Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8.1 error code 0x80070490


  • This topic is locked This topic is locked
15 replies to this topic

#1 Ataxia

Ataxia

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 02 May 2014 - 03:49 PM

Tried the fixes offered at Microsoft don't seem to work.  Receive message Potential Windows Update Data Base error detected 0x80070490 & Windows Update components must be fixed. Run troubleshooting tool says fixed.  But back the next time check for updates.  Now Norton Security is having update problems.  Say it's Microsoft problem and can do nothing till this is fixed.  Have noticed this problem since updating to windows 8.1.  Have repeatedly tried to get help and or fix myself from Micro. forum without success. Also don't get updates from app store.  I am pretty new with computers and need step by step instructions.  Would be very grateful if anyone could help.  Thank You :lmao:  



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:28 AM

Posted 08 May 2014 - 07:55 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/533090 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 08 May 2014 - 04:21 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.
 

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/533090 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

 



#4 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 08 May 2014 - 04:44 PM

I have windows 8.1. 64.  The windows update since upgrade to 8.1 says update never . after trouble shooting each time gives message error 0x80070490 and update components must be fixed.  Shows fixed but is back next update.  Windows store doesn't update since upgrade either.  Also I.E. stopped showing portions of page in browser window but will work fine on desktop. Nortons had 2 updates that wouldn't update.  Their Techs attempted to fix their problem uninstalling and installing Nortons a total of 7 times.  Could get to update but problem back in one to two hours.  When I mentioned the problem I had with windows update said no longer their problem. And if I had the problem with Norton after I fixed windows update uninstall and install Nortons again.  After that advice took Norton off computer and went with windows Defender.  Attempted to DDS log but says will not run in compatibility mode.  Don't know how to take out of compatibility mode. Am a novice..how to disable anti virus found firewall. 



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 AM

Posted 09 May 2014 - 09:03 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

Did you do the suggested repair as proposed on the Method 2: Perform a repair installation of Windows on this page?
http://support.microsoft.com/kb/958044

You may also be interested in reading this page.
http://windows.microsoft.com/en-IN/windows-8/why-find-install-app-windows-store

===

While you try to fix your download problem download and run this tool.
I will check for malware issues.

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

#6 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 09 May 2014 - 10:40 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-05-2014 01
Ran by Linda at 2014-05-09 12:35:48
Running from C:\Users\Linda\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01
Ran by Linda (administrator) on LYNNESHEADACHE on 09-05-2014 12:47:14
Running from C:\Users\Linda\Downloads
Windows 8.1 (Update 1) (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\S-1-5-21-2029271840-2688628959-2960142898-1002\...\Run: [Power2GoExpress8] => NA
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\Parameters: [NameServer] 198.153.192.50 198.153.194.50
 
FireFox:
========
FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default
FF DefaultSearchEngine: Bing 
FF SelectedSearchEngine: Bing 
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @CursorMania_7l.com/Plugin - C:\Program Files (x86)\CursorMania_7l\bar\1.bin\NP7lStub.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @popularscreensavers.com/Plugin - C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\searchplugins\bing-.xml
FF Extension: No Name - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\Extensions\firefoxbingsearch.full@microsoft.com [2014-01-15]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.bing.com/?pc=U162H", "hxxp://www.bing.com/?pc=U162I"
CHR Extension: (Google Docs) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]
CHR Extension: (Google Drive) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]
CHR Extension: (YouTube) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]
CHR Extension: (Google Search) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]
CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15]
CHR Extension: (Gmail) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]
 
==================== Services (Whitelisted) =================
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-15] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-01-02] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-01-13] (Realtek Semiconductor Corporation                           )
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)
S3 ssmirrdr; C:\Windows\system32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt
2014-05-09 12:35 - 2014-05-09 12:36 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt
2014-05-09 12:34 - 2014-05-09 12:47 - 00014172 _____ () C:\Users\Linda\Downloads\FRST.txt
2014-05-09 12:34 - 2014-05-09 12:47 - 00000000 ____D () C:\FRST
2014-05-09 12:31 - 2014-05-09 12:31 - 02064384 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe
2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi
2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu
2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url
2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com
2014-05-08 17:09 - 2014-05-08 17:10 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com
2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url
2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun
2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 17:40 - 2014-05-07 17:39 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-07 17:40 - 2014-05-07 17:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-07 17:40 - 2014-05-07 17:39 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-07 17:40 - 2014-05-07 17:39 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe
2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab
2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder
2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder
2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url
2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url
2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer
2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer
2014-05-03 08:01 - 2014-05-04 12:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18
2014-05-03 01:01 - 2014-05-03 07:58 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17
2014-05-02 17:09 - 2014-04-29 10:01 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-05-02 17:09 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url
2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-05-02 00:38 - 2014-05-02 15:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16
2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15
2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14
2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13
2014-05-01 20:42 - 2014-05-03 07:53 - 00000000 ____D () C:\ProgramData\Norton
2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk
2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk
2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk
2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk
2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk
2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk
2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com
2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder
2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk
2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk
2014-04-29 17:35 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk
2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk
2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk
2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk
2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk
2014-04-29 08:44 - 2014-04-29 08:45 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt
2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk
2014-04-28 17:31 - 2014-04-28 17:32 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe
2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent
2014-04-28 08:24 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd.sys
2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk
2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk
2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk
2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk
2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk
2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk
2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk
2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk
2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk
2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk
2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url
2014-04-27 04:26 - 2014-04-27 09:35 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12
2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk
2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url
2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url
2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url
2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt
2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm
2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml
2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk
2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-04-24 17:49 - 2014-04-28 08:24 - 00000039 _____ () C:\WINDOWS\setupact.log
2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk
2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe
2014-04-24 02:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-04-24 02:13 - 2014-04-24 02:17 - 00000000 ____D () C:\AdwCleaner
2014-04-24 02:10 - 2014-04-24 02:11 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe
2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe
2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe
2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe
2014-04-23 14:51 - 2014-04-23 15:41 - 00000000 ____D () C:\Users\Linda\Desktop\mbar
2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe
2014-04-23 14:39 - 2014-04-23 23:34 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt
2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt
2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe
2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 02:03 - 2014-04-24 19:24 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11
2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10
2014-04-22 00:51 - 2014-04-09 08:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-22 00:51 - 2014-04-08 23:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-22 00:51 - 2014-04-08 23:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-22 00:51 - 2014-04-08 23:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-22 00:51 - 2014-04-08 23:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-22 00:14 - 2014-05-01 20:49 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk
2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe
2014-04-21 13:28 - 2014-04-23 20:37 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt
2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe
2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat
2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-20 18:02 - 2014-04-24 15:29 - 00000000 ____D () C:\NPE
2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk
2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url
2014-04-15 19:20 - 2014-05-03 07:54 - 07757536 _____ () C:\WINDOWS\PFRO.log
2014-04-15 13:01 - 2014-04-15 13:02 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk
2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url
2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url
2014-04-14 18:21 - 2014-05-09 12:33 - 01385853 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-14 15:02 - 2014-04-14 14:51 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm
2014-04-14 13:39 - 2014-04-15 11:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9
2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url
2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt
2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu
2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js
2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-11 13:24 - 2014-05-09 12:40 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 13:24 - 2014-05-09 12:13 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 13:24 - 2014-05-08 22:35 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-11 13:24 - 2014-05-08 22:35 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google
2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-11 13:23 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment
2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0
2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk
2014-04-10 20:15 - 2014-04-13 06:28 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7
2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6
2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieUserList
2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieSiteList
 
==================== One Month Modified Files and Folders =======
 
2014-05-09 12:47 - 2014-05-09 12:34 - 00014172 _____ () C:\Users\Linda\Downloads\FRST.txt
2014-05-09 12:47 - 2014-05-09 12:34 - 00000000 ____D () C:\FRST
2014-05-09 12:46 - 2013-10-20 09:16 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A6C2B7B-F5A2-4CA6-9BFE-B0D5E48F1D98}
2014-05-09 12:43 - 2013-12-05 20:33 - 00000000 ____D () C:\Users\Linda\AppData\Local\CrashDumps
2014-05-09 12:40 - 2014-04-11 13:24 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt
2014-05-09 12:36 - 2014-05-09 12:35 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt
2014-05-09 12:33 - 2014-04-14 18:21 - 01385853 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-09 12:31 - 2014-05-09 12:31 - 02064384 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe
2014-05-09 12:18 - 2013-10-20 09:27 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2029271840-2688628959-2960142898-1002
2014-05-09 12:17 - 2014-03-03 20:42 - 00000000 ____D () C:\Users\Linda\Documents\Youcam
2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi
2014-05-09 12:16 - 2013-10-20 19:37 - 00000000 __RDO () C:\Users\Linda\SkyDrive
2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-09 12:13 - 2014-04-11 13:24 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-09 12:13 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-09 12:12 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu
2014-05-09 12:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-08 23:47 - 2014-02-03 06:07 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLinda
2014-05-08 23:47 - 2014-02-03 06:07 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLinda.job
2014-05-08 22:35 - 2014-04-11 13:24 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 22:35 - 2014-04-11 13:24 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url
2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com
2014-05-08 17:10 - 2014-05-08 17:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com
2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url
2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle
2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun
2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-07 17:39 - 2014-05-07 17:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-05-07 17:39 - 2014-05-07 17:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-05-07 17:39 - 2014-05-07 17:40 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-05-07 17:39 - 2014-05-07 17:40 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe
2014-05-07 06:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab
2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder
2014-05-07 01:41 - 2014-01-15 14:03 - 00000000 ____D () C:\Users\Linda
2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder
2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url
2014-05-05 20:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url
2014-05-05 20:07 - 2013-12-02 01:50 - 00000000 ____D () C:\Users\Linda\AppData\Local\VirtualStore
2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer
2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer
2014-05-05 12:25 - 2013-10-21 06:17 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-05-05 12:24 - 2013-04-11 16:35 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-05-05 12:24 - 2013-03-20 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-05-05 12:23 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup
2014-05-05 12:09 - 2013-10-21 06:17 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-04 12:26 - 2014-05-03 08:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18
2014-05-03 07:58 - 2014-05-03 01:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17
2014-05-03 07:54 - 2014-04-15 19:20 - 07757536 _____ () C:\WINDOWS\PFRO.log
2014-05-03 07:53 - 2014-05-01 20:42 - 00000000 ____D () C:\ProgramData\Norton
2014-05-03 07:47 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url
2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk
2014-05-02 15:26 - 2014-05-02 00:38 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16
2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15
2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14
2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13
2014-05-01 21:07 - 2013-12-16 21:39 - 00000000 ____D () C:\Users\Linda\AppData\Local\LogMeIn Rescue Applet
2014-05-01 20:49 - 2014-04-22 00:14 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk
2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk
2014-05-01 20:33 - 2014-02-13 11:59 - 00000000 ____D () C:\WINDOWS\pss
2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk
2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk
2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk
2014-05-01 09:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk
2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk
2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com
2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder
2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk
2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk
2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk
2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk
2014-04-29 10:20 - 2013-12-16 21:50 - 00045056 ___SH () C:\Users\Linda\Desktop\Thumbs.db
2014-04-29 10:01 - 2014-05-02 17:09 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk
2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk
2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk
2014-04-29 08:48 - 2014-05-02 17:09 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-29 08:45 - 2014-04-29 08:44 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt
2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk
2014-04-28 17:32 - 2014-04-28 17:31 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe
2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-04-28 08:31 - 2013-12-05 05:35 - 00000000 ____D () C:\Users\Public\CyberLink
2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent
2014-04-28 08:24 - 2014-04-24 17:49 - 00000039 _____ () C:\WINDOWS\setupact.log
2014-04-28 08:24 - 2013-04-11 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-04-28 08:16 - 2013-04-11 16:34 - 00000000 ____D () C:\ProgramData\install_clap
2014-04-27 23:48 - 2013-12-27 08:21 - 00000000 ____D () C:\N360_BACKUP
2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk
2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk
2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk
2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk
2014-04-27 11:45 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk
2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk
2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk
2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk
2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk
2014-04-27 09:35 - 2014-04-27 04:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12
2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk
2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk
2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url
2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk
2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url
2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url
2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url
2014-04-26 02:28 - 2014-01-03 18:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\NPE
2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt
2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm
2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml
2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk
2014-04-24 23:28 - 2013-12-07 08:24 - 00000508 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\PCHgames - Free Online Games, Sweepstakes, and Prizes!.website
2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe
2014-04-24 19:24 - 2014-04-22 02:03 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11
2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-04-24 15:46 - 2013-12-13 18:48 - 00000492 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\JustFab.website
2014-04-24 15:29 - 2014-04-20 18:02 - 00000000 ____D () C:\NPE
2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk
2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe
2014-04-24 02:17 - 2014-04-24 02:13 - 00000000 ____D () C:\AdwCleaner
2014-04-24 02:17 - 2013-12-29 12:44 - 00001229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk
2014-04-24 02:11 - 2014-04-24 02:10 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe
2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe
2014-04-23 23:34 - 2014-04-23 14:39 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt
2014-04-23 23:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe
2014-04-23 20:37 - 2014-04-21 13:28 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt
2014-04-23 15:41 - 2014-04-23 14:51 - 00000000 ____D () C:\Users\Linda\Desktop\mbar
2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe
2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe
2014-04-23 13:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt
2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe
2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 20:24 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-22 20:24 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10
2014-04-21 20:39 - 2013-12-16 21:50 - 00000000 ____D () C:\Users\Public\Downloads\Norton1
2014-04-21 15:14 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\L2Schemas
2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe
2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe
2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat
2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk
2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url
2014-04-15 13:02 - 2014-04-15 13:01 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk
2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url
2014-04-15 11:51 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9
2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url
2014-04-14 14:51 - 2014-04-14 15:02 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm
2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8
2014-04-13 06:28 - 2014-04-10 20:15 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url
2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt
2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu
2014-04-11 15:37 - 2014-04-08 09:59 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js
2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google
2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-11 13:24 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment
2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0
2014-04-11 12:54 - 2013-11-14 03:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk
2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6
2014-04-10 19:45 - 2014-04-08 22:11 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak5
2014-04-10 01:18 - 2014-04-08 09:59 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-04-10 01:05 - 2014-01-15 15:11 - 00000000 ____D () C:\Users\Linda\AppData\Local\Adobe
2014-04-09 10:23 - 2014-02-18 19:01 - 00000000 ____D () C:\Users\Linda\Tracing
2014-04-09 08:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-04-09 08:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieUserList
2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieSiteList
2014-04-09 08:00 - 2014-04-22 00:51 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-09 00:30 - 2013-12-02 01:51 - 00000000 ___RD () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-09 00:30 - 2013-12-02 01:51 - 00000000 ___RD () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-09 00:25 - 2013-08-22 10:44 - 00344624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-09 00:19 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-04-09 00:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2014-04-09 00:14 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\servicing
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-09 00:11 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-04-09 00:11 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-09 00:10 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-04-09 00:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-09 00:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera
 
