Page 1 of 2 12 LastLast
Results 1 to 10 of 20
  1. #1
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default breakingnewsalert virus and no startupfolder

    I am trying to clean up a computer that had been used by a twelve year old child. I don’t want to do a complete system restore because the mother has numerous games installed. But I have 2 problems that basically make the computer unusable. It is running Vista. 32 bit.

    Repeated pop-up: “BreakingNewsAlert has stopped working”. It has a problem signature of CLR20r3.

    This does not appear as a program in MS Uninstall, Revo Uninstaller, Iobit Uninstaller, CCleaner Uninstaller or several others that I have tried. I installed the breakingnews.com web site and removed it with Revo but that didn’t help. The web site might not be related to the virus.

    I tried using Google search for a fix but most sites were just trying to sell their antivirus/antispyware programs. I tried numerous antivirus/antispyware programs to no avail. This included Avast, AdwCleaner, Iobit Malware Fighter, HitmanPro, Malwarebytes, MS Security Essentials, MS Malicious Software Removal Tool, PC Matic, RKill and several others that had free scans. Several of these I did in Safe Mode with Networking. None of these even found ‘breaking news alert’.

    I could not find anything with the foremost search programs but then I searched with Everything.com and. Agent Ransack. I found two registry entries for breaking news alert in each They are located in: C:\users\(user name)\AppData\Local. I deleted these entries but they keep coming back.

    I then used ProcessHacker and found two processes for ‘breaking news alert’. I terminated these processes and they also came back.
    They are located in C:\ProgramData\HAwOSUDcLhT\ UkFXfwBT.exe and hzbwVsbT.exe

    Then using the program Services Running (SeriWin) I found UkFXfwBT as a running service described as ‘BreakingNewsAlert Service’. I tried multiple times to change the status to Stop or change the Startup Type to Disabled, to no avail. It also sets a cookie when it runs.


    Problem 2. Repeated pop-up: “New automatic startup Program detected Windows Defender”. Same message for Microsoft Security Client and for Realtek HD Audio Manager. I can accept or reject and they keeps popping up. It seems that I may have lost my Startup folder. The Startup entry in the Quick Launch/Startup Menu List shows Empty. Therefore some programs that should start when the computer starts do not start, but rather, cause the message that they should be in the Startup process.
    However, both WinPatrol and CCleaner each show 6 programs in Startup.

    Oldray

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello,
    Can you download this and run it. Download it to the desktop only.. This is a diagnostics scan only.

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


    Joe

  3. #3
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    Joe,

    Thanks for you rapid response. The posts follow

  4. #4
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    Quote Originally Posted by zep516 View Post
    Hello,
    Can you download this and run it. Download it to the desktop only.. This is a diagnostics scan only.

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


    Joe

  5. #5
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    [QUOTE=oldray;478795]Joe,

    Thanks for you rapid response. The problems are on another computer but I ran the program and copied the logs to a flash drive. If I can paste them they follow. That looks like a lot of info to wade through.

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-02-2015
    Ran by Carol (administrator) on CAROLE-PC on 01-02-2015 16:08:01
    Running from C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NZ7ZIV4
    Loaded Profiles: Carol (Available profiles: Carol)
    Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
    Internet Explorer Version 9 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
    (Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
    (Intel Corporation) C:\WINDOWS\System32\igfxsrvc.exe
    (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
    () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    (Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
    (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
    (RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_svc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
    (RaMMicHaeL) C:\Program Files\Unchecky\bin\unchecky_bg.exe
    (Mathematical Applications) C:\ProgramData\HAwOSUDcLhY\UkFXfwBT.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    (CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
    ( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
    (IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe
    (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    () C:\Users\Carol\AppData\Roaming\U3\1233500A60D0CCD4\LaunchPad.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Adobe Systems Incorporated) C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_16_0_0_296_ActiveX.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
    HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-20] (AVAST Software)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10996368 2013-11-07] (Realtek Semiconductor)
    HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
    HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe [1154112 2014-07-20] (Ruiware LLC)
    HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\Run: [HP] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1804648 2011-06-08] (Hewlett-Packard Co.)
    HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\MountPoints2: {95f434a3-e27d-11e1-836a-001b24ddc92a} - F:\LaunchU3.exe -a
    HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\MountPoints2: {e7cd170b-a122-11e0-9501-001b24ddc92a} - G:\LaunchU3.exe -a
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
    ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
    ProxyServer: [.DEFAULT] => http=127.0.0.1:49211;https=127.0.0.1:49211
    ProxyServer: [S-1-5-21-1321581559-4142827132-2802677688-1000] => http=127.0.0.1:49211;https=127.0.0.1:49211
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    URLSearchHook: HKLM - (No Name) - {db35fda8-77e3-4784-92c2-ee7345e91af4} - No File
    SearchScopes: HKLM -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> No File
    BHO: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
    Toolbar: HKLM - No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000 -> No Name - {DB35FDA8-77E3-4784-92C2-EE7345E91AF4} - No File
    Toolbar: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    Toolbar: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000 -> No Name - {724D43A0-0D85-11D4-9908-00400523E39A} - No File
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://utilities.pcpitstop.com/Nirva...ls/pcmatic.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    Hosts: Hosts file not detected in the default directory
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{3CF90CF1-0C2B-4A3B-B5F9-BA35E7666F2A}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{84AD2C7B-28DD-4265-A8CB-1865F1231656}: [NameServer] 8.8.8.8
    Tcpip\..\Interfaces\{FA6F153E-3855-4877-889D-52EADC55466D}: [NameServer] 8.8.8.8,8.8.4.4

    FireFox:
    ========
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll No File
    FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
    FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll ()
    FF Plugin HKU\S-1-5-21-1321581559-4142827132-2802677688-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Carol\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin HKU\S-1-5-21-1321581559-4142827132-2802677688-1000: @talk.google.com/O1DPlugin -> C:\Users\Carol\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
    FF Plugin HKU\S-1-5-21-1321581559-4142827132-2802677688-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKU\S-1-5-21-1321581559-4142827132-2802677688-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Carol\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Carol\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
    FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
    FF Extension: SmartPrintButton - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2012-04-13]
    FF HKLM\...\Firefox\Extensions: [{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}] - C:\Program Files\V-bates\Firefox
    FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
    FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-01-15]
    FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-20]
    FF HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\Firefox\Extensions: [sp2@sp.com] - C:\Program Files\Social Privacy\FF

    Chrome:
    =======
    CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=M57198237-95A1-4863-B852-41BE2D4D1FE0&SearchSource=55&CUI=&UM=8&UP=SPF5124810-6D0A-4076-AD16-CD3A4BA5896A&SSPV=SP2200TA_sp_ch
    CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3324803&octid=EB_ORIGINAL_CTID&ISID=M57198237-95A1-4863-B852-41BE2D4D1FE0&SearchSource=55&CUI=&UM=8&UP=SPF5124810-6D0A-4076-AD16-CD3A4BA5896A&SSPV=SP2200TA_sp_ch"
    CHR DefaultSearchKeyword: Default -> trovi.search
    CHR DefaultSuggestURL: Default -> http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
    CHR Profile: C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-13]
    CHR Extension: (Avast SafePrice) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-30]
    CHR Extension: (Avira Browser Safety) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-04]
    CHR Extension: (Avast Online Security) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-30]
    CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-12-30]
    CHR Extension: (Google Wallet) - C:\Users\Carol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-18]
    CHR HKLM\...\Chrome\Extension: [bcfjehbfanfhgoehogmbiebedkidedjb] - C:\Users\Carol\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-20]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
    CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-20]
    CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.2.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [jhjjdgbhohaallcimgcmakfiobacimkm] - No Path
    CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-12-30]
    CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [Not Found]
    CHR HKLM\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - C:\ProgramData\adawaretb\toolbar\chrome\toolbar.crx [Not Found]

    Opera:
    =======
    OPR Extension: (Fraveen 1.4) - C:\Users\Carol\AppData\Roaming\Opera Software\Opera Stable\Extensions\albkjjcpjnleafcacecgjoaddehbojko [2014-06-24]
    OPR Extension: (video MediaPlayer) - C:\Users\Carol\AppData\Roaming\Opera Software\Opera Stable\Extensions\dnaojefanpmakfgcaliphepgoiiafmpf [2014-06-24]
    OPR Extension: (HQvidPv1.1) - C:\Users\Carol\AppData\Roaming\Opera Software\Opera Stable\Extensions\gngfnjclpjflgomhidfecidndbfaniak [2014-04-16]

