04 10:50 - 2014-08-04 10:50 - 00000381 _____ () C:\WINDOWS\DirectX.log
2014-08-04 10:48 - 2014-08-04 10:48 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2014-08-04 09:34 - 2014-08-04 09:34 - 01239752 _____ (Microsoft Corporation) C:\Users\Martha\Downloads\wlsetup-web.exe
2014-08-04 00:41 - 2014-08-04 00:41 - 00001052 _____ () C:\Users\Martha\Desktop\MBAM.08.03.14.txt
2014-08-03 10:03 - 2014-07-01 18:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 02:00 - 2014-07-30 00:39 - 00000536 _____ () C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23.job
2014-08-02 21:44 - 2014-08-02 21:44 - 07761176 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware.exe
2014-08-02 11:57 - 2014-08-02 11:57 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13 (2).zip
2014-08-02 11:56 - 2014-08-02 11:56 - 09889352 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-08-02 11:56 - 2014-08-02 11:56 - 00359128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2014-08-02 11:56 - 2014-08-02 11:52 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-08-02 11:53 - 2014-08-02 11:53 - 00000156 _____ () C:\WINDOWS\setupact.log
2014-08-02 11:53 - 2014-08-02 11:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-02 11:52 - 2014-08-02 11:52 - 00000000 ____D () C:\WINDOWS\system32\SRSLabs
2014-08-02 11:52 - 2014-06-19 19:16 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-08-02 11:51 - 2014-08-02 11:51 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 01406976 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 00450096 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2014-08-02 11:51 - 2014-08-02 11:51 - 00360496 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 56270848 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-08-02 11:50 - 2014-08-02 11:50 - 03872984 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-08-02 11:50 - 2014-08-02 11:50 - 02825432 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 02792152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\SET7E8B.tmp
2014-08-02 11:50 - 2014-08-02 11:50 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 02037336 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01958616 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-08-02 11:50 - 2014-08-02 11:50 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01033304 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 01024216 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00946392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00757301 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-08-02 11:50 - 2014-08-02 11:50 - 00624344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-08-02 11:50 - 2014-08-02 11:50 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-08-02 11:45 - 2014-08-02 10:24 - 00002151 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-08-02 11:44 - 2014-06-19 23:12 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-02 10:28 - 2014-08-02 10:28 - 00002370 _____ () C:\WINDOWS\System32\Tasks\ASC7_SkipUac_Martha
2014-08-02 10:28 - 2014-08-02 10:28 - 00000268 _____ () C:\WINDOWS\Tasks\ASC7_SkipUac_Martha.job
2014-08-02 10:27 - 2014-08-02 10:27 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\ProductData
2014-08-02 10:26 - 2014-08-02 10:26 - 00003170 _____ () C:\WINDOWS\System32\Tasks\SmartDefrag3_Update
2014-08-02 10:25 - 2014-08-02 10:25 - 00002434 _____ () C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-08-02 10:25 - 2014-08-02 10:25 - 00001174 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-08-02 10:25 - 2014-08-02 10:25 - 00000312 _____ () C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job
2014-08-02 10:25 - 2014-08-02 10:25 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\Apple Computer
2014-08-02 10:25 - 2014-08-02 10:25 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-02 10:25 - 2014-08-02 10:21 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\IObit
2014-08-02 10:25 - 2014-08-02 10:21 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-08-02 10:24 - 2014-08-02 10:24 - 00002860 _____ () C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2014-08-02 10:24 - 2014-08-02 10:24 - 00001116 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-08-02 10:24 - 2014-08-02 10:24 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-08-02 10:23 - 2014-08-02 10:23 - 00003220 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Scan
2014-08-02 10:23 - 2014-08-02 10:23 - 00003166 _____ () C:\WINDOWS\System32\Tasks\StartMenuAutoupdate
2014-08-02 10:23 - 2014-08-02 10:23 - 00003164 _____ () C:\WINDOWS\System32\Tasks\Driver Booster Update
2014-08-02 10:23 - 2014-08-02 10:23 - 00001205 _____ () C:\Users\Public\Desktop\Start Menu 8.lnk
2014-08-02 10:23 - 2014-08-02 10:23 - 00001116 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-08-02 10:23 - 2014-08-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
2014-08-02 10:23 - 2014-08-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-08-02 10:23 - 2014-08-02 10:21 - 00000000 ____D () C:\ProgramData\IObit
2014-08-02 10:22 - 2014-08-02 10:22 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup (2).exe