Some content of TEMP:
====================
C:\Users\Linda\AppData\Local\Temp\Extract.exe
C:\Users\Linda\AppData\Local\Temp\SCC.dll
C:\Users\Linda\AppData\Local\Temp\SP65790.exe
C:\Users\Linda\AppData\Local\Temp\SymCCIS.dll
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-05-03 21:17
 
==================== End Of Log ============================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30226 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1124.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9E2BF31C-7E39-C549-8AFE-56C3B927BD91}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0226.20.471 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.6.7225 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.6.7225 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.4.2928 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.2.4128 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.5.3416 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.5.3304 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.5511 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.5511 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 5.0.3.3907 - CyberLink Corp.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{966BD8E8-DEAB-458D-B330-1388A4CC0A6C}) (Version: 1.1.1.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Recovery Manager (x32 Version: 9.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{23CCE784-A812-4647-AEFF-1DCCD4E57478}) (Version: 11.50.0000 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{F35EE4BC-95E1-4417-BA36-7C32FF24A59A}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
mPlayer version 1.0 (HKLM-x32\...\{B482E758-D602-434C-80B9-DDEFEEAE4BCA}_is1) (Version: 1.0 - Download Freely, LLC)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6856 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)
 
==================== Restore Points  =========================
 
02-05-2014 00:23:50 NortonRestorePoint_5-1-14
05-05-2014 16:12:55 HPSF Applying updates
07-05-2014 21:39:11 Installed Java 7 Update 55
09-05-2014 16:00:04 Windows Modules Installer
 
==================== Hosts content: ==========================
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {01FF93D1-288E-4D69-AC88-E9650D1D037E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {19B0AD8A-1020-468D-8C9D-2C0080D52CBE} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-06] (Synaptics Incorporated)
Task: {1A0797C5-A7DB-43F0-B218-97873669AA74} - System32\Tasks\HPCeeScheduleForLinda => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {1E7740EB-BFFF-42FF-8A2F-A67EA351C09C} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3A8EC163-9206-43FB-B75C-FE389D4F5CE7} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E08A0A5-237E-43FA-8599-75C2C0D0B4F5} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4F0AE6E1-47C2-4AF2-8D39-46F504C8941E} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {563A7524-76CA-4E65-9ABC-D4A91C4B07DD} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.)
Task: {5BA870D0-DA0A-4BDE-8919-8C445F1C42E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11] (Google Inc.)
Task: {65F9A4F6-67F1-41BC-AD16-62AE9F43BAF2} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6BBBFFCF-637B-46F0-8959-53FA948C5A41} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6F6A6BEA-B600-4167-AECD-E3BD4BE26A47} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2029271840-2688628959-2960142898-1002
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B8B2F41-9E14-407F-ABC0-F680B612C8D7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8F53CECC-DC23-4D0D-BE91-AC981866C79C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {914EEF4B-312D-4F41-80BC-4DD4A56708D2} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {9A662FB2-A62F-4DA3-8FD0-F8B52A65764A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B250392B-8A09-448F-AF80-2CCB6AA0E38C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {BDBE7D5A-37C4-48F0-9F0E-56DBDA9FC04B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-03-31] (Microsoft Corporation)
Task: {C8B60C33-2A0B-4815-9545-AD3B022565C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CCAD6F7F-C290-4BAB-BC3B-C255351C1DAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-11] (Google Inc.)
Task: {CFBA959E-131C-43FD-A76C-DB1CD13A755A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EC1801DE-52EF-48E2-9FA9-B943CCC354D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLinda.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements (1).job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-06 17:06 - 2013-12-06 17:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-01-15 22:26 - 2013-08-05 03:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 16:48 - 2013-08-05 16:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-25 12:37 - 2014-04-23 20:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Linda\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Comcast.net.website:TASKICON_0favicon274298539
AlternateDataStreams: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Comcast.net.website:TASKICON_1favicon-1484237488
AlternateDataStreams: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Comcast.net.website:TASKICON_2favicon233515818
AlternateDataStreams: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Comcast.net.website:TASKICON_3favicon-1519011051
AlternateDataStreams: C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Comcast.net.website:TASKICON_4favicon860087195
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/09/2014 00:28:11 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17031, time stamp: 0x530867e7
Exception code: 0xc000027b
Fault offset: 0x00000000000547c8
Faulting process id: 0x518
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
Error: (05/09/2014 11:47:28 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17031, time stamp: 0x530867e7
Exception code: 0xc000027b
Fault offset: 0x00000000000547c8
Faulting process id: 0x4e48
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
Error: (05/09/2014 11:23:45 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Faulting application name: backgroundTaskHost.exe, version: 6.3.9600.16384, time stamp: 0x5215e1f6
Faulting module name: twinapi.appcore.dll, version: 6.3.9600.17031, time stamp: 0x530867e7
Exception code: 0xc000027b
Fault offset: 0x00000000000547c8
Faulting process id: 0x2e08
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6417546
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6417546
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6416062
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6416062
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/09/2014 09:36:47 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 4421
 
 
System errors:
=============
Error: (05/09/2014 00:06:55 PM) (Source: Service Control Manager) (User: ) (EventID: 7022)
Description: The Software Protection service hung on starting.
 
Error: (05/08/2014 00:15:47 PM) (Source: Schannel) (User: NT AUTHORITY) (EventID: 4119)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
 
Error: (05/05/2014 01:48:39 PM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (05/01/2014 07:45:14 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: The Norton Security Suite service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/01/2014 07:42:33 PM) (Source: Service Control Manager) (User: ) (EventID: 7031)
Description: The Norton Security Suite service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
 
Error: (05/01/2014 02:59:24 PM) (Source: Schannel) (User: NT AUTHORITY) (EventID: 4119)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
 
Error: (04/29/2014 05:36:09 PM) (Source: Service Control Manager) (User: ) (EventID: 7023)
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (04/29/2014 05:33:33 PM) (Source: Service Control Manager) (User: ) (EventID: 7011)
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the N360 service.
 
Error: (04/29/2014 05:27:55 PM) (Source: DCOM) (User: LYNNESHEADACHE) (EventID: 10010)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
Error: (04/29/2014 05:27:55 PM) (Source: DCOM) (User: LYNNESHEADACHE) (EventID: 10010)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
 
 
Microsoft Office Sessions:
=========================
Error: (05/09/2014 00:28:11 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.17031530867e7c000027b00000000000547c851801cf6ba3a979aebbC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dlle8da149e-d796-11e3-8006-7446a08ae81dA28E679C.WTHR_1.0.0.1537_x64__bbtf30p4exehmApp
 
Error: (05/09/2014 11:47:28 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.17031530867e7c000027b00000000000547c84e4801cf6b9dfa43ff58C:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dll38f4d03e-d791-11e3-8003-7446a08ae81dA28E679C.WTHR_1.0.0.1537_x64__bbtf30p4exehmApp
 
Error: (05/09/2014 11:23:45 AM) (Source: Application Error) (User: ) (EventID: 1000)
Description: backgroundTaskHost.exe6.3.9600.163845215e1f6twinapi.appcore.dll6.3.9600.17031530867e7c000027b00000000000547c82e0801cf6b9aa73f994cC:\WINDOWS\system32\backgroundTaskHost.exeC:\Windows\System32\twinapi.appcore.dlle8f521f9-d78d-11e3-8003-7446a08ae81dA28E679C.WTHR_1.0.0.1537_x64__bbtf30p4exehmApp
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6417546
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6417546
 
Error: (05/09/2014 11:23:41 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 6416062
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledEvent 6416062
 
Error: (05/09/2014 11:23:39 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/09/2014 09:36:47 AM) (Source: Bonjour Service) (User: ) (EventID: 100)
Description: Task Scheduling Error: m->NextScheduledSPRetry 4421
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-08 05:56:08.445
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-08 05:56:08.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-07 16:25:46.966
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-07 16:25:46.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-07 16:25:45.902
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-05-07 16:25:45.798

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticDon't see a method 2 for windows 8.1 Also don't have a disk for 8.1  also how do I get out of compatibility mode to run DDL as requested? also have uninstalled I.E. and installed


Edited by Ataxia, 09 May 2014 - 01:18 PM.


#7 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 09 May 2014 - 01:02 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01

Ran by Linda (administrator) on LYNNESHEADACHE on 09-05-2014 12:47:14

Running from C:\Users\Linda\Downloads

Windows 8.1 (Update 1) (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AMD) C:\Windows\System32\atiesrxx.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)

HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)

HKU\S-1-5-21-2029271840-2688628959-2960142898-1002\...\Run: [Power2GoExpress8] => NA

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\Parameters: [NameServer] 198.153.192.50 198.153.194.50

 

FireFox:

========

FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default

FF DefaultSearchEngine: Bing 

FF SelectedSearchEngine: Bing 

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)

FF Plugin-x32: @CursorMania_7l.com/Plugin - C:\Program Files (x86)\CursorMania_7l\bar\1.bin\NP7lStub.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin - C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\searchplugins\bing-.xml

FF Extension: No Name - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\Extensions\firefoxbingsearch.full@microsoft.com [2014-01-15]

 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "hxxp://www.bing.com/?pc=U162H", "hxxp://www.bing.com/?pc=U162I"

CHR Extension: (Google Docs) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]

CHR Extension: (Google Drive) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]

CHR Extension: (YouTube) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]

CHR Extension: (Google Search) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]

CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15]

CHR Extension: (Gmail) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]

 

==================== Services (Whitelisted) =================

 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)

R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-15] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-15] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-01-02] (Realtek Semiconductor Corp.)

R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-01-13] (Realtek Semiconductor Corporation                           )

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)

S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)

S3 ssmirrdr; C:\Windows\system32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt

2014-05-09 12:35 - 2014-05-09 12:36 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt

2014-05-09 12:34 - 2014-05-09 12:47 - 00014172 _____ () C:\Users\Linda\Downloads\FRST.txt

2014-05-09 12:34 - 2014-05-09 12:47 - 00000000 ____D () C:\FRST

2014-05-09 12:31 - 2014-05-09 12:31 - 02064384 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe

2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi

2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu

2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url

2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com

2014-05-08 17:09 - 2014-05-08 17:10 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com

2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url

2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-07 17:40 - 2014-05-07 17:39 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe

2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab

2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder

2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder

2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url

2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer

2014-05-03 08:01 - 2014-05-04 12:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18

2014-05-03 01:01 - 2014-05-03 07:58 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17

2014-05-02 17:09 - 2014-04-29 10:01 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-05-02 17:09 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url

2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-05-02 00:38 - 2014-05-02 15:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16

2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15

2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14

2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13

2014-05-01 20:42 - 2014-05-03 07:53 - 00000000 ____D () C:\ProgramData\Norton

2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk

2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk

2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk

2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk

2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk

2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk

2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com

2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder

2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk

2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk

2014-04-29 17:35 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk

2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk

2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk

2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk

2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk

2014-04-29 08:44 - 2014-04-29 08:45 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt

2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk

2014-04-28 17:31 - 2014-04-28 17:32 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe

2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink

2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent

2014-04-28 08:24 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd.sys

2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk

2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk

2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk

2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk

2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk

2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk

2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk

2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk

2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk

2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk

2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk

2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url

2014-04-27 04:26 - 2014-04-27 09:35 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12

2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk

2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url

2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url

2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url

2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt

2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm

2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml

2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk

2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-04-24 17:49 - 2014-04-28 08:24 - 00000039 _____ () C:\WINDOWS\setupact.log

2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log

2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk

2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe

2014-04-24 02:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-04-24 02:13 - 2014-04-24 02:17 - 00000000 ____D () C:\AdwCleaner

2014-04-24 02:10 - 2014-04-24 02:11 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe

2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe

2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe

2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe

2014-04-23 14:51 - 2014-04-23 15:41 - 00000000 ____D () C:\Users\Linda\Desktop\mbar

2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe

2014-04-23 14:39 - 2014-04-23 23:34 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt

2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt

2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe

2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto

2014-04-22 02:03 - 2014-04-24 19:24 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11