    ========================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-20] (AVAST Software)
    R2 CLCapSvc; C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [262243 2007-04-23] () [File not signed]
    S2 CLSched; C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [106593 2007-04-23] () [File not signed]
    S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-01-06] (WildTangent)
    R2 HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984 2007-03-14] (Hewlett-Packard)
    R2 hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168 2006-05-02] (Hewlett-Packard Development Company, L.P.) [File not signed]
    S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
    R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-12-14] (Hewlett-Packard Company) [File not signed]
    S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2635552 2015-01-28] (IObit)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
    S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
    S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2007-02-12] (Sonic Solutions) [File not signed]
    R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
    R2 UkFXfwBT; C:\ProgramData\HAwOSUDcLhY\UkFXfwBT.exe [2735448 2015-01-15] (Mathematical Applications)
    R2 Unchecky; C:\Program Files\Unchecky\bin\unchecky_svc.exe [126568 2015-01-25] (RaMMicHaeL)
    S2 9e845eda; "C:\Windows\system32\rundll32.exe" "c:\Program Files\BocaGeneration\BocaGeneration.dll",serv
    S2 RtkAudioService; No ImagePath

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2015-01-20] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [73480 2015-01-20] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55240 2015-01-20] (AVAST Software)
    R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2015-01-20] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787800 2015-01-20] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423784 2015-01-20] (AVAST Software)
    R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57928 2015-01-20] (AVAST Software)
    R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [206248 2015-01-20] ()
    R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-06-16] (GFI Software)
    S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [35992 2015-01-25] ()
    R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2014-12-27] (REALiX(tm))
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-31] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
    R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2015-01-12] (Intel Corporation)
    R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2014-06-04] (IObit)
    S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
    S3 cleanhlp; \??\C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [X]
    U4 eabfiltr; No ImagePath
    S1 MpKsl1dd2c768; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD67F588-88D5-4741-A3B4-25E6A553A41A}\MpKsl1dd2c768.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-01 16:06 - 2015-02-01 16:08 - 00000000 ____D () C:\FRST
    2015-01-31 17:36 - 2015-01-31 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
    2015-01-31 17:36 - 2015-01-31 17:36 - 00000000 ____D () C:\Program Files\7-Zip
    2015-01-31 15:20 - 2015-01-31 15:20 - 00000991 _____ () C:\Users\Carol\Desktop\Quatro Pro Excell.lnk
    2015-01-31 15:13 - 2015-01-31 15:13 - 00000825 _____ () C:\Users\Carol\Desktop\AM-DeadLink.lnk
    2015-01-31 15:13 - 2015-01-31 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AM-DeadLink
    2015-01-31 15:13 - 2015-01-31 15:13 - 00000000 ____D () C:\Program Files\AM-DeadLink
    2015-01-31 12:55 - 2015-01-31 12:55 - 00000000 ____D () C:\Users\Carol\AppData\Local\BreakingNewsAlert
    2015-01-31 12:52 - 2015-01-31 12:52 - 00000913 _____ () C:\Users\Carol\Desktop\xplorer2_lite.exe - Shortcut.lnk
    2015-01-30 15:47 - 2015-01-30 15:47 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Mythicsoft
    2015-01-30 15:47 - 2015-01-30 15:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agent Ransack
    2015-01-30 15:47 - 2015-01-30 15:47 - 00000000 ____D () C:\Program Files\Agent Ransack
    2015-01-30 13:29 - 2015-01-30 13:29 - 00000871 _____ () C:\Users\Carol\Desktop\ProcessHacker.exe - Shortcut.lnk
    2015-01-29 16:02 - 2015-01-30 10:28 - 00000000 ____D () C:\ProgramData\PCPitstop
    2015-01-28 17:47 - 2015-01-28 17:47 - 00000000 ____D () C:\Users\Carol\Documents\Corel User Files
    2015-01-28 17:45 - 2015-01-28 17:45 - 00061678 _____ () C:\Users\Carol\AppData\Roaming\PFP120JPR.{PB
    2015-01-28 17:45 - 2015-01-28 17:45 - 00012358 _____ () C:\Users\Carol\AppData\Roaming\PFP120JCM.{PB
    2015-01-28 17:41 - 2015-01-28 17:41 - 00000911 _____ () C:\Users\Carol\Desktop\Word Perfect.lnk
    2015-01-28 17:34 - 2015-01-28 17:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
    2015-01-28 17:32 - 2015-01-28 17:33 - 00000000 ____D () C:\Program Files\WordPerfect Office 12
    2015-01-28 17:02 - 2015-01-28 17:02 - 00000000 ____D () C:\Users\Carol\AppData\Local\{38756EEA-6C4A-496A-913A-9233EB3925B5}
    2015-01-28 16:53 - 2015-01-31 18:00 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-01-28 16:52 - 2015-01-28 16:52 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-01-28 16:52 - 2015-01-28 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-01-28 16:51 - 2015-01-28 16:52 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
    2015-01-28 16:51 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-01-28 16:51 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-01-28 16:51 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-01-28 16:45 - 2015-01-28 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-01-28 15:32 - 2015-01-28 16:45 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
    2015-01-28 15:11 - 2015-01-28 15:11 - 00001045 _____ () C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
    2015-01-28 15:11 - 2015-01-28 15:11 - 00001021 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
    2015-01-28 14:27 - 2015-01-28 14:27 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
    2015-01-27 11:55 - 2015-01-27 11:55 - 00001878 _____ () C:\Users\Public\Desktop\Skype.lnk
    2015-01-27 11:55 - 2015-01-27 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2015-01-27 11:55 - 2015-01-27 11:55 - 00000000 ____D () C:\Program Files\Common Files\Skype
    2015-01-26 15:03 - 2015-01-26 15:03 - 00000000 ____D () C:\Users\Carol\AppData\Local\{DD72B6A3-F19B-44E3-900E-E51F078867E4}
    2015-01-25 17:28 - 2015-01-30 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
    2015-01-25 16:19 - 2015-01-25 16:19 - 00035992 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
    2015-01-25 14:46 - 2015-01-28 16:13 - 00002078 _____ () C:\Users\Carol\Desktop\Rkill.txt
    2015-01-25 13:35 - 2015-01-25 13:35 - 00000828 _____ () C:\Users\Carol\Desktop\TeamViewer.lnk
    2015-01-24 17:44 - 2015-01-24 17:44 - 00000000 ____D () C:\Users\Carol\AppData\Local\{31E6F4CD-E83C-40A8-80E3-5EBBFF98CB30}
    2015-01-24 17:31 - 2015-01-24 17:31 - 00000000 ____D () C:\Users\Carol\AppData\Local\{E3253356-6E14-492B-B151-34A9923EBCB5}
    2015-01-24 16:58 - 2015-01-24 16:58 - 00000776 _____ () C:\Users\Carol\Desktop\Serivices Running.lnk
    2015-01-24 16:55 - 2015-01-24 16:55 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Process Hacker 2
    2015-01-24 16:53 - 2015-01-28 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
    2015-01-24 16:53 - 2015-01-24 16:53 - 00000000 ____D () C:\Program Files\Process Hacker
    2015-01-24 16:28 - 2015-01-25 13:18 - 00000190 _____ () C:\Users\Carol\Desktop\SANDISK 8GB (I) - Shortcut.lnk
    2015-01-21 16:55 - 2015-01-21 16:55 - 00000000 ____D () C:\ProgramData\Auslogics
    2015-01-21 16:54 - 2015-01-21 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
    2015-01-21 16:54 - 2015-01-21 16:54 - 00000000 ____D () C:\Program Files\Duplicate File Finder
    2015-01-21 16:47 - 2015-01-21 16:47 - 00000000 ____D () C:\Users\Carol\AppData\Local\{94FD5AC4-4F50-42A0-8746-BCD61B01C92F}
    2015-01-20 15:31 - 2015-01-20 15:31 - 00000000 ____D () C:\Users\Carol\AppData\Local\{8C3A0316-B22C-484F-9FC3-BF05059E3E64}
    2015-01-20 14:00 - 2015-01-20 14:00 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\AstroGrep
    2015-01-20 11:37 - 2015-01-20 11:37 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\AVAST Software
    2015-01-20 11:34 - 2015-01-20 11:34 - 00001871 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2015-01-20 11:33 - 2015-01-20 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2015-01-20 11:32 - 2015-01-20 11:33 - 00000000 ____D () C:\ProgramData\Google
    2015-01-20 11:30 - 2015-01-20 11:33 - 00787800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
    2015-01-20 11:30 - 2015-01-20 11:33 - 00423784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
    2015-01-20 11:30 - 2015-01-20 11:33 - 00073480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
    2015-01-20 11:30 - 2015-01-20 11:30 - 00291352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
    2015-01-20 11:30 - 2015-01-20 11:30 - 00206248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
    2015-01-20 11:30 - 2015-01-20 11:30 - 00057928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
    2015-01-20 11:30 - 2015-01-20 11:30 - 00055240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
    2015-01-20 11:30 - 2015-01-20 11:30 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
    2015-01-20 11:30 - 2015-01-20 11:30 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
    2015-01-20 11:30 - 2015-01-20 11:30 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
    2015-01-20 11:27 - 2015-01-20 11:27 - 00000000 ____D () C:\Program Files\AVAST Software
    2015-01-19 17:39 - 2015-01-19 17:40 - 00000000 ____D () C:\Users\Carol\AppData\Local\{2ABFF9FD-9544-4A75-A509-6EEACA5D51D1}
    2015-01-19 17:38 - 2015-01-19 17:38 - 00000915 _____ () C:\Users\Carol\Desktop\Windows Live Mail.lnk
    2015-01-19 17:34 - 2015-01-19 17:34 - 00001037 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
    2015-01-19 17:32 - 2015-01-19 17:35 - 00000000 ____D () C:\Program Files\Windows Live
    2015-01-19 17:19 - 2015-01-31 10:22 - 00006482 _____ () C:\Windows\PFRO.log
    2015-01-19 16:49 - 2015-01-19 16:49 - 00000916 _____ () C:\Users\Carol\Desktop\Revo Uninstaller.lnk
    2015-01-19 11:14 - 2015-01-31 14:58 - 00001624 _____ () C:\Windows\setupact.log
    2015-01-19 11:14 - 2015-01-19 11:14 - 00000000 _____ () C:\Windows\setuperr.log
    2015-01-19 10:03 - 2015-01-19 10:04 - 00000000 ____D () C:\Users\Carol\AppData\Local\{EB3CBC75-4EB5-4CB5-BC61-5D65EDFD297C}
    2015-01-18 14:18 - 2015-01-18 14:18 - 00000840 _____ () C:\Users\Carol\Desktop\UltraSearch.lnk
    2015-01-18 12:41 - 2015-01-18 12:41 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