2014-08-02 10:21 - 2014-08-02 10:21 - 00001191 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-08-02 10:21 - 2014-08-02 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-08-02 10:19 - 2014-08-02 10:19 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup.exe
2014-08-02 10:19 - 2014-08-02 10:19 - 26163624 _____ (IObit ) C:\Users\Martha\Downloads\IObit-Malware-Figher-Setup (1).exe
2014-08-01 20:28 - 2014-08-01 20:28 - 00003142 _____ () C:\WINDOWS\System32\Tasks\{8DBC21F3-A951-4D97-B7EE-9AA918423402}
2014-08-01 19:23 - 2014-07-28 23:03 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-08-01 19:22 - 2014-05-09 14:11 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-01 19:22 - 2014-05-09 14:11 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-01 19:22 - 2014-05-09 14:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:06 - 2014-08-01 19:05 - 35260712 _____ () C:\Users\Martha\Downloads\Firefox Setup 32.0b3.exe
2014-08-01 10:12 - 2014-08-01 10:10 - 18549136 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (3).exe
2014-08-01 09:31 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\DesktopTileResources
2014-08-01 09:31 - 2013-08-22 09:25 - 11796480 _____ () C:\WINDOWS\system32\config\SYSTEM.bak
2014-08-01 09:31 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-30 19:50 - 2014-07-30 19:50 - 31150504 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-i586 (1).exe
2014-07-30 19:49 - 2013-10-15 13:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-30 19:48 - 2014-07-30 19:48 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00176040 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-07-30 19:48 - 2014-07-30 19:48 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-07-30 19:48 - 2014-07-30 19:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-30 19:47 - 2014-07-30 19:47 - 31150504 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-i586.exe
2014-07-30 19:44 - 2014-07-30 19:45 - 00321448 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-07-30 19:44 - 2014-07-30 19:44 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-07-30 19:44 - 2014-07-30 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-30 19:44 - 2014-07-30 19:44 - 00000000 ____D () C:\Program Files\Java
2014-07-30 19:43 - 2014-07-30 19:43 - 34176936 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-x64 (1).exe
2014-07-30 19:42 - 2014-07-30 19:42 - 00560408 _____ (SUPERAdBlocker.com) C:\Users\Martha\Downloads\Uninstall.exe
2014-07-30 19:28 - 2014-07-30 19:28 - 34176936 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-8u11-windows-x64.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00895120 _____ (Google Inc.) C:\Users\Martha\Downloads\ChromeSetup.exe
2014-07-30 09:27 - 2014-07-30 09:27 - 18464664 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (2).exe
2014-07-30 00:59 - 2014-07-30 00:59 - 18464664 _____ (SUPERAntiSpyware) C:\Users\Martha\Downloads\SUPERAntiSpyware (1).exe
2014-07-30 00:39 - 2014-07-30 00:39 - 00003598 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23
2014-07-30 00:39 - 2014-07-30 00:39 - 00003516 _____ () C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3
2014-07-30 00:39 - 2014-07-30 00:39 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\SUPERAntiSpyware.com
2014-07-30 00:38 - 2014-07-30 00:38 - 00001822 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-30 00:38 - 2014-07-30 00:38 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-30 00:35 - 2012-09-11 09:30 - 00000000 ____D () C:\ProgramData\Temp
2014-07-30 00:30 - 2014-07-30 00:24 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-07-30 00:25 - 2014-07-30 00:25 - 00000000 ____D () C:\ProgramData\Licenses
2014-07-30 00:24 - 2014-07-30 00:24 - 04095448 _____ (BrightFort LLC ) C:\Users\Martha\Downloads\spywareblastersetup50.exe
2014-07-30 00:24 - 2014-07-30 00:24 - 00001093 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-07-30 00:24 - 2014-07-30 00:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-07-30 00:20 - 2014-07-30 00:20 - 04420728 _____ (Systweak Inc ) C:\Users\Martha\Downloads\rcp_dcomnew_sec_300.exe
2014-07-30 00:20 - 2014-07-30 00:20 - 04420728 _____ (Systweak Inc ) C:\Users\Martha\Downloads\rcp_dcomnew_sec_300 (1).exe
2014-07-29 16:45 - 2014-07-29 16:45 - 00466712 _____ (SUPERAntiSpyware.com) C:\Users\Martha\Downloads\SSUpdate64.exe
2014-07-29 11:09 - 2014-07-29 11:09 - 00448512 _____ (OldTimer Tools) C:\Users\Martha\Downloads\TFC.exe
2014-07-29 07:38 - 2013-10-14 13:45 - 00000000 ____D () C:\Users\Martha\AppData\Local\VirtualStore
2014-07-28 23:06 - 2014-07-28 23:06 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13 (1).zip
2014-07-28 23:04 - 2014-07-28 23:04 - 00009334 _____ () C:\Users\Martha\Downloads\SysRestorePoint_v13.zip
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Martha\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Betty\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000938 _____ () C:\Users\Administrator\Desktop\NTREGOPT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Martha\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Betty\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000919 _____ () C:\Users\Administrator\Desktop\ERUNT.lnk
2014-07-28 23:00 - 2014-07-28 23:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-28 23:00 - 2014-07-28 23:00 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-28 22:58 - 2014-07-28 22:58 - 00791393 _____ (Lars Hederer ) C:\Users\Martha\Downloads\erunt-setup.exe