2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10

2014-04-22 00:51 - 2014-04-09 08:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-04-22 00:51 - 2014-04-08 23:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2014-04-22 00:51 - 2014-04-08 23:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-04-22 00:51 - 2014-04-08 23:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-04-22 00:51 - 2014-04-08 23:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-04-22 00:14 - 2014-05-01 20:49 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk

2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe

2014-04-21 13:28 - 2014-04-23 20:37 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt

2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe

2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat

2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-04-20 18:02 - 2014-04-24 15:29 - 00000000 ____D () C:\NPE

2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk

2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url

2014-04-15 19:20 - 2014-05-03 07:54 - 07757536 _____ () C:\WINDOWS\PFRO.log

2014-04-15 13:01 - 2014-04-15 13:02 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk

2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url

2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url

2014-04-14 18:21 - 2014-05-09 12:33 - 01385853 _____ () C:\WINDOWS\WindowsUpdate.log

2014-04-14 15:02 - 2014-04-14 14:51 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm

2014-04-14 13:39 - 2014-04-15 11:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9

2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url

2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt

2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu

2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js

2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-04-11 13:24 - 2014-05-09 12:40 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-11 13:24 - 2014-05-09 12:13 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-11 13:24 - 2014-05-08 22:35 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-04-11 13:24 - 2014-05-08 22:35 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google

2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Program Files (x86)\Google

2014-04-11 13:23 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment

2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0

2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk

2014-04-10 20:15 - 2014-04-13 06:28 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7

2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6

2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieUserList

2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieSiteList

 

==================== One Month Modified Files and Folders =======

 

2014-05-09 12:47 - 2014-05-09 12:34 - 00014172 _____ () C:\Users\Linda\Downloads\FRST.txt

2014-05-09 12:47 - 2014-05-09 12:34 - 00000000 ____D () C:\FRST

2014-05-09 12:46 - 2013-10-20 09:16 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A6C2B7B-F5A2-4CA6-9BFE-B0D5E48F1D98}

2014-05-09 12:43 - 2013-12-05 20:33 - 00000000 ____D () C:\Users\Linda\AppData\Local\CrashDumps

2014-05-09 12:40 - 2014-04-11 13:24 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt

2014-05-09 12:36 - 2014-05-09 12:35 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt

2014-05-09 12:33 - 2014-04-14 18:21 - 01385853 _____ () C:\WINDOWS\WindowsUpdate.log

2014-05-09 12:31 - 2014-05-09 12:31 - 02064384 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe

2014-05-09 12:18 - 2013-10-20 09:27 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2029271840-2688628959-2960142898-1002

2014-05-09 12:17 - 2014-03-03 20:42 - 00000000 ____D () C:\Users\Linda\Documents\Youcam

2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi

2014-05-09 12:16 - 2013-10-20 19:37 - 00000000 __RDO () C:\Users\Linda\SkyDrive

2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-09 12:13 - 2014-04-11 13:24 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-09 12:13 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-05-09 12:12 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu

2014-05-09 12:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-05-08 23:47 - 2014-02-03 06:07 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLinda

2014-05-08 23:47 - 2014-02-03 06:07 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLinda.job

2014-05-08 22:35 - 2014-04-11 13:24 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-08 22:35 - 2014-04-11 13:24 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url

2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com

2014-05-08 17:10 - 2014-05-08 17:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com

2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url

2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-07 17:39 - 2014-05-07 17:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe

2014-05-07 06:01 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab

2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder

2014-05-07 01:41 - 2014-01-15 14:03 - 00000000 ____D () C:\Users\Linda

2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder

2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url

2014-05-05 20:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url

2014-05-05 20:07 - 2013-12-02 01:50 - 00000000 ____D () C:\Users\Linda\AppData\Local\VirtualStore

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer

2014-05-05 12:25 - 2013-10-21 06:17 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log

2014-05-05 12:24 - 2013-04-11 16:35 - 00000000 ____D () C:\Program Files (x86)\CyberLink

2014-05-05 12:24 - 2013-03-20 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2014-05-05 12:23 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup

2014-05-05 12:09 - 2013-10-21 06:17 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-05-04 12:26 - 2014-05-03 08:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18

2014-05-03 07:58 - 2014-05-03 01:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17

2014-05-03 07:54 - 2014-04-15 19:20 - 07757536 _____ () C:\WINDOWS\PFRO.log

2014-05-03 07:53 - 2014-05-01 20:42 - 00000000 ____D () C:\ProgramData\Norton

2014-05-03 07:47 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url

2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-05-02 15:26 - 2014-05-02 00:38 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16

2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15

2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14

2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13

2014-05-01 21:07 - 2013-12-16 21:39 - 00000000 ____D () C:\Users\Linda\AppData\Local\LogMeIn Rescue Applet

2014-05-01 20:49 - 2014-04-22 00:14 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk

2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk

2014-05-01 20:33 - 2014-02-13 11:59 - 00000000 ____D () C:\WINDOWS\pss

2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk

2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk

2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk

2014-05-01 09:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk

2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk

2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com

2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder

2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk

2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk

2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk

2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk

2014-04-29 10:20 - 2013-12-16 21:50 - 00045056 ___SH () C:\Users\Linda\Desktop\Thumbs.db

2014-04-29 10:01 - 2014-05-02 17:09 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk

2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk

2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk

2014-04-29 08:48 - 2014-05-02 17:09 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-04-29 08:45 - 2014-04-29 08:44 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt

2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk

2014-04-28 17:32 - 2014-04-28 17:31 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe

2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink

2014-04-28 08:31 - 2013-12-05 05:35 - 00000000 ____D () C:\Users\Public\CyberLink

2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent

2014-04-28 08:24 - 2014-04-24 17:49 - 00000039 _____ () C:\WINDOWS\setupact.log

2014-04-28 08:24 - 2013-04-11 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2014-04-28 08:16 - 2013-04-11 16:34 - 00000000 ____D () C:\ProgramData\install_clap

2014-04-27 23:48 - 2013-12-27 08:21 - 00000000 ____D () C:\N360_BACKUP

2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk

2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk

2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk

2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk

2014-04-27 11:45 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk

2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk

2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk

2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk

2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk

2014-04-27 09:35 - 2014-04-27 04:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12

2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk

2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk

2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url

2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk

2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url

2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url

2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url

2014-04-26 02:28 - 2014-01-03 18:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\NPE

2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt

2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm

2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml

2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk

2014-04-24 23:28 - 2013-12-07 08:24 - 00000508 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\PCHgames - Free Online Games, Sweepstakes, and Prizes!.website

2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-04-24 19:24 - 2014-04-22 02:03 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11

2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log

2014-04-24 15:46 - 2013-12-13 18:48 - 00000492 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\JustFab.website

2014-04-24 15:29 - 2014-04-20 18:02 - 00000000 ____D () C:\NPE

2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk

2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe

2014-04-24 02:17 - 2014-04-24 02:13 - 00000000 ____D () C:\AdwCleaner

2014-04-24 02:17 - 2013-12-29 12:44 - 00001229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk

2014-04-24 02:11 - 2014-04-24 02:10 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe

2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe

2014-04-23 23:34 - 2014-04-23 14:39 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt

2014-04-23 23:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe

2014-04-23 20:37 - 2014-04-21 13:28 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt

2014-04-23 15:41 - 2014-04-23 14:51 - 00000000 ____D () C:\Users\Linda\Desktop\mbar

2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe

2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe

2014-04-23 13:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt

2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe

2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto

2014-04-22 20:24 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-04-22 20:24 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10

2014-04-21 20:39 - 2013-12-16 21:50 - 00000000 ____D () C:\Users\Public\Downloads\Norton1

2014-04-21 15:14 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\L2Schemas

2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe

2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe

2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat

2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk

2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url

2014-04-15 13:02 - 2014-04-15 13:01 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk

2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url

2014-04-15 11:51 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9

2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url

2014-04-14 14:51 - 2014-04-14 15:02 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm

2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8

2014-04-13 06:28 - 2014-04-10 20:15 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url

2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt

2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu

2014-04-11 15:37 - 2014-04-08 09:59 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js

2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google

2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Program Files (x86)\Google

2014-04-11 13:24 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment

2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0

2014-04-11 12:54 - 2013-11-14 03:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk

2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6

2014-04-10 19:45 - 2014-04-08 22:11 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak5

2014-04-10 01:18 - 2014-04-08 09:59 - 00000000 ____D () C:\ProgramData\Yahoo!

2014-04-10 01:05 - 2014-01-15 15:11 - 00000000 ____D () C:\Users\Linda\AppData\Local\Adobe

2014-04-09 10:23 - 2014-02-18 19:01 - 00000000 ____D () C:\Users\Linda\Tracing

2014-04-09 08:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv

2014-04-09 08:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv

2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieUserList

2014-04-09 08:12 - 2014-04-09 08:12 - 00000000 __SHD () C:\Users\Linda\AppData\Local\EmieSiteList

2014-04-09 08:00 - 2014-04-22 00:51 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-04-09 00:30 - 2013-12-02 01:51 - 00000000 ___RD () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-04-09 00:30 - 2013-12-02 01:51 - 00000000 ___RD () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-04-09 00:25 - 2013-08-22 10:44 - 00344624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-04-09 00:19 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools

2014-04-09 00:18 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\setup

2014-04-09 00:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices

2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform

2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices

2014-04-09 00:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform

2014-04-09 00:14 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe

2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism

2014-04-09 00:14 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\servicing

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sk-SK

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lv-LV

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\hr-HR

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\et-EE

2014-04-09 00:12 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\uk-UA

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sl-SI

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ro-RO

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\he-IL

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB

2014-04-09 00:11 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\bg-BG

2014-04-09 00:11 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep

2014-04-09 00:11 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\oobe

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\zh-HK

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\tr-TR

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\th-TH

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\lt-LT

2014-04-09 00:10 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\ar-SA

2014-04-09 00:10 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\Dism

2014-04-09 00:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-04-09 00:05 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\Camera

 

Some content of TEMP:

====================

C:\Users\Linda\AppData\Local\Temp\Extract.exe

C:\Users\Linda\AppData\Local\Temp\SCC.dll

C:\Users\Linda\AppData\Local\Temp\SP65790.exe

C:\Users\Linda\AppData\Local\Temp\SymCCIS.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-05-03 21:17

 

==================== End Of Log ============================



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 AM

Posted 10 May 2014 - 08:31 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start
HKU\S-1-5-21-2029271840-2688628959-2960142898-1002\...\Run: [Power2GoExpress8] => NA
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin-x32: @CursorMania_7l.com/Plugin - C:\Program Files (x86)\CursorMania_7l\bar\1.bin\NP7lStub.dll No File
FF Plugin-x32: @popularscreensavers.com/Plugin - C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Users\Linda\AppData\Local\Temp\Extract.exe
C:\Users\Linda\AppData\Local\Temp\SCC.dll
C:\Users\Linda\AppData\Local\Temp\SP65790.exe
C:\Users\Linda\AppData\Local\Temp\SymCCIS.dll

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

If the problem persists please continue.

Following steps involve registry editing. Please create new restore point before proceeding!!!
How to:
XP - http://support.microsoft.com/kb/948247
Vista and Seven - http://windows.microsoft.com/en-gb/windows7/create-a-restore-point
Windows 8 - http://www.eightforums.com/tutorials/4690-restore-point-create-windows-8-a.html

Download this program to your desktop.
Tweaking.com - Windows Repair
http://www.bleepingcomputer.com/download/windows-repair-all-in-one-portable/


Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options only.

Reset Registry Permissions
Reset File Permissions
Register System Files
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair MDAC & MS Jet
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair Proxy Settings
Unhide Non System Files
Repair Windows Updates
Repair CD/DVD Missing/Not Working
  • Checkmark Restart System When Finished option
  • click the Start button
  • System should restart after repair
How is it now?

#9 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 10 May 2014 - 03:16 PM

As I have repeatedly said I am a novice and I am given things to do restore points copying  etc. that I don't understand . now my browser won't close.And I down loaded Repair Windows ex. hit extract  ...extracted 367?  and a tweaking file came up at no time did I see the things you ask me to check  off or a way to run repair. And totally lost and afraid to shut down comp.  I am a novice.HELP!!!!!!


Edited by Ataxia, 11 May 2014 - 05:41 AM.


#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 AM

Posted 11 May 2014 - 07:49 AM


Repair Windows ex. hit extract ...extracted 367?

I suspect that the extraction was not successfull.
Do you have this file Repair_Windows.exe that was extracted and did you run it?
===

The tool will create a log (Fixlog.txt) please post it to your reply.


If you have run the Farbar tool and used the Fix button a log Fixlog.txt was created.
Can you open the file with Notepad, copy the content of the file and paste it in your next reply..


p.s.
Did you restart the computer after the fix as I have suggested.
===

If something goes wrong we can always restore your computer to a previous date.
Just read the information for now.
http://blogs.msdn.com/b/zxue/archive/2012/03/09/windows-8-how-to-29-restore-system-to-a-previous-state-using-restore-point.aspx

#11 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 11 May 2014 - 07:03 PM

tried repair windows exe. afterwards running had 5 problems instead of 2 and couldn't get Explorer browser window to open at all.  Did a system restore.below find FRST.txt.& Windows Repair exe. manifest  am a little lost at this point hope I didn't cause more problems. Thank you for your time P. S. can't find fix it repair list


Edited by Ataxia, 11 May 2014 - 07:25 PM.