    2015-01-18 12:15 - 2015-01-18 12:15 - 00001732 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
    2015-01-18 12:15 - 2015-01-18 12:15 - 00000000 ____D () C:\Program Files\HitmanPro
    2015-01-18 11:26 - 2015-01-18 11:26 - 00000000 ____D () C:\ProgramData\Unchecky
    2015-01-18 11:14 - 2015-01-18 11:14 - 00000828 _____ () C:\Users\Public\Desktop\Unchecky.lnk
    2015-01-18 11:14 - 2015-01-18 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
    2015-01-18 11:14 - 2015-01-18 11:14 - 00000000 ____D () C:\Program Files\Unchecky
    2015-01-17 20:49 - 2015-01-17 20:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\{76546BF2-FBDA-4162-BF78-D12781E78EA4}
    2015-01-17 16:49 - 2015-01-17 17:06 - 00000000 ____D () C:\Users\Carol\AppData\Local\{7E43F534-1D3B-434E-BA4C-A4AAE1DEC53C}
    2015-01-17 16:49 - 2015-01-17 16:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\{015F3BE7-AC87-4DF8-B77C-44323EE754B5}
    2015-01-17 15:39 - 2015-01-17 15:39 - 00000913 _____ () C:\Users\Carol\Desktop\xplorer2_lite - Shortcut.lnk
    2015-01-17 15:32 - 2015-01-17 15:32 - 00000877 _____ () C:\Users\Carol\Desktop\Search Everything.lnk
    2015-01-17 12:33 - 2015-01-17 12:33 - 00001014 _____ () C:\Users\Carol\Desktop\TreeSize Free.lnk
    2015-01-17 12:33 - 2015-01-17 12:33 - 00000000 ____D () C:\Program Files\TreeSize Free
    2015-01-17 12:18 - 2015-01-21 16:49 - 00000510 _____ () C:\Users\Carol\Desktop\Program Files - Shortcut.lnk
    2015-01-17 12:18 - 2015-01-17 12:18 - 00000293 _____ () C:\Users\Carol\Desktop\Local Disk (C) - Shortcut.lnk
    2015-01-16 13:11 - 2015-01-16 13:11 - 00000000 ____D () C:\Users\Carole
    2015-01-16 11:58 - 2015-01-16 11:59 - 00000000 ____D () C:\Users\Carol\AppData\Local\{4F306951-6BB3-4DBB-8D2C-A04D18A321C7}
    2015-01-16 10:24 - 2015-01-16 10:24 - 00000000 ____D () C:\Users\Carol\AppData\Local\{74EAA98A-8C68-479A-9A95-B234BF25EF1D}
    2015-01-16 07:28 - 2015-01-18 14:18 - 00000000 ____D () C:\Program Files\UltraSearch
    2015-01-16 07:19 - 2015-01-31 17:39 - 00000000 ____D () C:\Program Files\Search Everything
    2015-01-16 06:23 - 2015-01-16 06:23 - 00000000 ____D () C:\Users\Carol\AppData\Local\{B0B39909-E102-41C9-9119-EF622A6E174E}
    2015-01-16 05:33 - 2015-01-17 13:55 - 00002198 _____ () C:\Windows\epplauncher.mif
    2015-01-16 05:31 - 2015-01-16 05:31 - 00000000 ____D () C:\Users\Carol\AppData\Local\{A58A0D1E-02D8-4138-806C-DAB4BF8F75BC}
    2015-01-16 05:23 - 2015-01-16 05:23 - 00000000 ____D () C:\Users\Carol\AppData\Local\{BE023A20-8758-4008-953A-E7DA1CCE7DDB}
    2015-01-15 17:49 - 2015-01-25 13:17 - 00000434 _____ () C:\Users\Carol\Desktop\Downloads.lnk
    2015-01-15 17:11 - 2015-01-16 05:48 - 00018872 _____ () C:\Windows\system32\Drivers\SPPD.sys
    2015-01-15 17:10 - 2015-01-15 17:59 - 00000000 ____D () C:\ProgramData\HAwOSUDcLhY
    2015-01-15 16:03 - 2015-01-16 15:25 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player
    2015-01-15 15:10 - 2015-01-16 05:33 - 00001826 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
    2015-01-15 15:09 - 2015-01-16 05:32 - 00000000 ____D () C:\Program Files\Microsoft Security Client
    2015-01-15 14:12 - 2015-01-15 14:12 - 00000768 _____ () C:\Users\Carol\Desktop\Contacts.lnk
    2015-01-15 13:59 - 2015-01-15 13:59 - 00000713 _____ () C:\Users\Carol\Desktop\Favorites.lnk
    2015-01-15 13:58 - 2015-01-15 13:58 - 00000713 _____ () C:\Users\Carol\Desktop\Documents.lnk
    2015-01-15 13:01 - 2015-01-15 13:02 - 00000000 ____D () C:\Users\Carol\AppData\Local\{19020E79-AB39-4DB0-BBF4-A91743265DC3}
    2015-01-15 10:15 - 2014-12-18 19:25 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
    2015-01-15 09:38 - 2014-12-05 22:14 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
    2015-01-15 09:38 - 2014-12-05 22:14 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
    2015-01-15 09:38 - 2014-12-05 22:14 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
    2015-01-15 09:38 - 2014-12-05 22:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
    2015-01-14 16:54 - 2015-01-14 16:54 - 00000000 ____D () C:\Users\Carol\AppData\Local\{75487B38-A4BB-45F6-A80C-F6247A657AB4}
    2015-01-14 15:14 - 2015-01-14 15:14 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2015-01-14 13:22 - 2015-01-14 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vz In-Home Agent
    2015-01-14 13:22 - 2015-01-14 13:22 - 00000000 ____D () C:\Program Files\Verizon
    2015-01-13 18:54 - 2015-01-16 16:23 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1
    2015-01-13 18:54 - 2015-01-16 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1
    2015-01-13 18:54 - 2010-05-21 12:11 - 01061888 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.exe
    2015-01-13 18:54 - 2010-05-21 12:11 - 00475648 _____ (J.C. Kessels) C:\Windows\system32\MyDefragScreenSaver_v4.3.1.scr
    2015-01-13 17:15 - 2015-01-14 12:00 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Systweak
    2015-01-13 16:36 - 2015-01-13 16:36 - 00017538 _____ () C:\Windows\system32\.crusader
    2015-01-13 15:48 - 2015-01-13 17:05 - 00000000 ____D () C:\ProgramData\HitmanPro
    2015-01-13 15:20 - 2015-01-13 15:20 - 00000000 ____D () C:\Users\Carol\AppData\Local\{66CCE26B-C089-414B-82B7-44D5BC12613D}
    2015-01-13 15:14 - 2015-01-13 15:14 - 00001035 _____ () C:\Users\Carol\Desktop\Gpoogle Chrome.lnk
    2015-01-13 14:51 - 2015-01-13 14:51 - 00000000 ____D () C:\Program Files\deoaLster
    2015-01-12 16:37 - 2009-02-26 11:04 - 00140288 _____ () C:\Windows\system32\igfxtvcx.dll
    2015-01-12 16:29 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
    2015-01-12 16:29 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
    2015-01-12 16:29 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
    2015-01-12 16:29 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
    2015-01-12 16:29 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
    2015-01-12 16:29 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
    2015-01-12 16:29 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
    2015-01-12 16:29 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
    2015-01-12 16:29 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
    2015-01-12 16:29 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
    2015-01-12 16:29 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
    2015-01-12 16:29 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
    2015-01-12 16:29 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
    2015-01-12 16:29 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
    2015-01-12 16:29 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
    2015-01-12 16:29 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
    2015-01-12 16:29 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
    2015-01-12 16:29 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
    2015-01-12 16:29 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
    2015-01-12 16:29 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
    2015-01-12 16:29 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
    2015-01-12 16:29 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
    2015-01-12 16:29 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
    2015-01-12 16:29 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
    2015-01-12 16:29 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
    2015-01-12 16:29 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
    2015-01-12 16:29 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
    2015-01-12 16:29 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
    2015-01-12 16:29 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
    2015-01-12 16:29 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
    2015-01-12 16:29 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
    2015-01-12 16:29 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
    2015-01-12 16:29 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
    2015-01-12 16:29 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
    2015-01-12 16:29 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
    2015-01-12 16:29 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
    2015-01-12 16:29 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
    2015-01-12 16:29 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
    2015-01-12 16:29 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
    2015-01-12 16:29 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
    2015-01-12 16:29 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
    2015-01-12 16:29 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
    2015-01-12 16:29 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
    2015-01-12 16:29 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
    2015-01-12 16:29 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
    2015-01-12 16:29 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
    2015-01-12 16:29 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
    2015-01-12 16:29 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
    2015-01-12 16:29 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
    2015-01-12 16:29 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
    2015-01-12 16:29 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
    2015-01-12 16:29 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
    2015-01-12 16:29 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
    2015-01-12 16:29 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
    2015-01-12 16:29 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
    2015-01-12 16:29 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
    2015-01-12 16:29 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
    2015-01-12 16:29 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
    2015-01-12 16:29 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
    2015-01-12 16:29 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
    2015-01-12 16:29 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
    2015-01-12 16:29 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
    2015-01-12 16:29 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
    2015-01-12 16:29 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
    2015-01-12 16:29 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
    2015-01-12 16:29 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
    2015-01-12 16:29 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
    2015-01-12 16:29 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
    2015-01-12 16:29 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
    2015-01-12 16:29 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