2014-07-28 22:43 - 2014-07-28 22:43 - 00001033 _____ () C:\Users\Public\Desktop\Unchecky.lnk
2014-07-28 22:43 - 2014-07-28 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2014-07-28 22:43 - 2014-07-28 22:43 - 00000000 ____D () C:\Program Files (x86)\Unchecky
2014-07-28 22:42 - 2014-07-28 22:42 - 00694968 _____ (RaMMicHaeL) C:\Users\Martha\Downloads\unchecky_setup.exe
2014-07-28 22:39 - 2014-07-28 22:39 - 00002013 _____ () C:\Users\Martha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
2014-07-28 22:39 - 2014-07-28 22:39 - 00001983 _____ () C:\Users\Martha\Desktop\Update Checker.lnk
2014-07-28 22:39 - 2014-07-28 22:39 - 00000000 ____D () C:\Program Files (x86)\FileHippo.com
2014-07-28 22:38 - 2014-07-28 22:38 - 00264757 _____ () C:\Users\Martha\Downloads\FHSetup.exe
2014-07-28 22:26 - 2014-07-28 22:25 - 00002941 _____ () C:\DelFix.txt
2014-07-28 22:25 - 2014-07-09 01:28 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-27 21:50 - 2014-03-14 08:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 21:50 - 2014-03-14 08:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 21:50 - 2013-08-22 10:44 - 00424128 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-25 13:41 - 2013-04-19 23:32 - 00000000 ___RD () C:\Users\Martha\Dropbox
2014-07-24 10:08 - 2013-10-17 21:39 - 00188017 _____ () C:\WINDOWS\hpoins13.dat
2014-07-24 10:08 - 2013-10-17 21:39 - 00017850 _____ () C:\ProgramData\hpzinstall.log
2014-07-24 10:07 - 2014-07-19 00:44 - 00002345 _____ () C:\Users\Public\Desktop\Add a Device - Photosmart C4200 Series.lnk
2014-07-24 10:01 - 2014-07-24 10:01 - 00001074 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001343 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001337 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00001179 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-07-24 10:00 - 2014-07-24 10:00 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-07-24 10:00 - 2013-10-17 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-07-24 10:00 - 2013-10-17 21:44 - 00000000 ____D () C:\Program Files (x86)\HP
2014-07-24 10:00 - 2013-10-17 21:32 - 00000000 ____D () C:\ProgramData\HP
2014-07-24 09:49 - 2014-07-24 09:47 - 258325536 _____ () C:\Users\Martha\Downloads\PS_AIO_C4200_NonNet_Full_Win_WW_140_404 (2).exe
2014-07-24 08:14 - 2014-03-14 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-23 11:28 - 2014-07-14 23:37 - 00000000 ____D () C:\Users\Martha\Desktop\CarePlusMore
2014-07-22 19:31 - 2014-07-22 19:31 - 00172344 _____ (SUPERAntiSpyware.com) C:\Users\Martha\Downloads\SASCore64.exe
2014-07-22 17:30 - 2013-11-19 17:14 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-07-22 17:29 - 2013-11-19 17:14 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-22 12:10 - 2013-10-15 00:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-19 02:31 - 2014-02-12 02:55 - 00002026 _____ () C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2014-07-19 02:30 - 2014-07-19 00:26 - 00188017 ____N () C:\WINDOWS\hpoins13.dat.temp
2014-07-19 01:33 - 2014-07-19 01:33 - 05017600 _____ () C:\Users\Martha\Downloads\HPSupportSolutionsFramework-11.50.0031.msi
2014-07-19 01:23 - 2013-10-17 22:05 - 00000000 ____D () C:\Users\Martha\AppData\Roaming\HpUpdate
2014-07-19 00:53 - 2014-07-19 00:53 - 00000000 __SHD () C:\Users\Martha\AppData\Local\EmieUserList
2014-07-19 00:53 - 2014-07-19 00:53 - 00000000 __SHD () C:\Users\Martha\AppData\Local\EmieSiteList
2014-07-19 00:23 - 2014-07-19 00:21 - 258325536 _____ () C:\Users\Martha\Downloads\PS_AIO_C4200_NonNet_Full_Win_WW_140_404 (1).exe
2014-07-18 12:23 - 2014-07-18 12:23 - 00003208 _____ () C:\WINDOWS\System32\Tasks\{C584B8BE-8B36-452E-95B9-89CC4F4F9F5F}
2014-07-18 12:13 - 2014-07-18 12:13 - 02938144 _____ (LionSea Software co., ltd ) C:\Users\Martha\Downloads\setup.exe
2014-07-16 16:45 - 2014-07-16 16:44 - 29420456 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-i586.exe
2014-07-16 16:45 - 2014-07-16 16:44 - 29420456 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-i586 (1).exe
2014-07-16 16:36 - 2014-07-16 16:36 - 31012264 _____ (Oracle Corporation) C:\Users\Martha\Downloads\jre-7u65-windows-x64.exe
2014-07-14 14:26 - 2014-07-14 14:26 - 00000192 _____ () C:\Users\Martha\Downloads\High Contrast Black.set
2014-07-10 04:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-10 01:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-09 19:42 - 2012-07-26 03:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-09 19:40 - 2013-10-15 18:53 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 19:39 - 2013-10-16 02:04 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-09 19:35 - 2013-10-16 02:04 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-09 19:35 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-09 19:30 - 2014-03-18 05:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:29 - 2014-07-09 19:29 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-09 19:00 - 2014-07-09 19:00 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-07-08 15:30 - 2014-07-08 15:30 - 00000192 _____ () C:\Users\Martha\Downloads\SAS Default.set
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-04 19:14
 