#12 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 11 May 2014 - 07:13 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-05-2014

Ran by Linda (administrator) on LYNNESHEADACHE on 10-05-2014 16:06:28

Running from C:\Users\Linda\Downloads

Platform: Windows 8.1 (Update 1) (X64) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20461_x64__8wekyb3d8bbwe\livecomm.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

() C:\Program Files\WindowsApps\Microsoft.NetworkSpeedTest_1.0.0.23_x64__8wekyb3d8bbwe\NetworkSpeedTest.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7156296 2013-03-07] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015920 2013-02-06] (Synaptics Incorporated)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-04-10] (CyberLink Corp.)

HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-12-25] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)

HKU\S-1-5-21-2029271840-2688628959-2960142898-1002\...\Run: [Power2GoExpress8] => NA

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1

SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS

SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}

SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 

BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

Tcpip\Parameters: [NameServer] 198.153.192.50 198.153.194.50

 

FireFox:

========

FF ProfilePath: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default

FF DefaultSearchEngine: Bing 

FF SelectedSearchEngine: Bing 

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)

FF Plugin-x32: @CursorMania_7l.com/Plugin - C:\Program Files (x86)\CursorMania_7l\bar\1.bin\NP7lStub.dll No File

FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin - C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()

FF SearchPlugin: C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\searchplugins\bing-.xml

FF Extension: No Name - C:\Users\Linda\AppData\Roaming\Mozilla\Firefox\Profiles\4ocvhmoy.default\Extensions\firefoxbingsearch.full@microsoft.com [2014-01-15]

 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "hxxp://www.bing.com/?pc=U162H", "hxxp://www.bing.com/?pc=U162I"

CHR Extension: (Google Docs) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-15]

CHR Extension: (Google Drive) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-15]

CHR Extension: (YouTube) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-15]

CHR Extension: (Google Search) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-15]

CHR Extension: (Google Wallet) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-15]

CHR Extension: (Gmail) - C:\Users\Linda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-15]

 

==================== Services (Whitelisted) =================

 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)

R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-12-25] (Hewlett-Packard Development Company, L.P.)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-01-15] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)

R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)

R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)

S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)

S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)

S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)

S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)

R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-15] (Microsoft Corporation)

S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)

R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)

S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)

S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-02-22] (Microsoft Corporation)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-01-02] (Realtek Semiconductor Corp.)

R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-01-13] (Realtek Semiconductor Corporation                           )

S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-15] (Microsoft Corporation)

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated)

S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31984 2013-02-06] (Synaptics Incorporated)

S3 ssmirrdr; C:\Windows\system32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)

S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)

S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-05-10 16:01 - 2014-05-10 16:01 - 00000000 ____D () C:\Users\Linda\Downloads\FRST-OlderVersion

2014-05-10 10:02 - 2014-05-10 10:02 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Linda\Downloads\Repair-tool.exe

2014-05-09 22:04 - 2014-05-09 22:04 - 00000208 _____ () C:\Users\Linda\Desktop\Short Dumb People Jokes - The Funniest Short Jokes and One Liners.url

2014-05-09 12:49 - 2014-05-09 12:49 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (3).com

2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt

2014-05-09 12:35 - 2014-05-09 12:36 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt

2014-05-09 12:34 - 2014-05-10 16:06 - 00015086 _____ () C:\Users\Linda\Downloads\FRST.txt

2014-05-09 12:34 - 2014-05-10 16:06 - 00000000 ____D () C:\FRST

2014-05-09 12:31 - 2014-05-10 16:01 - 02065408 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe

2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi

2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu

2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url

2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com

2014-05-08 17:09 - 2014-05-08 17:10 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com

2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url

2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-07 17:40 - 2014-05-07 17:39 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-05-07 17:40 - 2014-05-07 17:39 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe

2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab

2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder

2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder

2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url

2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer

2014-05-03 08:01 - 2014-05-04 12:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18

2014-05-03 01:01 - 2014-05-03 07:58 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17

2014-05-02 17:09 - 2014-04-29 10:01 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-05-02 17:09 - 2014-04-29 08:48 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url

2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-05-02 00:38 - 2014-05-02 15:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16

2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15

2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14

2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13

2014-05-01 20:42 - 2014-05-03 07:53 - 00000000 ____D () C:\ProgramData\Norton

2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk

2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk

2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk

2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk

2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk

2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk

2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com

2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder

2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk

2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk

2014-04-29 17:35 - 2014-01-19 03:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk

2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk

2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk

2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk

2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk

2014-04-29 08:44 - 2014-04-29 08:45 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt

2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk

2014-04-28 17:31 - 2014-04-28 17:32 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe

2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink

2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent

2014-04-28 08:24 - 2014-01-27 23:58 - 00041704 _____ (CyberLink Corporation) C:\WINDOWS\system32\Drivers\clwvd.sys

2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk

2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk

2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk

2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk

2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk

2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk

2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk

2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk

2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk

2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk

2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk

2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url

2014-04-27 04:26 - 2014-04-27 09:35 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12

2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk

2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url

2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url

2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url

2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt

2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm

2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml

2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk

2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-04-24 17:49 - 2014-04-28 08:24 - 00000039 _____ () C:\WINDOWS\setupact.log

2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log

2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk

2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe

2014-04-24 02:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-04-24 02:13 - 2014-04-24 02:17 - 00000000 ____D () C:\AdwCleaner

2014-04-24 02:10 - 2014-04-24 02:11 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe

2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe

2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe

2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe

2014-04-23 14:51 - 2014-04-23 15:41 - 00000000 ____D () C:\Users\Linda\Desktop\mbar

2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe

2014-04-23 14:39 - 2014-04-23 23:34 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt

2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt

2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe

2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto

2014-04-22 02:03 - 2014-04-24 19:24 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11

2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10

2014-04-22 00:51 - 2014-04-09 08:00 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-04-22 00:51 - 2014-04-08 23:32 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2014-04-22 00:51 - 2014-04-08 23:31 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-04-22 00:51 - 2014-04-08 23:23 - 01705984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-04-22 00:51 - 2014-04-08 23:21 - 03408896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-04-22 00:14 - 2014-05-01 20:49 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk

2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe

2014-04-21 13:28 - 2014-04-23 20:37 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt

2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe

2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat

2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-04-20 18:02 - 2014-04-24 15:29 - 00000000 ____D () C:\NPE

2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk

2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url

2014-04-15 19:20 - 2014-05-03 07:54 - 07757536 _____ () C:\WINDOWS\PFRO.log

2014-04-15 13:01 - 2014-04-15 13:02 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk

2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url

2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url

2014-04-14 18:21 - 2014-05-10 11:02 - 01538993 _____ () C:\WINDOWS\WindowsUpdate.log

2014-04-14 15:02 - 2014-04-14 14:51 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm

2014-04-14 13:39 - 2014-04-15 11:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9

2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url

2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt

2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu

2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js

2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-04-11 13:24 - 2014-05-10 14:40 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-11 13:24 - 2014-05-10 05:14 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-11 13:24 - 2014-05-08 22:35 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-04-11 13:24 - 2014-05-08 22:35 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google

2014-04-11 13:24 - 2014-04-11 13:25 - 00000000 ____D () C:\Program Files (x86)\Google

2014-04-11 13:23 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment

2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0

2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk

2014-04-10 20:15 - 2014-04-13 06:28 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7

2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6

 

==================== One Month Modified Files and Folders =======

 

2014-05-10 16:06 - 2014-05-09 12:34 - 00015086 _____ () C:\Users\Linda\Downloads\FRST.txt

2014-05-10 16:06 - 2014-05-09 12:34 - 00000000 ____D () C:\FRST

2014-05-10 16:06 - 2013-12-05 20:33 - 00000000 ____D () C:\Users\Linda\AppData\Local\CrashDumps

2014-05-10 16:01 - 2014-05-10 16:01 - 00000000 ____D () C:\Users\Linda\Downloads\FRST-OlderVersion

2014-05-10 16:01 - 2014-05-09 12:31 - 02065408 _____ (Farbar) C:\Users\Linda\Downloads\FRST64.exe

2014-05-10 16:00 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-05-10 15:45 - 2013-10-20 09:16 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4A6C2B7B-F5A2-4CA6-9BFE-B0D5E48F1D98}

2014-05-10 14:40 - 2014-04-11 13:24 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-10 11:02 - 2014-04-14 18:21 - 01538993 _____ () C:\WINDOWS\WindowsUpdate.log

2014-05-10 10:12 - 2013-10-20 09:27 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2029271840-2688628959-2960142898-1002

2014-05-10 10:02 - 2014-05-10 10:02 - 05162600 _____ (ParetoLogic, Inc.) C:\Users\Linda\Downloads\Repair-tool.exe

2014-05-10 09:23 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2014-05-10 05:17 - 2014-03-03 20:42 - 00000000 ____D () C:\Users\Linda\Documents\Youcam

2014-05-10 05:14 - 2014-04-11 13:24 - 00000922 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-10 05:14 - 2013-10-20 19:37 - 00000000 __RDO () C:\Users\Linda\SkyDrive

2014-05-10 05:13 - 2013-08-22 10:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-05-10 00:41 - 2013-08-22 09:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2014-05-09 22:04 - 2014-05-09 22:04 - 00000208 _____ () C:\Users\Linda\Desktop\Short Dumb People Jokes - The Funniest Short Jokes and One Liners.url

2014-05-09 12:49 - 2014-05-09 12:49 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (3).com

2014-05-09 12:39 - 2014-05-09 12:39 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt Farbar recovery tool.txt

2014-05-09 12:36 - 2014-05-09 12:35 - 00033193 _____ () C:\Users\Linda\Downloads\Addition.txt

2014-05-09 12:16 - 2014-05-09 12:16 - 00651776 _____ () C:\Users\Linda\Downloads\MicrosoftFixit50228.msi

2014-05-09 12:13 - 2014-05-09 12:13 - 00001453 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-09 12:06 - 2014-05-09 12:06 - 11888284 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2901549-x86.msu

2014-05-08 23:47 - 2014-02-03 06:07 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLinda

2014-05-08 23:47 - 2014-02-03 06:07 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLinda.job

2014-05-08 22:35 - 2014-04-11 13:24 - 00003898 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-08 22:35 - 2014-04-11 13:24 - 00003662 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-08 21:48 - 2014-05-08 21:48 - 00000164 _____ () C:\Users\Linda\Desktop\Random one liners that will make you cry with laughter - Wattpad.url

2014-05-08 17:12 - 2014-05-08 17:12 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (2).com

2014-05-08 17:10 - 2014-05-08 17:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds (1).com

2014-05-08 05:56 - 2014-05-08 05:56 - 00000225 _____ () C:\Users\Linda\Desktop\BEST. SHORT JOKES. EVER..url

2014-05-07 17:44 - 2014-05-07 17:44 - 00000000 ____D () C:\ProgramData\Oracle

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Sun

2014-05-07 17:40 - 2014-05-07 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-05-07 17:39 - 2014-05-07 17:40 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-05-07 17:39 - 2014-05-07 17:40 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-05-07 17:39 - 2014-05-07 17:39 - 00000000 ____D () C:\Program Files (x86)\Java

2014-05-07 17:38 - 2014-05-07 17:38 - 00921512 _____ (Oracle Corporation) C:\Users\Linda\Downloads\chromeinstall-7u55 (1).exe

2014-05-07 01:58 - 2014-05-07 01:58 - 00280204 _____ () C:\Users\Linda\Downloads\WindowsUpdateDiagnostic.diagcab

2014-05-07 01:42 - 2014-05-07 01:42 - 00000000 ____D () C:\Users\Linda\Documents\New folder

2014-05-07 01:41 - 2014-01-15 14:03 - 00000000 ____D () C:\Users\Linda

2014-05-07 01:36 - 2014-05-07 01:36 - 00000000 ____D () C:\New folder

2014-05-06 23:05 - 2014-05-06 23:05 - 00000199 _____ () C:\Users\Linda\Desktop\TOP 100 funniest one-liners, quotes and jokes on the internet! Part 1.url

2014-05-05 20:32 - 2013-08-22 09:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2014-05-05 20:10 - 2014-05-05 20:10 - 00000192 _____ () C:\Users\Linda\Desktop\Slooh Live Events.url

2014-05-05 20:07 - 2013-12-02 01:50 - 00000000 ____D () C:\Users\Linda\AppData\Local\VirtualStore

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mPlayer

2014-05-05 20:04 - 2014-05-05 20:04 - 00000000 ____D () C:\Program Files (x86)\mPlayer

2014-05-05 12:25 - 2013-10-21 06:17 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log

2014-05-05 12:24 - 2013-04-11 16:35 - 00000000 ____D () C:\Program Files (x86)\CyberLink

2014-05-05 12:24 - 2013-03-20 23:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools

2014-05-05 12:23 - 2012-08-03 20:02 - 00000000 ____D () C:\SWSetup

2014-05-05 12:09 - 2013-10-21 06:17 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-05-04 12:26 - 2014-05-03 08:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak18

2014-05-03 07:58 - 2014-05-03 01:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak17

2014-05-03 07:54 - 2014-04-15 19:20 - 07757536 _____ () C:\WINDOWS\PFRO.log

2014-05-03 07:53 - 2014-05-01 20:42 - 00000000 ____D () C:\ProgramData\Norton

2014-05-03 07:47 - 2012-07-26 04:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb

2014-05-02 17:07 - 2014-05-02 17:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

2014-05-02 15:43 - 2014-05-02 15:43 - 00001094 _____ () C:\Users\Linda\Desktop\www.thewindowsclub.com&dtd=257.url