    2015-01-12 16:29 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
    2015-01-12 16:29 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
    2015-01-12 16:29 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
    2015-01-12 16:29 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
    2015-01-12 16:29 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
    2015-01-12 16:29 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
    2015-01-12 16:28 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
    2015-01-12 16:28 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
    2015-01-12 16:28 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
    2015-01-12 16:28 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
    2015-01-12 16:28 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
    2015-01-12 16:28 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
    2015-01-12 16:28 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
    2015-01-12 16:28 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
    2015-01-12 16:28 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
    2015-01-12 16:24 - 2015-01-12 16:24 - 00582872 _____ (Realtek ) C:\Windows\system32\Drivers\Rtlh86.sys
    2015-01-12 16:24 - 2015-01-12 16:24 - 00076872 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp32.dll
    2015-01-12 16:20 - 2015-01-12 16:20 - 02474200 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
    2015-01-12 16:18 - 2015-01-12 16:18 - 06639616 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwLv32.sys
    2015-01-12 16:18 - 2015-01-12 16:18 - 02756608 _____ (Intel Corporation) C:\Windows\system32\NETwLr32.dll
    2015-01-12 16:18 - 2015-01-12 16:18 - 00675840 _____ (Intel Corporation) C:\Windows\system32\NETwLc32.dll
    2015-01-12 16:16 - 2015-01-12 16:16 - 00172032 _____ (Ricoh Company,Ltd) C:\Windows\system32\rixdicon.dll
    2015-01-12 16:16 - 2015-01-12 16:16 - 00048128 _____ (REDC) C:\Windows\system32\Drivers\rimmptsk.sys
    2015-01-12 16:16 - 2015-01-12 16:16 - 00044544 _____ (REDC) C:\Windows\system32\Drivers\rimsptsk.sys
    2015-01-12 16:16 - 2015-01-12 16:16 - 00038400 _____ (REDC) C:\Windows\system32\Drivers\rixdptsk.sys
    2015-01-12 16:10 - 2015-01-12 16:10 - 08198680 _____ (Intel(R) Corporation) C:\Windows\system32\TVWSetup.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 05702656 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 04569088 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd32.sys
    2015-01-12 16:10 - 2015-01-12 16:10 - 04112384 _____ (Intel Corporation) C:\Windows\system32\ig4icd32.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 02674688 _____ (Intel Corporation) C:\Windows\system32\ig4dev32.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 02576384 _____ (Intel Corporation) C:\Windows\system32\igd10umd32.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 01498564 _____ () C:\Windows\system32\igkrng400.bin
    2015-01-12 16:10 - 2015-01-12 16:10 - 00668696 _____ (Intel Corporation) C:\Windows\system32\igfxcfg.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00310784 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00304640 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00303616 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00303104 _____ (Intel Corporation) C:\Windows\system32\igfxresp.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00299008 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00294912 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00291328 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00289280 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00288256 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00287744 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00282624 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00281088 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00280576 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00279552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00279040 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00277504 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00262656 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00252952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00252416 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00249856 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00206848 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00205312 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00200192 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00179712 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00178176 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
    2015-01-12 16:10 - 2015-01-12 16:10 - 00173592 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00173080 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00151552 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v1666.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00150552 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00141848 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
    2015-01-12 16:10 - 2015-01-12 16:10 - 00130048 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00119296 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
    2015-01-12 16:10 - 2015-01-12 16:10 - 00094208 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00059392 _____ (Intel Corporation) C:\Windows\system32\oemdspif.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00051712 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00039872 _____ () C:\Windows\system32\iglhxs32.vp
    2015-01-12 16:10 - 2015-01-12 16:10 - 00023552 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
    2015-01-12 16:10 - 2015-01-12 16:10 - 00002096 _____ () C:\Windows\system32\iglhxo32.vp
    2015-01-12 15:48 - 2015-01-12 15:48 - 00000000 ____D () C:\Program Files\Common Files\IObit
    2015-01-11 17:25 - 2015-01-11 17:25 - 00000000 __RSH () C:\MSDOS.SYS
    2015-01-11 17:25 - 2015-01-11 17:25 - 00000000 __RSH () C:\IO.SYS
    2015-01-09 19:00 - 2014-06-04 15:17 - 00109856 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll
    2015-01-09 19:00 - 2014-06-04 15:17 - 00031520 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
    2015-01-09 18:59 - 2014-06-04 15:17 - 00018624 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys
    2015-01-09 13:28 - 2015-01-09 13:50 - 00072704 _____ (Emsisoft GmbH) C:\Windows\system32\eamclean.exe
    2015-01-09 13:28 - 2015-01-09 13:50 - 00000654 _____ () C:\Windows\system32\eamclean.dat
    2015-01-09 13:22 - 2015-01-09 13:22 - 00000822 _____ () C:\Users\Public\Desktop\WOLFCODERS ScreenSnag.lnk
    2015-01-09 13:17 - 2015-01-09 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenSnag WOLFCODERS
    2015-01-09 13:17 - 2015-01-09 13:22 - 00000000 ____D () C:\Program Files\ScreenSnag WOLFCODER
    2015-01-08 18:55 - 2015-01-08 18:55 - 00000000 ____D () C:\ProgramData\Emsisoft
    2015-01-08 15:31 - 2015-01-14 12:20 - 00000000 ____D () C:\Program Files\Belarc
    2015-01-07 16:22 - 2015-01-20 11:27 - 00000000 ____D () C:\ProgramData\AVAST Software
    2015-01-07 13:01 - 2015-01-07 13:01 - 00000639 _____ () C:\Users\Carol\Desktop\PopCap Games.lnk
    2015-01-07 12:58 - 2015-01-07 12:58 - 00000600 _____ () C:\Users\Carol\Desktop\Skype.lnk
    2015-01-06 17:41 - 2015-01-06 17:41 - 00000000 ____D () C:\Users\Carol\AppData\Local\{205E7F78-E0A8-4A0A-8B1F-9BE051E6F3D0}
    2015-01-06 15:41 - 2015-01-31 12:56 - 00000000 ____D () C:\Users\Carol\AppData\Local\Windows Live Writer
    2015-01-06 15:41 - 2015-01-15 13:26 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Windows Live Writer
    2015-01-06 15:41 - 2015-01-06 15:42 - 00000000 ____D () C:\Users\Carol\AppData\Local\{B0289CCC-F950-4C43-8F95-0061DFA4423B}
    2015-01-06 14:18 - 2015-01-15 13:31 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\TeamViewer
    2015-01-06 11:58 - 2015-01-06 11:58 - 00000000 ____D () C:\Users\Carol\AppData\Local\WOLFCODERS
    2015-01-06 11:58 - 2015-01-06 11:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WOLFCODERS ScreenSnag
    2015-01-06 11:58 - 2015-01-06 11:58 - 00000000 ____D () C:\Program Files\WOLFCODERS ScreenSnag
    2015-01-06 11:51 - 2015-01-07 15:28 - 00000000 ____D () C:\Program Files\TeamViewer
    2015-01-05 17:00 - 2015-01-17 15:29 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\JAM Software
    2015-01-05 14:24 - 2015-01-13 14:20 - 00000000 ____D () C:\Users\Carol\AppData\Local\AdFender
    2015-01-04 15:46 - 2015-01-04 15:48 - 43851776 _____ () C:\Windows\system32\config\components.jv16pt_bak
    2015-01-04 15:25 - 2015-01-04 15:25 - 00000024 ___SH () C:\Users\Carol\AppData\Roaming\System5908ConfigCollection.dat
    2015-01-04 15:25 - 2015-01-04 15:25 - 00000024 ___SH () C:\Users\Carol\AppData\Roaming\1D959CA221C7573.sys
    2015-01-04 14:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
    2015-01-04 14:55 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
    2015-01-04 14:55 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
    2015-01-04 14:55 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
    2015-01-04 14:49 - 2015-01-04 14:49 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Origin
    2015-01-04 14:49 - 2015-01-04 14:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\Origin
    2015-01-04 14:45 - 2015-01-04 15:17 - 00000000 ____D () C:\ProgramData\Origin
    2015-01-04 14:45 - 2015-01-04 14:45 - 00000776 _____ () C:\Users\Public\Desktop\Origin Games.lnk
    2015-01-04 14:45 - 2015-01-04 14:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
    2015-01-04 14:44 - 2015-01-06 16:56 - 00000000 ____D () C:\Program Files\Origin
    2015-01-03 14:42 - 2015-01-17 16:49 - 00000000 ____D () C:\Users\Carol\AppData\Local\Windows Live
    2015-01-03 14:42 - 2015-01-14 15:31 - 00000000 ____D () C:\Program Files\Common Files\Windows Live
    2015-01-03 14:42 - 2009-08-04 03:02 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
    2015-01-03 14:37 - 2015-01-12 16:10 - 00997912 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
    2015-01-03 14:36 - 2015-01-03 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
    2015-01-03 14:35 - 2015-01-03 14:35 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
    2015-01-03 14:35 - 2009-04-29 07:46 - 00015872 _____ (Hewlett-Packard Development Company, L.P.) C:\Windows\system32\Drivers\HpqKbFiltr.sys
    2015-01-03 14:35 - 2006-11-02 06:09 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01005.dll
    2015-01-03 14:34 - 2015-01-03 14:34 - 00000000 ____D () C:\Windows\QLB
    2015-01-03 13:16 - 2015-01-03 13:16 - 00004718 _____ () C:\Windows\system32\ScanResults.xml
    2015-01-03 13:13 - 2015-01-03 13:13 - 00000464 _____ () C:\Windows\system32\ScannerSettings