==================== End Of Log ============================
 
=========================================================================================================================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-08-2014
Ran by Martha at 2014-08-04 23:30:36
Running from C:\Users\Martha\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.3.1 - IObit)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0808.1023.16666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0808.1024.16666 - Advanced Micro Devices, Inc.) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5510 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.1.3109 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1902 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.1.1925 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.6.2 - Ellora Assets Corporation)
FreeScreenSharing (HKCU\...\FreeScreenSharing) (Version: 0.56.22.0 - Free Conferencing Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2107.3 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 87) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 12.0.13351.1658 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{276C40A7-8110-4976-80D2-39C669B84D32}) (Version: 14.0 - HP)
HP Postscript Converter (Version: 4.6.12747 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Unified IO (Version: 2.0.0.434 - HP) Hidden
HP Unified IO (x32 Version: 2.0.0.434 - HP) Hidden
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDetect (HKLM-x32\...\{CCCDD476-98F9-4B06-91DB-23F27CEC3BE1}) (Version: 1.0.0.0 - HP)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.10.2466 - IObit)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
LiveUpload to YouTube (HKLM-x32\...\{9B2FBA60-AF4A-11DD-AD8B-0800200C9A66}) (Version: 1.1.0.0 - William Duff)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PS_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28137 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.2 - IObit)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
StartMeeting (HKCU\...\StartMeeting) (Version: 1.3.3080.1001 - Start Meeting LLC)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1108 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Unchecky v0.2.15 (HKLM-x32\...\Unchecky) (Version: 0.2.15 - RaMMicHaeL)
Unseen App version 0.1.6 (HKLM-x32\...\{F2456876-05A8-440D-83D1-7BA229F68411}_is1) (Version: 0.1.6 - Unseen.is)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
YouTubeDownloaderConverter (HKLM-x32\...\{974A1DB5-D3B2-4491-B28F-3AA4045DBCE4}) (Version: 1.0.0 - GVU Technologies)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
29-07-2014 02:25:46 End of disinfection
30-07-2014 23:01:20 Removed Java 7 Update 65
02-08-2014 15:48:47 Driver Booster : Realtek High Definition Audio
04-08-2014 14:42:51 Windows Live Essentials
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2014-08-04 14:20 - 00001203 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
???????????????????????????????????????????????????????????«???????????????????????????‰??????????«????????????????‰???????????????‰?????????«??????????????????????‰?????????????«??????????????????????‰???????????‰???????????‰??????????????‰??????????«?????????????«?????????????????‰????????????????‰????????????«??????????????????‰????????????‰????????«?????????????«?????????????«??????????????????‰?????????«???????????????‰????????«????????????«?????????????????‰???????«??????????????‰???????«?????????????????????‰?????????????‰?????????????????
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {19A0C5DA-14B7-4648-9A41-F5AA2ACF7C36} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {1BA85BE3-051C-45C0-B475-B1FC55319E81} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E0B88D8-41F3-4F59-A73F-8067A1283B53} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-06] (IObit)
Task: {30F46374-C01A-449D-BCB8-B488E1A9E1FB} - System32\Tasks\HPCeeScheduleForMartha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {35424841-6AF3-4A27-8412-B73BA2466AB1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {38F858FC-2D2A-4E04-A460-BE909B7C6B88} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3DFF9AC5-FAC1-43DC-BAEA-4C58950AD937} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-04] (AVAST Software)
Task: {3EE49150-BEB3-4155-AC88-3193F5ECCC1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {4434C001-972C-4F84-A1DA-C4298BB49536} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B9EDECA-83D6-4F18-B356-9506E9CC818F} - System32\Tasks\ASC7_SkipUac_Martha => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-05-29] (IObit)