2014-05-02 15:26 - 2014-05-02 15:26 - 00000610 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk

2014-05-02 15:26 - 2014-05-02 00:38 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak16

2014-05-01 23:06 - 2014-05-01 23:06 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak15

2014-05-01 22:52 - 2014-05-01 22:52 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak14

2014-05-01 22:51 - 2014-05-01 22:51 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak13

2014-05-01 21:07 - 2013-12-16 21:39 - 00000000 ____D () C:\Users\Linda\AppData\Local\LogMeIn Rescue Applet

2014-05-01 20:49 - 2014-04-22 00:14 - 00002509 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton Security Suite.lnk

2014-05-01 20:35 - 2014-05-01 20:35 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (31).lnk

2014-05-01 20:33 - 2014-02-13 11:59 - 00000000 ____D () C:\WINDOWS\pss

2014-05-01 20:13 - 2014-05-01 20:13 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (30).lnk

2014-05-01 19:49 - 2014-05-01 19:49 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (29).lnk

2014-05-01 19:17 - 2014-05-01 19:17 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (28).lnk

2014-05-01 09:32 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\system32\NDF

2014-04-30 19:47 - 2014-04-30 19:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (27).lnk

2014-04-30 19:25 - 2014-04-30 19:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (26).lnk

2014-04-30 00:09 - 2014-04-30 00:09 - 00688992 _____ (Swearware) C:\Users\Linda\Downloads\dds.com

2014-04-29 19:18 - 2014-04-29 19:18 - 00000000 ____D () C:\Users\Linda\Downloads\New folder

2014-04-29 17:48 - 2014-04-29 17:48 - 00000000 ____D () C:\Users\Public\Downloads\Norton

2014-04-29 17:45 - 2014-04-29 17:45 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (25).lnk

2014-04-29 17:37 - 2014-04-29 17:37 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (24).lnk

2014-04-29 17:29 - 2014-04-29 17:29 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (23).lnk

2014-04-29 16:35 - 2014-04-29 16:35 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (22).lnk

2014-04-29 10:20 - 2013-12-16 21:50 - 00045056 ___SH () C:\Users\Linda\Desktop\Thumbs.db

2014-04-29 10:01 - 2014-05-02 17:09 - 23547904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-04-29 09:47 - 2014-04-29 09:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (21).lnk

2014-04-29 09:24 - 2014-04-29 09:24 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (20).lnk

2014-04-29 09:16 - 2014-04-29 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (19).lnk

2014-04-29 08:48 - 2014-05-02 17:09 - 17384448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-04-29 08:45 - 2014-04-29 08:44 - 00024690 _____ () C:\Users\Linda\Downloads\Result.txt

2014-04-28 18:23 - 2014-04-28 18:23 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (18).lnk

2014-04-28 17:32 - 2014-04-28 17:31 - 01291104 _____ (LogMeIn, Inc.) C:\Users\Linda\Downloads\Support-LogMeInRescue.exe

2014-04-28 15:46 - 2014-04-28 15:46 - 00000000 ____D () C:\Users\Public\Documents\CyberLink

2014-04-28 08:31 - 2013-12-05 05:35 - 00000000 ____D () C:\Users\Public\CyberLink

2014-04-28 08:24 - 2014-04-28 08:24 - 00003156 _____ () C:\WINDOWS\System32\Tasks\YCMServiceAgent

2014-04-28 08:24 - 2014-04-24 17:49 - 00000039 _____ () C:\WINDOWS\setupact.log

2014-04-28 08:24 - 2013-04-11 16:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat

2014-04-28 08:16 - 2013-04-11 16:34 - 00000000 ____D () C:\ProgramData\install_clap

2014-04-27 23:48 - 2013-12-27 08:21 - 00000000 ____D () C:\N360_BACKUP

2014-04-27 14:20 - 2014-04-27 14:20 - 00000904 _____ () C:\Users\Linda\Downloads\Downloads - Shortcut.lnk

2014-04-27 13:58 - 2014-04-27 13:58 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (17).lnk

2014-04-27 13:54 - 2014-04-27 13:54 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (16).lnk

2014-04-27 11:47 - 2014-04-27 11:47 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (15).lnk

2014-04-27 11:45 - 2012-07-26 04:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2014-04-27 11:25 - 2014-04-27 11:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (14).lnk

2014-04-27 10:59 - 2014-04-27 10:59 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (13).lnk

2014-04-27 10:34 - 2014-04-27 10:34 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (12).lnk

2014-04-27 10:29 - 2014-04-27 10:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (11).lnk

2014-04-27 09:44 - 2014-04-27 09:44 - 00002210 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (10).lnk

2014-04-27 09:35 - 2014-04-27 04:26 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak12

2014-04-27 09:32 - 2014-04-27 09:32 - 00002255 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (9).lnk

2014-04-27 09:16 - 2014-04-27 09:16 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (8).lnk

2014-04-27 08:45 - 2014-04-27 08:45 - 00000187 _____ () C:\Users\Linda\Desktop\Microsoft Fix it Solution Center troubleshooting software issues (2).url

2014-04-27 03:25 - 2014-04-27 03:25 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (7).lnk

2014-04-27 02:10 - 2014-04-27 02:10 - 00000212 _____ () C:\Users\Linda\Desktop\How to Uninstall & Reinstall IE  eHow.url

2014-04-26 16:47 - 2014-04-26 16:47 - 00000235 _____ () C:\Users\Linda\Desktop\fixit download I.E. - Search Microsoft.com.url

2014-04-26 14:52 - 2014-04-26 14:52 - 00000254 _____ () C:\Users\Linda\Desktop\Adobe ID, sign-in, and account help.url

2014-04-26 02:28 - 2014-01-03 18:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\NPE

2014-04-25 12:13 - 2014-04-25 12:13 - 00078854 _____ () C:\Users\Linda\Desktop\cookies.txt

2014-04-25 12:13 - 2014-04-25 12:13 - 00006061 _____ () C:\Users\Linda\Desktop\bookmark.htm

2014-04-25 12:13 - 2014-04-25 12:13 - 00000784 _____ () C:\Users\Linda\Desktop\feeds.opml

2014-04-25 08:18 - 2014-04-25 08:18 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (6).lnk

2014-04-24 23:28 - 2013-12-07 08:24 - 00000508 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\PCHgames - Free Online Games, Sweepstakes, and Prizes!.website

2014-04-24 20:26 - 2014-04-24 20:26 - 00000000 ____D () C:\WINDOWS\SysWOW64\Adobe

2014-04-24 19:24 - 2014-04-22 02:03 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak11

2014-04-24 17:49 - 2014-04-24 17:49 - 00000000 _____ () C:\WINDOWS\setuperr.log

2014-04-24 15:46 - 2013-12-13 18:48 - 00000492 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\JustFab.website

2014-04-24 15:29 - 2014-04-20 18:02 - 00000000 ____D () C:\NPE

2014-04-24 15:21 - 2014-04-24 15:21 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (5).lnk

2014-04-24 02:48 - 2014-04-24 02:48 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-04-24 02:44 - 2014-04-24 02:44 - 01016261 _____ (Thisisu) C:\Users\Linda\Downloads\JRT.exe

2014-04-24 02:17 - 2014-04-24 02:13 - 00000000 ____D () C:\AdwCleaner

2014-04-24 02:17 - 2013-12-29 12:44 - 00001229 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Mananger.lnk

2014-04-24 02:11 - 2014-04-24 02:10 - 01365865 _____ () C:\Users\Linda\Downloads\adwcleaner (1).exe

2014-04-24 00:50 - 2014-04-24 00:50 - 00448512 _____ (OldTimer Tools) C:\Users\Linda\Downloads\TFC.exe

2014-04-23 23:34 - 2014-04-23 14:39 - 00031524 _____ () C:\WINDOWS\SysWOW64\Result.txt

2014-04-23 23:22 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-04-23 22:50 - 2014-04-23 22:50 - 00982016 _____ (Farbar) C:\Users\Linda\Downloads\MiniToolBox (1).exe

2014-04-23 20:37 - 2014-04-21 13:28 - 00005402 _____ () C:\Users\Linda\Desktop\Rkill.txt

2014-04-23 15:41 - 2014-04-23 14:51 - 00000000 ____D () C:\Users\Linda\Desktop\mbar

2014-04-23 15:26 - 2014-04-23 15:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\rkill.exe

2014-04-23 14:45 - 2014-04-23 14:45 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Linda\Downloads\mbar-1.07.0.1009.exe

2014-04-23 13:30 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-04-23 13:14 - 2014-04-23 13:14 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Linda\Downloads\mbam-setup-2.0.1.1004 (1).exe

2014-04-23 12:44 - 2014-04-23 12:44 - 00003477 _____ () C:\WINDOWS\SysWOW64\FSS.txt

2014-04-23 00:02 - 2014-04-23 00:02 - 00854355 _____ () C:\Users\Linda\Downloads\SecurityCheck (1).exe

2014-04-22 22:22 - 2014-04-22 22:22 - 00000000 ____D () C:\Users\dub_cm_auto

2014-04-22 20:24 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-04-22 20:24 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-04-22 02:01 - 2014-04-22 02:01 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak10

2014-04-21 20:39 - 2013-12-16 21:50 - 00000000 ____D () C:\Users\Public\Downloads\Norton1

2014-04-21 15:14 - 2013-08-22 11:36 - 00000000 ____D () C:\WINDOWS\L2Schemas

2014-04-21 13:53 - 2014-04-21 13:53 - 00602112 _____ (OldTimer Tools) C:\Users\Linda\Downloads\OTL.exe

2014-04-21 13:26 - 2014-04-21 13:26 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Linda\Downloads\iExplore.exe

2014-04-21 11:31 - 2014-04-21 11:31 - 00000000 _____ () C:\autoexec.bat

2014-04-21 11:30 - 2014-04-21 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group

2014-04-20 12:41 - 2014-04-20 12:41 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (4).lnk

2014-04-16 10:16 - 2014-04-16 10:16 - 00000185 _____ () C:\Users\Linda\Desktop\Adobe Community How do I clear my Flash Player cache and settings.url

2014-04-15 13:02 - 2014-04-15 13:01 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (3).lnk

2014-04-15 12:08 - 2014-04-15 12:08 - 00000166 _____ () C:\Users\Linda\Desktop\How To Remove Ib.adnxs.com Redirect virus Permanently - Malware Wikihowtos.url

2014-04-15 11:51 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak9

2014-04-15 00:54 - 2014-04-15 00:54 - 00000187 _____ () C:\Users\Linda\Desktop\Publishers Clearing House.url

2014-04-14 14:51 - 2014-04-14 15:02 - 00082812 _____ () C:\Users\Linda\Downloads\LMEYFUJ6 - Copy.htm

2014-04-14 13:39 - 2014-04-14 13:39 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak8

2014-04-13 06:28 - 2014-04-10 20:15 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak7

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2014-04-12 11:11 - 2014-04-12 11:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2014-04-12 11:07 - 2014-04-12 11:07 - 00000246 _____ () C:\Users\Linda\Desktop\http--www.microsoft.com-getsilverlight-Get-Started-Install-uninstall-arp-win.aspx.url

2014-04-12 06:58 - 2014-04-12 06:58 - 00074033 _____ () C:\Users\Linda\Desktop\DxDiag.txt

2014-04-11 15:47 - 2014-04-11 15:47 - 09747373 _____ () C:\Users\Linda\Downloads\Windows8.1-KB2942844-x64.msu

2014-04-11 15:37 - 2014-04-08 09:59 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-04-11 15:18 - 2014-04-11 15:18 - 00004500 _____ () C:\Users\Linda\Downloads\dpx (1).js

2014-04-11 13:25 - 2014-04-11 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Users\Linda\AppData\Local\Google

2014-04-11 13:25 - 2014-04-11 13:24 - 00000000 ____D () C:\Program Files (x86)\Google

2014-04-11 13:24 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Deployment

2014-04-11 13:23 - 2014-04-11 13:23 - 00000000 ____D () C:\Users\Linda\AppData\Local\Apps\2.0

2014-04-11 12:54 - 2013-11-14 03:28 - 00956476 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-04-11 12:29 - 2014-04-11 12:29 - 00002281 _____ () C:\Users\Linda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ID1010358 Symantec Corporation (Sutherland) (2).lnk

2014-04-10 20:14 - 2014-04-10 20:14 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak6

2014-04-10 19:45 - 2014-04-08 22:11 - 00000000 ____D () C:\WINDOWS\softwaredistribution.bak5

2014-04-10 01:18 - 2014-04-08 09:59 - 00000000 ____D () C:\ProgramData\Yahoo!