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2015-02-01 15:51 - 2010-04-13 22:17 - 01368946 _____ () C:\Windows\WindowsUpdate.log
    2015-02-01 15:45 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    2015-02-01 15:45 - 2006-11-02 07:47 - 00003168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    2015-02-01 15:16 - 2013-01-09 18:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-02-01 09:46 - 2010-04-13 21:19 - 00000149 _____ () C:\Users\Public\Documents\hpqp.ini
    2015-02-01 09:45 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2015-01-31 18:03 - 2006-11-02 08:01 - 00032600 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
    2015-01-30 15:05 - 2010-04-13 21:45 - 00000000 ____D () C:\Windows\SMINST
    2015-01-30 15:04 - 2014-12-27 11:53 - 00000000 ____D () C:\ProgramData\InstallMate
    2015-01-30 10:33 - 2014-06-25 13:26 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2015-01-29 16:07 - 2012-08-10 14:18 - 00001356 _____ () C:\Users\Carol\AppData\Local\d3d9caps.dat
    2015-01-29 14:07 - 2011-06-27 20:43 - 00142776 _____ () C:\Users\Carol\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-01-29 14:04 - 2006-11-02 07:47 - 00510376 _____ () C:\Windows\system32\FNTCACHE.DAT
    2015-01-28 17:45 - 2012-06-07 19:15 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Corel
    2015-01-28 17:35 - 2010-04-13 20:43 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
    2015-01-28 17:33 - 2010-04-13 20:43 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
    2015-01-28 17:33 - 2006-11-02 07:37 - 00000000 ____D () C:\Windows\ShellNew
    2015-01-28 17:32 - 2011-06-30 12:50 - 00000000 ____D () C:\Program Files\Common Files\Corel
    2015-01-28 16:45 - 2012-08-09 19:15 - 00000000 ____D () C:\Program Files\CCleaner
    2015-01-28 14:38 - 2006-11-02 07:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
    2015-01-28 10:59 - 2012-02-21 18:18 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Skype
    2015-01-28 10:34 - 2011-06-27 20:33 - 00000000 ____D () C:\Users\Carol
    2015-01-27 17:40 - 2010-04-13 20:31 - 00000000 ____D () C:\Windows\system32\RTCOM
    2015-01-27 17:30 - 2010-04-13 21:42 - 00000000 ____D () C:\Program Files\Realtek
    2015-01-27 17:27 - 2010-04-13 21:42 - 00319456 _____ (Microsoft Corporation) C:\Windows\DIFxAPI.dll
    2015-01-27 11:56 - 2012-02-21 18:18 - 00000000 ____D () C:\ProgramData\Skype
    2015-01-27 11:55 - 2012-02-21 18:18 - 00000000 ___RD () C:\Program Files\Skype
    2015-01-26 16:17 - 2013-01-09 18:39 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-01-26 16:17 - 2011-07-02 10:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-01-25 16:58 - 2014-12-27 13:58 - 00000000 ____D () C:\ProgramData\ProductData
    2015-01-21 16:51 - 2014-12-27 10:16 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\U3
    2015-01-21 14:39 - 2006-11-02 07:37 - 00000000 ____D () C:\Program Files\Windows Defender
    2015-01-20 12:17 - 2014-07-30 18:34 - 00000000 ____D () C:\Users\Carol\AppData\Local\WeatherBug
    2015-01-20 11:43 - 2012-08-09 12:43 - 00000000 ____D () C:\Users\Carol\AppData\Local\Google
    2015-01-20 11:32 - 2012-08-09 12:42 - 00000000 ____D () C:\Program Files\Google
    2015-01-19 17:31 - 2006-11-02 06:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
    2015-01-19 16:50 - 2006-11-02 05:33 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
    2015-01-19 16:33 - 2011-06-30 10:40 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\Verizon
    2015-01-19 13:27 - 2013-07-09 17:54 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\IObit
    2015-01-17 17:11 - 2013-07-09 17:54 - 00000000 ____D () C:\ProgramData\IObit
    2015-01-16 16:44 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
    2015-01-16 15:25 - 2014-12-27 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xplorer2 lite
    2015-01-16 14:36 - 2012-06-07 19:15 - 00000952 ___SH () C:\ProgramData\KGyGaAvL.sys
    2015-01-16 11:50 - 2014-12-27 16:15 - 00000000 ____D () C:\Program Files\WajaInternetEnhance
    2015-01-16 05:57 - 2014-12-30 15:32 - 00000000 ____D () C:\Program Files\WhatsRunning
    2015-01-15 13:31 - 2011-06-30 09:41 - 00000000 ____D () C:\Windows\Minidump
    2015-01-15 12:58 - 2011-08-03 11:23 - 00102248 _____ () C:\Users\Carol\GoToAssistDownloadHelper.exe
    2015-01-15 12:58 - 2011-08-03 11:23 - 00000000 ____D () C:\Users\Carol\AppData\Local\Deployment
    2015-01-15 10:15 - 2013-08-14 18:23 - 00000000 ____D () C:\Windows\system32\MRT
    2015-01-14 15:14 - 2011-06-27 20:43 - 00000949 _____ () C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2015-01-14 15:14 - 2011-06-27 20:42 - 00000915 _____ () C:\Users\Carol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
    2015-01-13 15:32 - 2014-06-27 11:28 - 00000000 ____D () C:\Users\Carol\AppData\Local\SevereWeatherAlerts
    2015-01-13 14:44 - 2013-07-09 17:54 - 00000000 ____D () C:\Program Files\IObit
    2015-01-12 16:37 - 2011-06-30 09:48 - 00000000 ____D () C:\Program Files\Intel
    2015-01-12 16:24 - 2013-11-07 08:36 - 00100896 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst32.dll
    2015-01-12 16:10 - 2010-04-13 20:09 - 03821568 _____ (Intel Corporation) C:\Windows\system32\igdumd32.dll
    2015-01-12 16:10 - 2010-04-13 20:09 - 00257536 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
    2015-01-12 16:10 - 2010-04-13 20:09 - 00210432 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
    2015-01-12 16:10 - 2008-02-11 18:46 - 00275968 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
    2015-01-12 16:02 - 2010-04-13 20:10 - 00000000 ____D () C:\Windows\panther
    2015-01-09 17:50 - 2014-06-18 11:34 - 00290304 _____ (Microsoft Corporation) C:\Windows\system32\subinacl.exe
    2015-01-09 13:25 - 2014-04-11 12:23 - 00000000 ____D () C:\Users\Carol\AppData\Local\WeatherAlerts
    2015-01-07 16:19 - 2014-12-27 13:50 - 00000000 ____D () C:\Program Files\xplorer2_lite Zabcat
    2015-01-07 13:52 - 2014-12-27 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WajaInternetEnhance
    2015-01-07 12:47 - 2013-06-16 08:10 - 00000467 _____ () C:\prefs.js
    2015-01-07 00:30 - 2011-06-27 21:34 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
    2015-01-06 23:34 - 2006-11-02 05:22 - 60030976 _____ () C:\Windows\system32\config\software_previous
    2015-01-06 23:34 - 2006-11-02 05:22 - 13369344 _____ () C:\Windows\system32\config\system_previous
    2015-01-06 23:33 - 2014-12-27 15:26 - 00000000 ____D () C:\Users\Carol\AppData\Roaming\ProductData
    2015-01-06 23:33 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\system32\spool
    2015-01-06 23:33 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\registration
    2015-01-06 23:27 - 2006-11-02 05:22 - 00057344 _____ () C:\Windows\system32\config\sam_previous
    2015-01-06 23:27 - 2006-11-02 05:22 - 00024576 _____ () C:\Windows\system32\config\security_previous
    2015-01-06 20:24 - 2006-11-02 05:22 - 44040192 _____ () C:\Windows\system32\config\components_previous
    2015-01-06 20:24 - 2006-11-02 05:22 - 00212992 _____ () C:\Windows\system32\config\default_previous
    2015-01-06 14:21 - 2012-10-01 09:06 - 00000000 ____D () C:\Program Files\WildTangent Games
    2015-01-05 14:26 - 2011-07-01 12:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2015-01-05 11:58 - 2014-06-18 13:24 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000UA.job
    2015-01-05 11:58 - 2014-06-18 13:24 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000Core.job
    2015-01-05 11:58 - 2012-08-09 12:44 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-01-05 11:58 - 2012-08-09 12:44 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-01-05 09:48 - 2006-11-02 05:22 - 20709376 _____ () C:\Windows\system32\config\system.jv16pt_bak2
    2015-01-05 09:48 - 2006-11-02 05:22 - 00262144 _____ () C:\Windows\system32\config\default.jv16pt_bak2
    2015-01-04 18:32 - 2014-06-24 11:26 - 00000000 ____D () C:\Program Files\video MediaPlayer
    2015-01-04 15:38 - 2013-11-28 21:44 - 00000000 ____D () C:\temp
    2015-01-04 14:45 - 2014-06-27 10:15 - 00000000 ____D () C:\ProgramData\Electronic Arts
    2015-01-04 14:44 - 2014-06-27 08:58 - 00000000 ____D () C:\Program Files\Electronic Arts
    2015-01-03 15:09 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\rescache