Task: {56A40D52-CAC1-497F-99F5-5465516CB751} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {56C886AA-0429-44D3-955D-4171FB32542C} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {5719F4B9-0AB9-4055-A04E-3F019A077373} - System32\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3 => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: {5A4F61AA-60A1-4AA2-B3D8-B74EDBE377C4} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {64E7DB2A-8D16-4E45-BE35-DAE186C48DFA} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {6A54C130-A6EC-4E4F-ABBD-617A80694DF0} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-07-03] (IObit)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7D753C45-778E-4D99-8935-493E7F07EDEF} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {7DD3ED2F-2EB3-41A8-BD17-885385648377} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A13688A5-2878-4233-89C2-A630D6572134} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {BA60BDB4-309D-41D5-B6AC-C185B6BC9510} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: {BC26AC45-8996-4A20-913F-E3C1535B2A32} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2014-06-06] (IObit)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C450766A-A3EF-4064-8167-345A4950FCA3} - System32\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23 => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D072EC4F-856D-460F-97B1-268818AC049A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DABBA08D-C74C-42AD-8326-052C8E26011F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-15] (Google Inc.)
Task: {E09B76FA-7BBF-4A14-82AF-3F158E9F577D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3014866-00E5-4F64-B398-679AD48C3C94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EF18A7C7-41EE-45B4-B6C0-12D31100A158} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {F5B6249C-09CA-457F-94D5-BA5460BEF478} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\ASC7_SkipUac_Martha.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMartha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 80c221b6-9a17-4f2a-b06c-cf4073c61ff3.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 8cb6c0c7-679d-47af-9ec4-608e1e23cd23.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-07-19 21:06 - 2012-07-19 21:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-07-19 21:06 - 2012-07-19 21:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 21:07 - 2012-07-19 21:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-06-19 20:19 - 2014-06-19 20:19 - 00120224 _____ () C:\Users\Martha\AppData\Local\assembly\dl3\OMM0704G.Y7R\B5EGOV8W.EZT\2368187e\0038bcf4_1366cd01\HPItunesModule.DLL
2014-07-31 20:29 - 2014-07-31 06:05 - 01370440 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\libglesv2.dll
2014-07-31 20:29 - 2014-07-31 06:05 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\libegl.dll
2014-07-31 20:29 - 2014-07-31 06:05 - 10866504 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\pdf.dll
2014-07-31 20:29 - 2014-07-31 06:05 - 00392008 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\ppGoogleNaClPluginChrome.dll
2014-07-31 20:29 - 2014-07-31 06:05 - 01832264 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\ffmpegsumo.dll
2014-07-31 20:29 - 2014-07-31 06:05 - 26580808 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2107.3\PepperFlash\pepflashplayer.dll
2014-07-04 00:37 - 2014-07-04 00:37 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-04 19:47 - 2014-08-04 19:47 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14080401\algo.dll
2012-09-11 09:44 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-04 00:37 - 2014-07-04 00:37 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Martha\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Martha\Documents\KTFA26 4_5_2012___Frank's Post.eml:OECustomProperty
AlternateDataStreams: C:\Users\Martha\Documents\ME Trng_ Thurs_ 6_14_07 w_Mike Harris on NM HAP Tips.eml:OECustomProperty
AlternateDataStreams: C:\Users\Martha\Documents\RE_ Request Rental Agreement.eml:OECustomProperty
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKCU\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKCU\...\StartupApproved\Run: => "FreeScreenSharing"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/04/2014 09:34:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: b44
 