2014-04-10 01:05 - 2014-01-15 15:11 - 00000000 ____D () C:\Users\Linda\AppData\Local\Adobe

 

Some content of TEMP:

====================

C:\Users\Linda\AppData\Local\Temp\Extract.exe

C:\Users\Linda\AppData\Local\Temp\SCC.dll

C:\Users\Linda\AppData\Local\Temp\SP65790.exe

C:\Users\Linda\AppData\Local\Temp\SymCCIS.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

 

LastRegBack: 2014-05-03 21:17

 

==================== End Of Log ============================



#13 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 11 May 2014 - 07:15 PM

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">

  <assemblyIdentity name="Tweaking.com.Repair_Windows" processorArchitecture="X86" type="win32" version="1.0.0.0" />

  <description>Repair Windows</description>

  <file name="MSINET.Ocx">

    <typelib tlbid="{48E59290-9880-11CF-9754-00AA00C00908}" version="1.0" flags="control" helpdir="" />

    <comClass clsid="{48E59293-9880-11CF-9754-00AA00C00908}" tlbid="{48E59290-9880-11CF-9754-00AA00C00908}" threadingModel="Apartment" progid="InetCtls.Inet.1" description="Microsoft Internet Transfer Control" />

  </file>

  <file name="tweaking_tabs.ocx">

    <typelib tlbid="{C1737950-391B-4208-AD45-530D7D9B734E}" version="7.0" flags="control" helpdir="" />

    <comClass clsid="{661263AD-28E1-4F88-8C85-E36762CD55E0}" tlbid="{C1737950-391B-4208-AD45-530D7D9B734E}" threadingModel="Apartment" progid="Tweaking_Tabs.XTab" description="" />

    <comClass clsid="{36109714-9E72-45D8-BAC9-F10673A7C6D6}" tlbid="{C1737950-391B-4208-AD45-530D7D9B734E}" threadingModel="Apartment" description="" />

  </file>

  <file name="SSubTmr6.dll">

    <typelib tlbid="{71A2702D-C7D8-11D2-BEF8-525400DFB47A}" version="1.0" flags="" helpdir="" />

    <comClass clsid="{71A27032-C7D8-11D2-BEF8-525400DFB47A}" tlbid="{71A2702D-C7D8-11D2-BEF8-525400DFB47A}" threadingModel="Apartment" progid="SSubTimer6.GSubclass" description="" />

    <comClass clsid="{71A27034-C7D8-11D2-BEF8-525400DFB47A}" tlbid="{71A2702D-C7D8-11D2-BEF8-525400DFB47A}" threadingModel="Apartment" progid="SSubTimer6.CTimer" description="" />

  </file>

  <file name="tweaking_com_treeview.ocx">

    <typelib tlbid="{CA5A8E1E-C861-4345-8FF8-EF0A27CD4236}" version="6.0" flags="control" helpdir="" />

    <comClass clsid="{9C1F0FE1-777B-4356-8F80-40499265EAA7}" tlbid="{CA5A8E1E-C861-4345-8FF8-EF0A27CD4236}" threadingModel="Apartment" progid="vbalTreeViewLib6.vbalTreeView" description="" />

  </file>

  <asmv3:application xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">

    <asmv3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings" xmlns:asmv3="urn:schemas-microsoft-com:asm.v3">

      <dpiAware>true</dpiAware>

    </asmv3:windowsSettings>

  </asmv3:application>

  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">

    <security>

        <requestedPrivileges>

          <requestedExecutionLevel level="requireAdministrator" uiAccess="false" />

        </requestedPrivileges>

    </security>

  </trustInfo>

   <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> 

       <application> 

           <!-- Windows Vista -->

           <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/> 

           <!-- Windows 7 -->

           <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>

           <!-- Windows 8 -->

           <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>

           <!-- Windows 8.1 -->

           <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>

       </application> 

   </compatibility>

</assembly> 



#14 Ataxia

Ataxia
  • Topic Starter

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:06:28 AM

Posted 11 May 2014 - 07:49 PM

Don't know if this is helpful as I did a system restore.because as stated previously seemed to have more problems than before running window windows repair exe                                      .Tweaking.com - Windows Repair Change Log.

 

v2.7.1

Multiple bug fixes. While I had updated the v2.7.0 setup and portable files with the bug fixes some download sites still had the bad files. 

So to make sure everyone gets updated I am putting out a new version. Make sure to use 2.7.1 :-)

 

v2.7.0

Added a new startup check to the program. The program will now check that all files needed for the repairs in the program folder are present.

If files are missing then the repair that needs those files will fail, which can cause bad side effects depending on the repair.

So now the program will do a quick check and if any files are missing, the program will let you know which files and ask you to reinstall the program to make sure all files are there.

You can not continue with the program if any files are missing. If all files are present then it automatically continues to the normal start window of the program.

 

Added a new repair "Reset Service Permissions" This repair will add permissions on all services on the current system. Administrators = Full, System = Full, TrustedInstaller = Full

 

"Reset Registry Permissions" & "Reset File Permissions" have been completely redone. The program was using subinacl.exe to set permissions but it was only 32 bit and didn't access the 64 bit locations.

This has been replaced with SetAcl.exe which supports 32 and 64 bits. So now on a 64 bit OS all areas get their permissions set.

Because this can now access all locations the 2 repairs are a little slower and it doesn't have the progress screen that the subinacl.exe did.

So the cmd window has been updated to not show what current key or file it is on as it slowed down the repair by a very very large amount because the CPU was being used to draw all the text to the cmd.exe window.

So by not having it display all that information the speed of the repair is much better.

 

Since "Reset File Permissions" now uses a new exe the exclusions part has been changed, if you used this option in the program please see the text files on how to use exclusions.

 

For Vista and newer versions of Windows "Reset Registry Permissions" & "Reset File Permissions" now also adds the "TrustedInstaller" account with Full access rights.

 

Updated multiple repairs to better handle Windows 8 and 8.1 and all the fussy stuff it wants, making the repairs better than ever for Windows 8 & 8.1 :-)

 

Updated other multiple repairs.

 

Improved the handling of the program running with the /silent switch and when it closes itself down after repairs.

 

Multiple code changes and improvements.

 

v2.6.3

Updated Repair Registry Permissions

 

Updated Restore Windows 8 COM+ Unmarshalers

 

The 2 repair updates both have to do with a bug that only hits a few Windows 8.1 users.

When the HKEY_CLASSES_ROOT\Unmarshalers permissions get changed and are not locked down then for some reason Windows deletes that registry key on reboot.

Only happens to certain machines and appears to be a bug in Windows. The repairs have been updated to now lock down the registry location like it was before,

this will stop the bug in Windows from the registry key from being removed.

When this registry key and its sub keys are removed the COM+ wont work and sound will stop working among a bunch of other things.

The Windows Repair Program didn't remove these, something in Windows does for a unknown reason. Now with that registry location being locked again it stops that from happening.

 

v2.6.2

Added a new repair "Restore Windows 8 COM+ Unmarshalers" Starting in Windows 8 the COM+ depends on a set of registry keys located under HKEY_CLASSES_ROOT\Unmarshalers\System

There is a bug in Windows 8 where those registry keys are sometimes removed, which when they are COM+ will no longer function and many things in windows stop working including audio, Windows Defender, Windows Firewall, WMI and many more.

When these keys are restored COM+ functions again. These registry keys where not in older versions of Windows and is new to Windows 8.

 

Updated Repair Registry Permissions

 

The tree view on the repair window now takes on the colors set for the text boxes and lists instead of the program back and text colors.

 

Changed the default color theme to make the text boxes and lists a little darker than pure white.

 

Updated Registry Backup to v1.8.0

 

v2.6.1

Multiple interface changes and fixes.

 

Code updates and improvements in multiple locations in the program.

 

v2.6.0

Added a new option to change all the program colors (under the settings tab). The user can now control the colors of the program and even save their color layout as a preset. This is very helpful for colorblind, or hard of seeing users or just users who don't like my default colors :-)

 

Added a new system monitor to the repair window. The repair window will now show the current memory usage, process count, cpu usage and current read and right speeds of the hard drives. This way a user can keep track if they are running out of memory or if the drives are doing anything during a repair. Very useful so the user can tell if a repair is working or has stalled.

 

There are now 5 step tabs before the repairs. I changed the Welcome tab to Step 1 and changed the order of the rest. On the new step 1 it tells the user to do a proper power reset before anything else and gives them a quick 4 step instruction on how to do so.

 

Changed the default colors of the program. Replaced the green text with a easier to read color. Also change the button colors to stand out more and multiple other changes.

 

A large amount of interface and layout changes.

 

Code cleanup, removed old code that I was no longer using.

 

Updated the code on step 3 when doing a read only chkdsk on the drive.

 

Updated the Register System Files repair.

 

Updated Restore Important Services.

 

Updated Repair WMI to make a backup of the antivirus, firewall and antispyware information. It will export that data out first since it is lost when WMI is built and then import it back in once WMI is finished. Normally the Windows security center would complain you have no AV install and such after the repair. The AV and such would update it self back to WMI after it updates itself or after another reboot. But this confused some users who thought their AV wasn't working. By exporting and then importing that information back will keep that from happening and confusing users.

 

Multiple Code improvements and changes through out the whole program.

 

v2.5.1

Important update to the "Set Windows Services To Default Startup" repair. A few services Windows changes the default startup for based on the hardware you have installed. Such as the wireless service is set to manual but if Windows detects a wireless card then the service is changed to automatic. The services that get changed have been updated and is now fixed.

 

v2.5.0

The "Reset File Permissions" Repair has been totally redone. The old way the program would run a bat file for each folder on the root of the drive. So if you had 100 folders on the root of the drive it would run 100 bat files in order to set the permissions on each folder. This was done so the program could skip certain folders. The repair now does the whole drive in just 1 bat file, making things much faster for this repair.

 

Also added a exclude list option to the "Reset File Permissions" Repair. This new excluded list will allow power users to tweak the repair and have it skip certain folders or files. This new option was what made it possible to streamline the repair. 2 new files where added to the files folder file_permissions_excludes.txt and file_permissions_profiles_excludes.txt.

 

Updated the "Repair WMI" to skip the system volume information folder when looking for wmi files to add back. Normally this wasn't a problem but if for some reason a user had taken ownership over the system volume folder then the program had access to it and then the WMI repair would loop through the restore points, which we don't want.

 

The "Set Windows Services To Default Startup" has been redone as well. Before it pulled what services to set from the services_startup.txt file in the files folder. With Windows having so many different services for each version of Windows I have now made the repair pull from a txt file based on what version of Windows the user is on. This now gives even more control to power users and also makes the repair better suited for each version of Windows. 5 new files have been added to the files folder services_startup_xp.txt, services_startup_vista.txt, services_startup_7.txt, services_startup_8.txt, services_startup_8.1.txt.

 

To help make the "Set Windows Services To Default Startup" even better I installed a fresh copy of Windows XP Pro SP3, Vista Ultimate SP2, 7 Ultimate SP1 , 8 Pro and 8.1 Pro with nothing added to them but their default installs and pulled all the service startup information for every single service. The repair now sets more services than ever and as of right now every known service default in each version of Windows.

 

Multiple other code changes and improvements.

 

v2.4.2

The step 3 system file checker cmd.exe window now uses the cmd color options in the program.

On step 2 I added a view log button that will show up after you run check disk on the system, the log file is stored in the log file location but now the user can open it right from the program if they wish.

Added a "View Logs" button to the main repair window. Now users can open the logs folder after doing repairs instead of manually going to them, this will help with users who have trouble knowing where the logs are.

Bug fix for VSS and services for XP systems.

 

v2.4.1

Fixed bug in the program where if you ran the Repair CD/DVD and had iTunes installed iTunes could complain about a regkey missing. The program did put the registry key back into the registry but it didn't null terminate the line so iTunes still complained. This has now been fixed and iTunes no longer complains.

Reset File Permissions has been improved. The reset file permissions normally skips the profile folders on the system. This was due to a odd bug in Windows Vista, 7 and newer where if "Everyone" permissions was set on a folder under the user profile Windows would think it is shared when it wasn't. Well after helping a user who had a lot of problems on their system it turned out to be because somehow the user had removed "Administrators" and "System" from all the permissions on the folders and files of the profile. Once those where put back everything worked. So I knew I had to get the profiles added to the repair. The new changes will update all the profile folders properly and only add administrators and system, not everyone. Also for the current user profile folder it will also add the current user as it should be that way.

Small code changes.

 

v2.4.0

Repair Icons has been updated and redone. The repair will now kill explorer.exe to unlock the cache files, delete them and then start explorer.exe back up. Also Starting with vista, 7 and 8 there is a new location for the cache files and that has been added to the repair.

Change the the logs, the program now makes a folder with the date and time the start repairs button was clicked and logs are stored in that folder in the log location. So now instead of the program overwriting logs it now keeps them so you can view logs from different repair runs.

Added a new tab in the main window of the program letting users know about tweaking their system for performance after a repair. It simply tells them about my simple system tweaker and my CleanMem tool from my other site PcWinTech.com. This way users now have an option to try and speed things up afterwards if they like.

I have made a custom CleanMem for Tweaking.com and included it with the program. The program will now cleanup memory on the system instantly before doing the repairs. This will help with systems with little memory or have some processes that are memory hogs or have memory leaks, they get cleaned up before the repairs start.

Updated Repair WMI.

Updated Repair IE to support IE 11.

Program now pulls more system information and adds it to the logs, this has the benefit of letting the user see how memory and other things look and the information can also help when helping a user in the forums.

Added 20 more services to Restore Important Windows Services.

Multiple code changes and updates.

The installer for the program now puts the setup log in the same folder as the program instead of the temp folder. This will make it easier for users to find it if they wish.

 

v2.3.0

Fixed a bug where the cmd.exe windows where not changing color like they use to.

New feature, you can now set what back and text color to use in the cmd.exe windows. This is useful when running the program from a script and you can tell which cmd.exe windows belong to the program and not the script.

Program now gives a warning if it is unable to create the log file path. If the program is unable to save the log files the repairs will fail. Examples of it failing would be if the path has Unicode chars or is pointing to a ready only folder such as running off a cd.

Small bug fixes and multiple code changes.

 

v2.2.1

Per user request I have enabled the beta repair for system restore.

Adjusted privileges of the program to fix a loop in the wmi repair and to also give better access for the repairs.