    ==================== Files in the root of some directories =======

    2015-01-04 15:25 - 2015-01-04 15:25 - 0000024 ___SH () C:\Users\Carol\AppData\Roaming\1D959CA221C7573.sys
    2015-01-28 17:45 - 2015-01-28 17:45 - 0012358 _____ () C:\Users\Carol\AppData\Roaming\PFP120JCM.{PB
    2015-01-28 17:45 - 2015-01-28 17:45 - 0061678 _____ () C:\Users\Carol\AppData\Roaming\PFP120JPR.{PB
    2015-01-04 15:25 - 2015-01-04 15:25 - 0000024 ___SH () C:\Users\Carol\AppData\Roaming\System5908ConfigCollection.dat
    2011-06-28 21:16 - 2011-06-28 21:16 - 0024206 _____ () C:\Users\Carol\AppData\Roaming\UserTile.png
    2013-12-23 23:34 - 2014-03-23 02:02 - 0000106 _____ () C:\Users\Carol\AppData\Roaming\WB.CFG
    2011-06-27 20:43 - 2011-06-27 20:43 - 0000000 _____ () C:\Users\Carol\AppData\Local\AtStart.txt
    2014-07-30 18:36 - 2014-12-27 16:08 - 1331200 _____ () C:\Users\Carol\AppData\Local\ChromeHitoryDB
    2012-08-10 14:18 - 2015-01-29 16:07 - 0001356 _____ () C:\Users\Carol\AppData\Local\d3d9caps.dat
    2011-06-30 10:41 - 2013-09-23 18:27 - 0007168 _____ () C:\Users\Carol\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2011-06-27 20:43 - 2011-06-27 20:43 - 0000000 _____ () C:\Users\Carol\AppData\Local\DSwitch.txt
    2011-06-27 20:43 - 2011-06-27 20:43 - 0000000 _____ () C:\Users\Carol\AppData\Local\QSwitch.txt
    2012-04-13 15:25 - 2012-04-13 15:25 - 0000057 _____ () C:\ProgramData\Ament.ini
    2012-06-07 19:15 - 2015-01-16 14:36 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
    2013-11-28 22:11 - 2013-11-28 22:11 - 0000000 _____ () C:\ProgramData\spds90.txt