Start Time: 01cfb04ca75f0588
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: 9cc26b08-1c40-11e4-be9c-4c72b9dfcdd8
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 07:04:00 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)
 
Error: (08/04/2014 02:29:28 PM) (Source: HP Connected Remote) (EventID: 0) (User: )
Description: Unable to download the update: ValidationError
 
Error: (08/04/2014 02:26:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ffc
 
Start Time: 01cfb010df10a92f
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: d617e76e-1c04-11e4-be9c-4c72b9dfcdd8
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 11:20:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 19d4
 
Start Time: 01cfaff6f2a7c8c1
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: e797bc35-1bea-11e4-be9b-4c72b9dfcdd8
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 10:49:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: onedrivesetup.exe, version: 17.0.4035.328, time stamp: 0x5335de08
Faulting module name: ntdll.dll, version: 6.3.9600.17031, time stamp: 0x5308893d
Exception code: 0xc0000005
Fault offset: 0x0004823b
Faulting process id: 0xb3c
Faulting application start time: 0xonedrivesetup.exe0
Faulting application path: onedrivesetup.exe1
Faulting module path: onedrivesetup.exe2
Report Id: onedrivesetup.exe3
Faulting package full name: onedrivesetup.exe4
Faulting package-relative application ID: onedrivesetup.exe5
 
Error: (08/04/2014 10:48:02 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: HP-ALLINONE)
Description: Application or service 'Windows Search' could not be shut down.
 
Error: (08/04/2014 08:56:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LiveComm.exe version 17.5.9600.20498 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1130
 
Start Time: 01cfafe2b84ad130
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: af1ffee5-1bd6-11e4-be9b-4c72b9dfcdd8
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/02/2014 11:53:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: RtkNGUI64.exe, version: 1.0.0.223, time stamp: 0x509ca91e
Faulting module name: MMDevApi.dll, version: 6.3.9600.17031, time stamp: 0x53086d4c
Exception code: 0xc0000005
Fault offset: 0x000000000003f311
Faulting process id: 0x7c4
Faulting application start time: 0xRtkNGUI64.exe0
Faulting application path: RtkNGUI64.exe1
Faulting module path: RtkNGUI64.exe2
Report Id: RtkNGUI64.exe3
Faulting package full name: RtkNGUI64.exe4
Faulting package-relative application ID: RtkNGUI64.exe5
 
Error: (08/02/2014 09:32:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x52d3a947
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0xe0434352
Fault offset: 0x00011d4d
Faulting process id: 0x4f4
Faulting application start time: 0xFreemakeUtilsService.exe0
Faulting application path: FreemakeUtilsService.exe1
Faulting module path: FreemakeUtilsService.exe2
Report Id: FreemakeUtilsService.exe3
Faulting package full name: FreemakeUtilsService.exe4
Faulting package-relative application ID: FreemakeUtilsService.exe5
 
 
System errors:
=============
Error: (08/04/2014 02:20:15 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.
 