Program now logs if it has trouble loading needed privileges. This can be helpful if the user account the program is running under doesn't have the correct access that is needed for the repairs.

 

v2.2.0

Remove beta repairs button. The only beta repair was for the system restore which wasn't repairing it, so no point in having it till i find more info on it :-)

The Repair CD/DVD Missing/Not Working now logs if it detects iTunes and if it does it applies the upperfilter regkey so iTunes can burn cds.

The Unhide Non System Files now also sets the show desktop icons back to enabled. Some viruses are putting desktop icons as hidden. If you keep them hidden your self you can rehide them with a simple right click on the desktop and then go to view.

Updated the repair windows firewall to have file and print sharing enabled.

Add a "Defaults" button next to the select all and unselect all repairs. This was by user request. The defaults button will select the default repairs, the same as when you run the Windows Repair for the first time.

The Windows Repair log now record system information such as what version of windows and such. This way when a user posts the log in the forums and doesnt tell me what version of Windows they are on I can see it in the logs.

New repair added for Windows 8 users. Repair Windows 8 Component Store. Microsoft finally added some built in tool to fix and recover corrupt files when sfc /scannow fails and says it couldn't fix some corrupt files. I also have the repair do a cleanup of the component store to shrink the size and also possibly remove errors from old outdated files. Here is the repair info from with in the program.:

 

"Repair Windows 8 Component Store

 

The following commands are done.

 

Dism /Online /Cleanup-Image /StartComponentCleanup

Dism /Online /Cleanup-Image /RestoreHealth

 

The first command cleans up the component store (WinSxS Folder) in windows, reducing it size and removing old entries.

 

The 2nd command is used to repair corrupt files and corrupt entries in the component store.

 

Reasons for this repair:

Used to fix Windows component store corruption when a SFC /SCANNOW command is unable to repair corrupted system files because the store (source) is corrupted, then run the SFC command again.

Used to fix Windows component store corruption when the same Windows Updates continue to appear to be available to install even though they already show successfully installed in update history.

 

More information on these commands can be found here:

http://technet.microsoft.com/en-us/library/hh824869.aspx

and

http://www.eightforums.com/tutorials/26512-dism-fixing-component-store-corruption-windows-8-a.html

"

 

v2.1.1

New feature added to the program (Possible speed increase as well). Under the settings tab in the main window of the program you can now set the window state and priority of the cmd.exe. The program uses bat files to run the repairs which goes through cmd.exe in Windows. Now you can choose to have the cmd.exe window be minimized, maximized or normal like it has been. (Useful for techs who are running repairs but are trying to do something else on the system) You can also set what CPU priority to run cmd.exe, so on older systems where the CPU is in use by other processes the cmd.exe window can now get priority, thus getting more CPU when it needs it and possibly speeding up the repairs for some people.

Updated and improved the Repair Winsock & DNS Cache

Updated and improved the Repair Windows Updates.

Multiple small code changes.

 

v2.1.0

Added new repair "Repair Windows App Store"

Updated Registry backup to 1.6.8

The program now auto skips repairs that are meant for a different version of Windows.

Added a checkbox to give the user an option to not have the program check for updates at startup. While I didn't have this before as it is extremely important to always run the latest version because of bug fixes and changes, it also causes the program to hang for a few seconds if the computer it is running on cant access the site to see what the current version is. So now the user can turn that off.

 

v2.0.1

Fixed bug where the /silent command didn't work. The bug was when you used /silent the repair window would show but didn't run the repairs. This is because with the new interface the treeview of the repairs wasn't loaded yet, so it didn't see any repair to run. This bug has now been fixed and /silent works again :-)

 

v2.0.0

New interface. Still the same layout but new colors that match the same look and feel as other programs on tweaking.com

Due to the interface changes I changed controls and graphics to make a smaller exe, smaller setup and use less memory.

Code improvements to Repair WMI.

All new logging. The program now records any output from the cmd.exe, not just errors. Bigger log files, but much better information when needed.

Support for Windows 8.1 added.

Tons of Code changes.

Repair Windows Updates updated.

Repair WMI updated.

Restore Important Windows Services updated.

Multiple bug fixes from the last version have been fixed.

 

v1.9.18

Bug fix: The program would get stuck in a opening and closing loop when you had it set to auto restart after repairs. This was because of a timer not turning off and wanting to update the window while it was closing down, thus the loop. This has now been fixed and the program closes like it should.

 

New feature: Since I had to get this bug fixed quickly I decided to take the time to add a new feature I came up with. In the steps before the repairs, Step 2 asks the user to do a check disk (chkdsk) on the system to make sure there is no file system errors before doing any repairs. I hated the fact that I forced the user to reboot to scan it when there may not be any errors on the file system. So I have added a new option to this step where the program will check the drive for errors and let you know if any are found. It is done by making a pipe to a cmd.exe window and running chkdsk in read only mode. Once chkdsk is done it looks for the key words "Windows found problems" and can let the user know if running chkdsk is even needed. Thus saving the user a reboot if there are no errors. I also have it log the chkdsk results to a chkdsk.log file in the logs folder in case a user wants to see the results of the chkdsk. :-)

 

v1.9.17

Updated the repair list to be numbered. This way when others have users use the program they can tell them what number in the list to choose instead of the repair name, making it easier for the user to check the correct ones.

Unhide non system files has been updated to support Unicode systems and file names and also to skip folders and files with symbolic links so it doesn't get stuck in a loop.

Unhide Non System Files now logs all files it unhides.

Repair WMI has been updated to apply MOF and MFL files back into WMI. So if you have a 3rd party program that added themselves to WMI they will be added back.

Log files have been updated to make a log file for each repair instead of trying to put everything into one log file. This is because the cmd.exe would sometimes give an error on the log file being in use.

Program now deletes old log files before running repairs. This way the log files dont keep growing in size if repairs are ran more than once.

Reset Registry Permissions has been enabled for Windows 8, but only does sections of the registry that doesn't effect the app store.

Repair Windows Firewall has been updated to use subinacl.exe to set the reg permissions instead of regini.exe. That is now 2 less files needed in the program.

Multiple code changes.

 

v1.9.16

Update to the Reset File and Reset Registry permissions. These repairs now delete orphaned SIDs and no longer follows symbolic links, keeping it from getting stuck in an infinite loop.

Updated the Repair Important Services to apply reg permissions to the service section in the registry (In case the reg permissions repair was skipped, and for users on Windows 8 who can't user the reg permissions repair because of the Windows App store.) and also to remove symbolic links from the Windows defender folder in case a well known virus put those there to break Windows defender.

Added remove_symbolic_links_from_windows_defender_folder.bat file to the files folder. This can be used by users who simply need to remove the symbolic links a virus puts on the Windows defender folder to keep Windows defender from working. The program now does this as well, but I decided to add a file for it for advanced users. The program doesn't not use this file, so changing it will have no effect on the program.

When a new update is available the program will now tell you in the caption bar instead of only at program startup. This is good for users who missed the message that there is a new version.

 

v1.9.15

Change the scan of malwarebytes from full to quick. Full is normally needed when scanning external drives and such and a quick scan is meant for scanning your system for all known malware locations and is much faster.

Small code changes.

 

v1.9.14

The awesome guys over at Malwarebytes gave me permission to allow Tweaking.com - Windows Repair to download and install Malwarebytes Anti-Malware and start a scan right from the program. This will now help make things a little easier for novice users and is a few less steps that my fellow techs need to do. When you start the program the scan option is on "Step 1" and is totally optional :-)

 

v1.9.13

Added msiserver service "Restore Important Windows Services" and "Repair MSI (Windows Installer)"

Added sppsvc service to the "Restore Important Windows Services"

Improved "Repair Internet Explorer", now better supports IE6 to IE 10.

"Repair Internet Explorer" now loads the list of files to register from the ie.txt file in the files folder. This gives users more control if they need it.

Improved "Repair MDAC/MS Jet"

"Repair MDAC/MS Jet" now loads the list of files to register from the mdac.txt file in the files folder. This gives users more control if they need it.

 

v1.9.12

Added 4 more service repairs to the "Restore Important Windows Services".

Improved repair print spooler.

Moved "Set Windows Services To Default Startup" to the bottom of the list. Since you can edit the file of what services are set to what startup, it made sense to move this last since other repairs that restore services put them back to their startup as well. This way a person can edit this file to keep any tweaks they have done to their services on the system.

Minor bug fixes and code changes.

 

v1.9.11

Improved "Repair Windows Update". On a very few machines the repair was unable to rename the pending.xml file. On vista and 7 this would cause the "installing update step 3 of 3" screen to never go away at boot up. By simply renaming the pending.xml file fixed this. Even though this was already part of the repair, if the file was in use at the time then it wasn't able to be renamed and the person would get stuck at the next boot. I am changed the repair to now remove any attributes from the file and set a secondary rename option directly in the registry to have windows rename the file at boot up. So now if the repair is unable to rename that file during the repair it will get rename at the next system boot. Hopefully this will now keep the "installing update step 3 of 3" screen from coming up and getting stuck. I was able to replicate this problem in Windows and the new repair fixed it in my testing.

 

Improved the "Repair Winsock & DNS Cache". The repair reset TCP which would also clear any static IP info set on the system. Per user request the program will now extract the static IP info, run the repair and then put the static IP info back.

 

v1.9.10

Improved the "Repair Windows Firewall". The program use to only restore the core of the shared access service. It didn't put any policies or rules. While helping a user in the forum they had a virus completely delete the shard access service key, including all rules. When the shared access was put back the firewall worked but he was unable to share any files. This is because there is some core things that have to be in the firewall rules in order to work. I have now added those core rules to the repair and it got his file sharing working just fine. This now makes the repair even better than before.

 

Added some more settings for the "Repair Windows Firewall". While helping a user in the forum the firewall was working but he couldn't get the firewall to open and would get a Group Policy error. While helping him I found the 2 reg keys that where needed to fix it. This keys are only on Vista and 7. They are not on Xp, 2003 or 8. The repair now puts these keys in on Vista and 7 only.

 

Added Windows Defender to the "Restore Important Windows Services" repair.

 

v1.9.9

Fixed bug reported by users where a folder was created on the C: drive called "Program" and windows would ask to delete or rename it, which was safe to do. The bug was with the new log settings. Bat files do not like spaces. If there was a space in the log location name it made that folder and the log was never made. The fix is to just make sure that the path is started and ended with quotation marks. I have updated all 250 locations in the program to make sure the log path has the quotation marks. This bug is now fixed.

 

v1.9.8

Changed the "Set Windows Services To Default Startup" repair to pull the services startup from a text file in the files folder instead of being hard coded. This will let users tweak this repair if they wish.

 

The program will now keep Windows from going into sleep mode or hibernation when repairs are running.

 

Added new repair "Repair Print Spooler"

 

Added "Time Elapsed" to the repair Window, so now users can see how long the repairs have been running.

 

Add new settings tab to the main window.

 

Under the new settings tab you can now change the default location for the log files.

 

Changed the default location of the log files from the Windows drive to the Logs folder in the program folder.

 

Added new repair "Restore Important Windows Services", this repair will replace all the services that the other repairs do. And as time goes I will add more services to this repair.

 

v1.9.7

Major changes to both "Reset Registry Permissions" and "Reset File Permissions". I found out that if you where on a non English system these two repairs simply wouldn't run and thus not change any permissions. This was because it was settings the permissions based on the names such as "Administrators" or "Everyone". On non English systems these are spelled differently and so would fail. I have changed these two repairs to set it by SID now instead of name. Example: Instead of "Administrators" it will use "S-1-5-32-544" (Which is the Windows Default SID for Administrators). These two repairs will now work on non English systems. As an added bonus, the two repairs run much faster now. The reason why is when I was using the names instead of the SID it had to go and lookup the SID of the names. Now that I am using the SID from the start it no longer has to do that lookup, thus making it run nearly twice as fast or better :-)

 

Fixed bug where if you opened the repair window, then closed it and then went back to it the repairs wouldn't work. This is because the program though it was in close down mode from closing the repair window. This has now been fixed.

 

Program now shows how many repairs are selected above the repair list. Example: "Repair Options (Selected: 10 of 35)"

 

The repair wmi was done in 3 steps to simply give a progress of what it is doing. Instead I have combined the 3 steps into 1.

 

Unhide none system files now gives a count of how many files it unhides. Also made a new status window to show when the unhide repair is running.

 

The Beta Repairs button will now be disabled when your running repairs.

 

The program now lists all fixed drives in the system for the Reset File Permissions and Unhide Non System Files repairs. Before it would only do the drive that Windows is on, now you can have it do other fixed drives as well. By default only the Windows drive is selected.

 

Log window now shows when a repair is being ran under the system account and the current user account.

 

The cmd.exe windows now show what repair it is doing in the title bar.

 

The program now checks if it is being run from a network path. If it is it lets the user know that due to Windows network security most repairs will fail and to please run the program locally on the system.

 

v1.9.6

Added renaming of the pending.xml file to the Repair Windows Updates

 

Due to an odd bug with the Windows 8 app store I had to disabled the reset reg permissions repair for now for Windows 8 systems. For some reason even though the app store has permissions, if you change the permissions in any way under certain keys under hkey local machine the app store will refuse to install apps and give the error code 0x8007064a. Until I can find out what keys the app store doesn't like touched I will keep this repair disabled for Windows 8.

 

v1.9.5

Fix bug where the program wouldn't go to the next repair if a cmd.exe was open. That means when the program was run from a bat file it wouldn't move forward. This bug was caused from a previous update. This is now fixed.

 

Updated the "Set Windows Services To Default Startup"

 

v1.9.4

On some systems, depending what programs are installed would not leave enough system resources for the reg and file permissions repair. On these systems after those repairs the rest of the repairs wouldn't work because the system was out of resources. There are two simple reg tweaks that increase the system resources Windows will use. Both repairs will now apply those two reg keys. Not only will this fix the resources being used up but should also fix any other program that runs out of resources. A reg file for these two tweaks are in the files folder with the program.

 

Added more files to the repair system restore.

 

Nearly all repairs run under the system account. As I work on the repairs I noticed something odd. Some parts of the repairs work when run under the current user account and fail under the system account, and other parts fail under the user account and work with the system account. Such as adding reg files or registering files. Here is an example registering the file blb_ps.dll under the user account works while trying to register it under the system account fails, and this only happens with a few files while the rest work fine under both. To handle this I now have some of the repairs run twice, once under the user account then again under the system account. This should handle any odd permissions between the two accounts and insure that the repairs are successful. This isn't needed on all repairs.

 

v1.9.3

Added a new section to the program called "Beta Repairs". There is a button on the repair window that will open it for you.

Added new beta repair "Repair System Restore" this is for Windows Vista, 7 and 8. Microsoft has no repair info on the system restore. So I monitored what services and files the system restore needs and I am working on the first known system restore repair. This is in the beta section till I get user feedback on how it works and if it gets system restore working again for people.

 

v1.9.2

Per user request the main repair window is now resizable.

Added 11 new file association repairs. What makes these repairs different than just clicking a reg file is on vista and newer some of the keys are locked. Since the program runs the repairs under the system account these repairs have access to those locked keys.

Added a "Tips" button that loads a page on the site with some tips on which repairs to run and tricks you can do with the program.

Changed the list in the program to a treeview.

I have some repairs unchecked by default now instead of all repairs checked.

Many code changes.

 

v1.9.1

Changes to the user interface.

 

v1.9.0

Minor Interface changes.

Program now pulls the information of each repair from a txt file instead of being directly in the program.

Added the BITS service to the Repair Windows Updates.

Added the wuauserv service to the Repair Windows Updates

Added a few more things to the Repair Windows Updates.

Added more support for Windows 8 repairs.

Added more dll files to the register system files repair.

Added new repair - "Repair Windows Safe Mode". This will put the default reg keys in order to boot into safe mode. Some viruses remove these reg keys. This will simply put the defaults back and allow safe mode to boot again.

Added more to the "Remove Policies Set By Infections" repair.

Multiple Code changes and improvements.

 

v1.8.0

Replaced Erunt registry backup with Tweaking.com - Registry Backup

Some new viruses have been adding programs to the Image File Execution Options in the registry. Keeping those programs from running. I have added 773 more items to the Remove Policies Set By Infections.

Added new repair "Repair Windows Snipping Tool". This will run on vista or newer and replace the reg keys needed for the snipping tool.

Added new repair "Repair .lnk (Shortcuts) File Association" This will run on vista or newer.

Updated the "Repair CD/DVD Missing/Not Working" to see if iTunes is running (Looks for ituneshelper.exe is running). If it is it puts the iTunes "UpperFilters" for the cd/dvd rom drive so iTunes wont give the error "Warning the registry setting used for importing CD are missing". More info here http://support.apple.com/kb/TS2372?viewlocale=en_US

Multiple code improvements.

 

v1.7.5

Improved operating system detection code. What does this mean? Some repairs need to know what version of Windows it is running run to run the correct code. The program used WMI to pull this info. But if WMI was broken it didn't pull the info. I now have it use the Windows API to pull the Windows version, and if for any reason it fails it will fall back to using WMI to pull the info.

 

v1.7.4

The program is now Terminal Server Aware. When you ran the program on a Windows server that had Terminal Services installed the Windows API returned the wrong path to the windows dir. This is now fixed.

 

v1.7.3

Updated the Repair Windows Firewall. It now restores the reg keys for the BFE, MPSSVC and WSCSVC services. Before it only put back the shared access service. Which in XP is all the firewall needed. But in Vista and 7 it required more services. They are now part of the repair :-)

 

v1.7.2

Small bug fixes to the log creation of the program.

I have removed the 3 options "Basic" "Advanced" and "Custom" before you start the repairs. Nearly all users that I have talk to, and myself included always choose custom anyways. No need for these other options and they have been removed. Should cut down on the confusion for new users on which to use.

New interface changes to the repair window in the program.

Added "Always On Top" option for the repair window.

Added a minimize button to the repair window. With the always on top option if something opens behind the window and the user needs to get to it they can now minimize the window.

Added a minimize button to the main window in the program for the heck of it :-)

Code improvements.

 

v1.7.1

Updated the Repair WMI to better handle the commands needed for the different version of Windows. While the WMI works great on XP, Vista and 7 it didn't work correctly on 2003 thus breaking WMI. I have added the commands need to have it run properly on 2003 :-)

 

v1.7.0

Small improvements to a few repairs.

Better support when running the program through a script. I have a good amount of repair shops that use this repair tool. Some like to run the repair tool with the silent command and from a script in a bat file. The old version of the program would close any cmd.exe window before running the repairs. This of course defeated the purpose of running through a script. So I have changed the way the program waits for a repair to finish. Instead of waiting for cmd.exe to close, each repair will now make a file. When the repair is finished it will delete the file, then the program will know to move onto the next repair.

I now have the cmd.exe windows change to a gray background with black text. This way when running the program through a script you will know which cmd.exe window belongs to the windows repair :-)

The program will now save any errors from the repairs into a txt file on the Windows drive in a folder. Example: "C:\Tweaking.com_Windows_Repair_Logs\" Multiple log files are made for the permission repairs. This is because the MS tool doesn't append to the log file, so a new file has to be made for each section. Since this could create a fair amount of log files I have the program cleanup any empty log files after the repairs are ran.

 

v1.6.5

Program detects if you are running in safe mode and warns that some repairs may not work in safe mode.

I have also made a few changes for all repairs to run better in safe mode. No guarantees but should definitely run better in safe mode than it has before.

Per user request you can now choose to restart or shutdown the computer after repairs.

I have the repair window resized to 750 x 550 pixels (Now bigger than before). This is the max size to fit on the screen in safe mode which is normally 800 x 600.

 

v1.6.4

Add ERUNT Registry backup tools. This is another option to backup the system registry before doing repairs. Also very helpful when a users system restore isn't working properly.

 

v1.6.3

Major improvement for the Reset File Permissions repair. On vista and newer the repair would allow access to folders windows normally blocked. Such as "C:\ProgramData\Application Data". Normally with this folder you would get an access denied. After you ran the reset file permissions repair you could access it. The side effect was that this folder points back to the C:\ProgramData folder. So it made an endless loop! The repair now checks if your on anything newer than XP. If you are then it runs a batch of commands after the repair that puts back the deny permissions on all the folders that are supposed to be blocked. This stops that endless loop from happening. 46 folders total. :-)

 

v1.6.2

Per user request I have added a silent command option to the program. Set the options in the setting.ini file and run the program with /silent. The program will run in custom mode running the repairs set in the settings and then close it self. Will even reboot when done if set in the settings. (Perfect option for my fellow network admins) :-)

Small code changes.

 

v1.6.1

Added new repair "Repair Missing Start Menu Icons Removed By Infections" This repair will put back the missing icons in the start menu, quick launch, and desktop that are moved by a rogue virus.

 

v1.6.0

Added new repair "Repair MSI (Windows Installer)"

Added exe fix (when a virus hijacks the exe section in the registry) to the "Remove Policies Set By Infections" repair.

Improved "Repair Windows Updates".

Small interface changes.

 

v1.5.8

Bug Fix: I found a very odd bug where some of the repairs were not working right. All repairs run under the system account (because of the trusted installer in vista and newer). For some reason the repairs that set registry keys by a .reg file and with regedit would run but the changes wouldn't take. The fix was to have those repairs run as the logged in account. Still scratching my head on that one, but at least now they work again :-D

Bug Fix: The repair windows firewall wasn't running all the repairs needed for it. This has now been fixed.

The Reset File Permissions now skips the "Users" folder in Vista and newer and "Documents and Settings". The reason for this is in Vista and newer there is a bug where if the file permissions are changed in the user profile then Windows thinks the file is shared when it isn't and you get a shared icon on it. More information is here http://www.tweaking.com/forums/index.php/topic,69.0.html

Small code improvements.

 

v1.5.7

Changed Windows Image Acquisition (WIA) from "stisvc start= demand" to "stisvc start= auto" in the windows services repair.

 

v1.5.6

The "Remove Policies Set By Infections" repair wasn't working properly. The commands where deleting the Reg file before it had been applied. I added the start /wait command to the regedit. "Remove Policies Set By Infections" Now works correctly :-)

 

v1.5.5

Removed "WwanSvc start= demand" from the windows services repair.

The program no longer defaults to the C:\ for repairs. The program now looks at the location of the Windows dir and uses the drive that Windows is on.

 

v1.5.4

On users machines who's "Path" variable was corrupt none of the repairs would work. To fix this I have added "set path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem" to all the repairs. Now on users systems with a corrupt "path" variable the repairs will still work properly :-)

 

v1.5.3

Changed 4 service defaults from manual to auto in the set services to default startup repair. Media Center Receiver Service, Media Center Scheduler Service, Windows Media Center Service Launcher and Windows Media Player Network Sharing Service.

Removed Panda cloud antivirus from the program and put Avast as a recommendation (Step 2 Window).

Added ComboFix to the recommendation page (Step 2 Window).

 

v1.5.2

Interface changes.

 

v1.5.1

Blackvipers site listed the Windows 7 wireless service startup state as manual. But when it is set to manual it will not start and thus the user has no wireless. I have updated the services startup repair tool to put the wireless to auto instead of manual.

 

v1.5.0

Added a new repair "Set Windows Services To Default Startup". (Currently 194 services) This will set the Windows services to their default startup state. Special thanks to http://www.blackviper.com/ for having all the default information handy. This will set the services startup by the "sc config" command and not by the registry. The information on the repair in the program lists all the services that are set.

 

1.4.3

The new setup file for the program was missing some of the repair files it needed. The setup has been updated and I made this new version so people who downloaded the last version will update and get the rest of the files they need.

 

1.4.2

Removed moving arrow from the repair window. Since the list of repairs is growing and the list is scrollable the arrow didn't work well.

In a past update I removed the custom buttons because they would cause the program to crash. The program then used the default old ugly buttons. I have made a new button control and updated the buttons so they look better, and it doesn't cause the program to crash like the old ones.

Program now asks the user if they want to create a restore point before doing repairs if they didn't have the program create one.

The program now comes in a setup program and the portable version. The new setup is larger because it contains the VB6 SP6 runtimes the program needs in case they are corrupt on the system that is being repaired.

More Code tweaks and changes.

 

v1.4.1

Added more files to the register system files repair that will fix "Class not registered" when trying to open a .mmc file. Such as Task scheduler, Device Manager, Computer Management and more.

Program now starts the Windows Sidebar after the Windows Sidebar repair.

Removed the security zones in IE being reset with the sidebar repair.

More code tweaks and improvements.

 

v1.4.0

Removed the custom buttons from the program. It was causing the program to crash on some systems. Program is meant to repair, not look pretty, so ugly standard safe buttons it is :-)

Add new repair "Repair Windows Sidebar/Gadgets"

Changed the window size of the repair window, making it smaller and easier to fit on screen for smaller resolutions.

More code tweaks.

 

v1.3.1

Minor GUI and code Tweaks.

 

v1.3.0

If you ran an older version of this repair program and it caused problems on your system, download and run this version and it will fix any problems it caused :-)

Added new repair "Repair Volume Shadow Copy Service"

Major update to the program making it safer and better at repairs. Make sure to use this new version and not the old versions.

 

v1.2.0

Per user request - Added a new repair "Repair CD/DVD Missing/Not Working"

Fixed bug where when repairing WMI the WMI tester would open and the program wouldn't move forward till the WMI tester was closed. Most users didn't know to close this. I have made the program now look for and close the WMI tester if it pops up during the WMI repair.

 

v1.1.1

Remove some files from the Register System Files repair. While this repair worked great on a lot of some systems on a few ones it would create more problems. The repair now has a much smaller list of only known good files to register.

Updated Repair IE section.

Updated Repair MDAC Section.

 

v1.1.0

Major changes to how the program launches the repairs. It now shows the command window doing the repair in the task bar. Also should work better with the UAC enabled and running the commands as administrator. This will also keep the program from not responding during repairs.

Updated the file permissions repair to include everyone and users full rights. It use to do just Administrators & System. But on some machines they needed more to get things working right again. This should fix that.

Replaced some of the controls in the program so the program & zip file is smaller in size.

 

v1.0.2

Fixed bug in Repair WMI (Hopefully got it this time)

Added link to help fix any problems someone might have with the file permissions repair.

 

v1.0.1

Fixed bug in Repair WMI

GUI Changes.

 

v1.0.0

First Release


Edited by Ataxia, 11 May 2014 - 07:54 PM.


#15 nasdaq

nasdaq

  • Malware Response Team
  • 38,779 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:28 AM

Posted 12 May 2014 - 07:23 AM


We are no longer dealing with Malware.

Repairing Windows 8 is not my forte.

If you need any help with your system I suggest you start a new topic in the Windows 8 Forum
http://www.bleepingcomputer.com/forums/f/209/windows-8/

Sorry.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users