    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-02-01 09:54

    ==================== End Of Log ============================


    Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-02-2015
    Ran by Carol at 2015-02-01 16:10:54
    Running from C:\Users\Carol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3NZ7ZIV4
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.38 beta (HKLM\...\7-Zip) (Version: - )
    Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
    Agent Ransack (HKLM\...\{8B51F879-18C4-4C37-8D2B-E340AEE7AACB}) (Version: 7.0.828.1 - Mythicsoft Ltd)
    AM-DeadLink 4.6 (HKLM\...\aignesamdeadlink_is1) (Version: 4.6 - WebSite-Watcher - Software to check websites for updates and changes (web page monitoring))
    Auslogics Duplicate File Finder (HKLM\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 4.1.0.0 - Auslogics Labs Pty Ltd)
    Avast Free Antivirus (HKLM\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Bejeweled Deluxe 1.87 (HKLM\...\Bejeweled Deluxe 1.87) (Version: - )
    Bookworm Deluxe 1.13 (HKLM\...\Bookworm Deluxe 1.13) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    eGames GameButler (HKLM\...\eGames GameButler) (Version: - )
    ESU for Microsoft Vista (HKLM\...\{1517A7CB-5F00-4A88-8F06-E89B6DB63784}) (Version: 2.0.3.1 - Hewlett-Packard)
    Gem Shop (remove only) (HKLM\...\Gem Shop) (Version: - )
    Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Hewlett-Packard Active Check (Version: 1.1.7.0 - Hewlett-Packard) Hidden
    HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.234 - SurfRight B.V.)
    HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2278 - Hewlett-Packard)
    HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{AE47EB5B-1789-4480-AD6D-7753473E9DDE}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
    HP Deskjet 3050A J611 series Help (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
    HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{E9652A2B-6547-4CA7-A06B-1365FE264B7D}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
    HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.01.0005 - Hewlett-Packard)
    HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2279 - Hewlett-Packard)
    HP Help and Support (HKLM\...\{9061CEF2-51F5-42C9-8A70-9ED351C6597A}) (Version: 1.1.0 - Hewlett-Packard)
    HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
    HP Photosmart Essential 2.0 (HKLM\...\HP Photosmart Essential) (Version: 2.0 - HP)
    HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
    HP QuickPlay 3.2 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
    HP Total Care Advisor (HKLM\...\{F6B29003-A078-4491-AFBE-62EFB6CFFE19}) (Version: 1.1.19 - Hewlett-Packard)
    HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
    HP User Guides 0057 (HKLM\...\{DDFD9BA2-8E26-4E49-92AE-882424DAB1BC}) (Version: 1.03.0000 - Hewlett-Packard)
    HPAsset component for HP Active Support Library (Version: 3.0.0.3 - Hewlett-Packard) Hidden
    HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
    Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
    Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
    IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 4.2.6.1 - IObit)
    Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Level Quality Watcher (Version: 1.0.0.0 - Adpeak, Inc.) Hidden <==== ATTENTION
    LightScribe 1.4.136.1 (Version: 1.4.136.1 - http://www.lightscribe.com) Hidden
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Mary Kay Andrews - The Fixer Upper (Version: 2.2.0.95 - WildTangent) Hidden
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
    Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
    MSCU for Microsoft Vista (HKLM\...\{3FFB3B34-D639-4384-9AE9-DDE58430D86F}) (Version: 1.0.1.1 - Hewlett-Packard)
    MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
    My HP Games (HKLM\...\WildTangent hplaptop Master Uninstall) (Version: HPLAP0503 - WildTangent)
    MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)
    Mystery P.I. - The New York Fortune (Version: 2.2.0.97 - WildTangent) Hidden
    Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
    Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)
    PSSWCORE (Version: 2.00.5000 - Hewlett-Packard) Hidden
    Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
    Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
    Rhapsody (HKLM\...\Rhapsody) (Version: - )
    Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
    Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
    Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
    Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
    Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
    Roxio MyDVD Basic v9 (HKLM\...\{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}) (Version: 9.0.551 - Roxio)
    Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
    Severe Weather Alerts (HKU\S-1-5-21-1321581559-4142827132-2802677688-1000\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC) <==== ATTENTION
    Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.10.9560 - Skype Technologies S.A.)
    Skype™ 6.22 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.105 - Skype Technologies S.A.)
    Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
    TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
    The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.632 - Electronic Arts)
    TreeSize Free V3.2 (HKLM\...\TreeSize Free_is1) (Version: 3.2 - JAM Software)
    UltraSearch V2.0 (HKLM\...\UltraSearch_is1) (Version: 2.0 - JAM Software)
    Unchecky v0.3.6 (HKLM\...\Unchecky) (Version: 0.3.6 - RaMMicHaeL)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
    Virtual Families 2 (Version: 3.0.2.48 - WildTangent) Hidden
    Vz In-Home Agent (HKLM\...\VzInHomeAgent) (Version: 9.0.68.0 - Verizon)
    WildTangent Games (HKLM\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
    WildTangent Games App for HP (Version: 4.0.11.2 - WildTangent) Hidden
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
    WOLFCODERS ScreenSnag (HKLM\...\{481875AB-8D00-46D0-92E2-27BB13B20975}_is1) (Version: - WOLFCODERS)
    WordPerfect Lightning - IPM (Version: 1.0 - Corel Corporation) Hidden
    WordPerfect Lightning - Messages (Version: 1.0 - Corel Corporation) Hidden
    WordPerfect Lightning - MSOM (Version: 1.1 - Corel Corporation) Hidden
    WordPerfect Lightning (Version: 2.0 - Corel Corporation) Hidden
    WordPerfect Office 12 (HKLM\...\{AF19F291-F22F-4798-9662-525305AE9E48}) (Version: 12.0.0.238 - Corel Corporation)
    WordPerfect Office X5 - Common (Version: 15.1 - Corel Corporation) Hidden
    Wordperfect Office X5 - EN (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Filters (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Graphics (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - IPM (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - LegalTools (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Migration Manager (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Oxford (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - PerfectExperts EN (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - PR (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - QP (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Setup Files (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Sharepoint (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - Skins (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - System EN (Version: 15.0 - Corel Corporation) Hidden
    WordPerfect Office X5 - Templates (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - WP (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 - WT (Version: 15.1 - Corel Corporation) Hidden
    WordPerfect Office X5 (Version: 15.1 - Corel Corporation) Hidden
    xplorer² lite 32 bit (HKLM\...\xplorer2l) (Version: 2.5.0.4 - Zabkat)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-1321581559-4142827132-2802677688-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Carol\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)

    ==================== Restore Points =========================

    19-01-2015 16:58:52 Windows Live Essentials
    19-01-2015 17:30:43 Windows Live Essentials
    20-01-2015 11:14:31 Windows Update
    20-01-2015 11:27:18 avast! antivirus system restore point
    20-01-2015 11:53:24 Revo Uninstaller's restore point - WeatherBug
    20-01-2015 12:11:30 Revo Uninstaller's restore point - WeatherBug
    20-01-2015 12:12:34 Revo Uninstaller's restore point - WeatherBug
    21-01-2015 11:08:00 Scheduled Checkpoint
    22-01-2015 13:34:53 Scheduled Checkpoint
    23-01-2015 12:01:41 Scheduled Checkpoint
    24-01-2015 14:26:21 Scheduled Checkpoint
    24-01-2015 17:43:56 Revo Uninstaller's restore point - WinPatrol
    24-01-2015 18:07:31 Windows Update
    27-01-2015 17:27:12 Removed Realtek High Definition Audio Driver
    28-01-2015 10:45:42 Windows Update
    28-01-2015 17:28:58 Installed WordPerfect Office 12
    30-01-2015 15:45:44 Installed Agent Ransack