Error: (08/04/2014 02:19:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:10:38 PM on ‎8/‎4/‎2014 was unexpected.
 
Error: (08/02/2014 05:03:25 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.120.
The computer with the IP address 192.168.1.119 did not allow the name to be claimed by
this computer.
 
Error: (08/02/2014 10:25:02 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The Advanced SystemCare Service 7 service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (08/02/2014 09:32:51 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Freemake Improver service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/02/2014 00:05:20 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/02/2014 00:05:20 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/02/2014 00:05:20 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/02/2014 00:05:20 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (08/02/2014 00:05:20 AM) (Source: DCOM) (EventID: 10010) (User: HP-ALLINONE)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
 
Microsoft Office Sessions:
=========================
Error: (08/04/2014 09:34:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20498b4401cfb04ca75f05884294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exe9cc26b08-1c40-11e4-be9c-4c72b9dfcdd8microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 07:04:00 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x8898008d
 
Error: (08/04/2014 02:29:28 PM) (Source: HP Connected Remote) (EventID: 0) (User: )
Description: Unable to download the update: ValidationError
 
Error: (08/04/2014 02:26:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20498ffc01cfb010df10a92f4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exed617e76e-1c04-11e4-be9c-4c72b9dfcdd8microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 11:20:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2049819d401cfaff6f2a7c8c14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exee797bc35-1bea-11e4-be9b-4c72b9dfcdd8microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/04/2014 10:49:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: onedrivesetup.exe17.0.4035.3285335de08ntdll.dll6.3.9600.170315308893dc00000050004823bb3c01cfaff31ad14d02C:\Program Files (x86)\Common Files\Windows Live\.cache\69ab7c621cfaff203\onedrivesetup.exeC:\WINDOWS\SYSTEM32\ntdll.dll98425fed-1be6-11e4-be9b-4c72b9dfcdd8
 
Error: (08/04/2014 10:48:02 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: HP-ALLINONE)
Description: 5SearchIndexer.exeWindows Search03026216134640
 
Error: (08/04/2014 08:56:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20498113001cfafe2b84ad1304294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\LiveComm.exeaf1ffee5-1bd6-11e4-be9b-4c72b9dfcdd8microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (08/02/2014 11:53:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RtkNGUI64.exe1.0.0.223509ca91eMMDevApi.dll6.3.9600.1703153086d4cc0000005000000000003f3117c401cfae49e21a31beC:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exeC:\WINDOWS\System32\MMDevApi.dll2c9befad-1a5d-11e4-be9b-4c72b9dfcdd8
 
Error: (08/02/2014 09:32:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreemakeUtilsService.exe1.0.0.052d3a947KERNELBASE.dll6.3.9600.17055532943a3e043435200011d4d4f401cfad8d038db255C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll78ec8886-1a49-11e4-be9b-4c72b9dfcdd8
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-03 22:44:34.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:34.148
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:33.915
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:33.717
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:33.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:33.305
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:33.089
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:32.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:32.675
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-07-03 22:44:32.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 54%
Total physical RAM: 3665.84 MB
Available physical RAM: 1669.61 MB
Total Pagefile: 4065.84 MB
Available Pagefile: 1664.7 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:444.06 GB) (Free:385.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.78 GB) (Free:2.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 4A1F8D9C)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#40
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Here are my scans from Farber Recovery below. Things are running a little faster tonight...I did update the Windows from the filehippo suggested list as well as Avast and downloaded most all of the other suggestions. There was one not for WIN 8.1....and I can't operate the ERUNT...and I also downloaded IOBit which caught a lot of viruses the other day, at a friend's suggestion. I've run the Super AntiSpyware at bootup and it keeps catching errors, and MalwareBytes seems to show a clean slate.