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0FCCDB10-C5FE-4CBE-8362-A674AFF87620} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2011-06-08] (Hewlett-Packard Co.)
    Task: {132EE7C5-A83A-4871-B9CA-520B3F7A80D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-09] (Google Inc.)
    Task: {1603C2CD-F765-458F-8B99-7493829B0879} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-20] (AVAST Software)
    Task: {26ACA280-EE69-432E-BBB5-8E030BC41FB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000UA => C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-18] (Google Inc.)
    Task: {2FB484A6-5F92-4DBF-A5A6-CDA1FCEB1798} - System32\Tasks\HP Health Check => C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-03-12] (Hewlett-Packard)
    Task: {448EDA3D-1F6E-4328-900D-F74DE7B0DD31} - System32\Tasks\{70F3233F-2081-4EAD-9E4C-2BED371D469C} => Iexplore.exe Download Skype for Desktop
    Task: {4FFD04F9-F556-4DC8-93AB-036B4D795D5C} - System32\Tasks\Driver Booster SkipUAC (Carol) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
    Task: {506C608D-4969-44A6-A901-C48309307308} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
    Task: {634D5CD4-F8A1-40FD-AF6B-1A2439043D91} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMOMHMHMOMJJNJMMPMCNKMOMGMMMCNLMLJMMMMCNGMJMPMNMCNGMKMLMJMIMHMGMPMMJNMGMPMJNJICMIMCNGMCNNMFMGMCNPMCNHMOMOMNMFMJMCNPMCNJMPMPMNMCNNMJNPICMPMFMFMHMJNHICMGJMIPMPMOMJNBJCMMLOJNIAJDJJNKJCMJNNICMJNDJCMKJBJ"
    Task: {653E05DF-2749-4B99-A585-241DD8D828A0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-26] (Adobe Systems Incorporated)
    Task: {8AD981C1-1CE4-4A52-ADEE-DDC130BB3636} - System32\Tasks
    Task: {98917558-12A9-457F-959E-1EEF792CABB0} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\Smart Defrag 3\SmartDefrag.exe
    Task: {9D0C1B07-7D98-4600-B8B4-9F352D5A8BDE} - System32\Tasks
    Task: {AD798943-91C9-4A7E-841A-347A6A5A5A4B} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\Smart Defrag 3\AutoUpdate.exe
    Task: {BBF97A72-7998-404D-A858-ECEE33110B6A} - System32\Tasks\{E53DE18D-4BD2-4485-8622-8DA0CE529743} => Iexplore.exe Download Skype for Desktop
    Task: {CF3619D0-C837-4680-B695-F150FDE0FAC0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000Core => C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe [2014-06-18] (Google Inc.)
    Task: {DE51A12E-B0E4-4029-80CD-7FCB003049CC} - System32\Tasks\Uninstaller_SkipUac_Carol => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-28] (IObit)
    Task: {E07B6D13-FE96-4D7C-A8C3-2AF541708A25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-09] (Google Inc.)
    Task: {E6D9B04D-D104-44F5-9B98-14FD1D23F91A} - System32\Tasks\{A1356310-85C0-457B-83D2-C06DBD1264A4} => Iexplore.exe Download Skype for Desktop
    Task: {EEE82B97-E082-4FE1-9FB8-639C2E4F1E11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000Core.job => C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1321581559-4142827132-2802677688-1000UA.job => C:\Users\Carol\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files\TuneUp Utilities 2014\OneClick.exe

    ==================== Loaded Modules (whitelisted) =============

    2015-02-01 15:44 - 2015-02-01 15:44 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15020101\algo.dll
    2015-01-20 11:30 - 2015-01-20 11:30 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2010-04-13 21:19 - 2007-04-23 20:11 - 00262243 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
    2010-04-13 21:19 - 2007-04-23 20:11 - 00237673 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
    2010-04-13 21:19 - 2007-04-23 20:11 - 00032768 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
    2011-06-08 16:57 - 2011-06-08 16:57 - 01929576 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
    2015-01-25 14:41 - 2015-01-25 14:41 - 00058880 _____ () C:\Program Files\Unchecky\bin\collector.dll
    2010-04-13 21:19 - 2007-04-23 20:11 - 00114787 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
    2010-04-13 21:19 - 2007-04-23 20:11 - 00339968 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
    2014-12-28 16:04 - 2014-12-28 16:04 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\06d655ee105502e92feac763c5e9eee7\IsdiInterop.ni.dll
    2011-06-30 09:50 - 2010-11-05 22:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
    2008-05-04 16:02 - 2008-05-04 16:02 - 04603904 _____ () C:\Users\Carol\AppData\Roaming\U3\1233500A60D0CCD4\LaunchPad.exe
    2007-10-23 09:23 - 2007-10-23 09:23 - 02600960 _____ () C:\Users\Carol\AppData\Roaming\U3\1233500A60D0CCD4\u3dapi10.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:373E1720
    AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
    AlternateDataStreams: C:\ProgramData\TEMP:AD022376
    AlternateDataStreams: C:\Users\Carol\Documents\not the best news.eml:OECustomProperty

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-1321581559-4142827132-2802677688-500 - Administrator - Disabled)
    Carol (S-1-5-21-1321581559-4142827132-2802677688-1000 - Administrator - Enabled) => C:\Users\Carol
    Guest (S-1-5-21-1321581559-4142827132-2802677688-501 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Microsoft ISATAP Adapter #2
    Description: Microsoft ISATAP Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
    Resolution: Update the driver


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (02/01/2015 10:59:41 AM) (Source: SideBySide) (EventID: 33) (User: )
    Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
    Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
    Please use sxstrace.exe for detailed diagnosis.

    Error: (01/30/2015 03:05:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:36 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\LANGUAGES> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\JS> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:35 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:34 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\WHITE-ON-BLACK> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)

    Error: (01/30/2015 03:05:33 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
    Description: The entry <C:\USERS\CAROL\APPDATA\LOCAL\SKYPE\APPS\LOGIN\IMAGES\RETINA> in the hash map cannot be updated.

    Context: Application, SystemIndex Catalog


    Details:
    A device attached to the system is not functioning. (0x8007001f)


    System errors:
    =============
    Error: (02/01/2015 02:48:22 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.191.3639.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (02/01/2015 09:56:11 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
    Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.191.3639.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.6.0305.00

    Source Path: 4.6.0305.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

    Error: (02/01/2015 09:48:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: CyberLink Task Scheduler (CTS)CyberLink Background Capture Service (CBCS)%%1070

    Error: (02/01/2015 09:48:30 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Diagnostic System Host

    Error: (02/01/2015 09:48:28 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: CyberLink Background Capture Service (CBCS)

    Error: (02/01/2015 09:46:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: 30000BocaGeneration

    Error: (02/01/2015 09:46:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Parallel port driver%%1058

    Error: (02/01/2015 09:46:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: Realtek Audio Service%%3

    Error: (01/31/2015 10:25:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
    Description: CyberLink Task Scheduler (CTS)CyberLink Background Capture Service (CBCS)%%1070

    Error: (01/31/2015 10:25:55 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: Diagnostic System Host


    Microsoft Office Sessions:
    =========================

    CodeIntegrity Errors:
    ===================================
    Date: 2015-02-01 16:10:29.214
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:28.444
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:27.554
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:26.784
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:25.184
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:24.274
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:22.944
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-02-01 16:10:22.074
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-29 14:46:47.959
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

    Date: 2015-01-29 14:46:47.725
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  6. #6
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    Joe,

    I have Team Viewer installed on that PC. If you have that free program I can give you the code for that computer and you can directly access it.

    oldray

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Hello,

    You have 2 Anti Virus programs running

    1 Avast
    2 Microsoft security Essentials

    This is problematic. Please uninstall 1 of them.

    Tell me when that is done

  8. #8
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    Quote Originally Posted by zep516 View Post
    Hello,

    You have 2 Anti Virus programs running

    1 Avast
    2 Microsoft security Essentials

    This is problematic. Please uninstall 1 of them.

    Tell me when that is done

  9. #9
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    I realize that I shouldn't have two antivirus programs running. As I said in my post, I have tried about a dozen of most accepted antivirus programs and I run them one at a time. I always use either Revo or Iobit uninstaller when removing programs so as to remove everything. Avast doesn't appear in either of these programs so I did not realize that remnants were still installed. It is not listed in Control Panel Delete programs either. I now find it listed in the Program files but it won't let me delete it. It says that I need permission. How do I get it out?

    Thanks oldray

  10. #10
    Member
    Join Date
    May 2011
    Posts
    40
    Points
    0

    Default

    Joe, I have to get off the computer now. Will check back tomorrow.

Page 1 of 2 12 LastLast