Although things were very slow all day, tonight the speed has picked up but not right after I downloaded the WIN update suggested by filehippo...so not sure why...but I'll keep you posted.


Thank you for the logs, I'll start looking over them tonight when I get in from work. :)

Regarding IOBit, we do not recommend any of their products here due to a couple of reasons:

1.) The company has been caught stealing the intellectual property of other software companies, Malwarebytes in particular.

2.) Programs like this that purport to clean the registry and such usually end up doing more harm than good. The changes they make sometimes damage the registry to the point the machine is no longer bootable.

I'll check the logs this evening and we'll proceed from there. :thumbsup:
  • 0

Advertisements


#41
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Hi :)

There are a couple of minor issues in the log that we'll remove, but there is no malware showing in the log. I do suggest removing the IOBit software for the reasons stated above. Also, having IOBit also makes 3 Anti-Spyware programs running on your machine. Having 3 of them will use up more system resources and will not give any extra protection. And IOBit's malware fighter is known to show false positives.


Let's fix the couple of items I see in the log, and then we'll get the Hardware Techs to take a look at your hardware and the printer issue. :thumbsup:
  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
Hosts:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL =
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post:

Fixlog.txt Log

  • 0

#42
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,

 

Sure am learning my way around this computer!  
Removed IOBit completely and the Uninstaller.
Did the FRST with the quote fixlist.txt

Here's my log!

 

While downloading your suggestions, at the end of our last go around, I may have downloaded some stuff that I shouldn't have by mistake:
NTREGOP
Driver Booster
Smart Defrag
Net Command

Should I remove the above programs?
Seems as though I'm able to use my computer a little better than the day before yesterday...but it's been slow all day...fyi

LESI   :popcorn:

=====================================================================

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-08-2014
Ran by Martha at 2014-08-06 01:20:23 Run:2
Running from C:\Users\Martha\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
Hosts:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKCU - {84B29D74-CDD6-47A8-9ECE-278809800D63} URL =
End
 
*****************
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84B29D74-CDD6-47A8-9ECE-278809800D63}" => Key deleted successfully.
"HKCR\CLSID\{84B29D74-CDD6-47A8-9ECE-278809800D63}" => Key not found.
 
==== End of Fixlog ====

  • 0

#43
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Sure am learning my way around this computer!
Removed IOBit completely and the Uninstaller.
Did the FRST with the quote fixlist.txt


:thumbsup:


While downloading your suggestions, at the end of our last go around, I may have downloaded some stuff that I shouldn't have by mistake:
NTREGOP
Driver Booster
Smart Defrag


I would uninstall/remove these 3. The first one is a registry optimizer and we do not recommend those there. The other two are IOBit related programs. As for Net Command, I'd leave it, as I can't find anything that shows it's malicious. :)

Now, let's give the Hardware Tech's a look at your machine. Please follow the link below to go to the Hardware Forum. They will run some tests on your machine to check the hardware and they should be able to help you with the printer problem as well. :thumbsup:

Let them know you've had your machine cleared of malware, and if they ask, provide them with the link to this topic I've listed below.

Link to Hardware Forum: http://www.geekstogo...nd-peripherals/

Link to this topic: http://www.geekstogo...duita-and-more/
  • 0

#44
LESI

LESI

    Member

  • Topic Starter
  • Member
  • PipPip
  • 51 posts

Pystryker,

 

Thank you again.  I did remove those 3 programs as per your suggestion.  And now I've posted a new topic as per your instructions.

I'll keep you posted on my results.

 

Bless You,

and thank you for all your help...you're a Godsend,

LESI  :pepsi:


  • 0

#45
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Pystryker,
 
Thank you again.  I did remove those 3 programs as per your suggestion.  And now I've posted a new topic as per your instructions.

I'll keep you posted on my results.
 
Bless You,
and thank you for all your help...you're a Godsend,
LESI  :pepsi:


:) You're quite welcome, and thank you for your kind words. :) I'll be watching to see what they Hardware techs find out.

Safe surfing :wave:

pystryker
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP