Spywareblaster 5.2 activation key Archives

This

is a recent development and occurs some, but not all, of the time.  It usually happens within about five minutes of the operating system having loaded.  Your helpful advice on how to fix this tedious problem will be greatly appreciated.  Thank you!

F-Secure 15.3 Common Component Framework 2.39 build 271

F-Secure Booster Version 2.3.2.657

Primary browser:

Mozilla Firefox 39.0

Secondary browser:

Windows Internet Explorer 8 Version 8.0.6001.18702

Tertiary browser:

Opera 30.0 Version 30.0.1835.146

OS Name Microsoft Windows XP Professional
Version 5.1.2600 Service Pack 3 Build 2600
OS Manufacturer Microsoft Corporation
System Name MRCAT-08607D7B3
System Manufacturer IBM
System Model 1847W76
System Type X86-based PC
Processor x86 Family 6 Model 13 Stepping 8 GenuineIntel ~1862 Mhz
BIOS Version/Date IBM 76ET69WW (1.29 ), 12/6/2006
SMBIOS Version 2.33
Windows Directory C:\WINDOWS
System Directory C:\WINDOWS\system32
Boot Device \Device\HarddiskVolume1
Locale United States
Hardware Abstraction Layer Version = "5.1.2600.5512 (xpsp.080413-2111)"
User Name MRCAT-08607D7B3\Joe
Time Zone Pacific Daylight Time
Total Physical Memory 1,536.00 MB
Available Physical Memory 143.57 MB
Total Virtual Memory 2.00 GB
Available Virtual Memory 1.96 GB
Page File Space 3.60 GB
Page File C:\pagefile.sys

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-07-2015
Ran by OrangeandPink (administrator) on ORANGEANDPIN-PC (30-07-2015 16:03:25)
Running from C:\Users\OrangeandPink\Desktop\Desktop
Loaded Profiles: OrangeandPink (Available Profiles: OrangeandPink & STUDENTS)
Platform: Microsoft® Windows Vista™ Home Premium  (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\reg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-26] (AVAST Software)
HKLM\...\Run: [] => [X]
HKLM\...\RunOnce: [PCDrProfiler] => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [73728 2007-02-08] (PC-Doctor, Inc.)
HKLM\...\RunOnce: [Launcher] => C:\Windows\SMINST\launcher.exe [44168 2007-03-07] (soft thinks)
HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\Run: [Bomgar_Cleanup_ZD281767423951] => cmd.exe /C rd /S /Q "C:\ProgramData\bomgar-scc-0x55b51fc0" & reg.exe delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v Bomgar_Cleanup_ZD281767423951 /f
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-07-26] (AVAST Software)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2398904059-3732929413-103434816-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-2398904059-3732929413-103434816-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mozilla.com
HKU\S-1-5-21-2398904059-3732929413-103434816-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mozilla.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-26] (AVAST Software)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 68.94.157.15
Tcpip\..\Interfaces\{742E0630-76BC-4B7A-BA9C-5471D4DA43EF}: [DhcpNameServer] 192.168.0.1 68.94.157.15

FireFox:
========
FF ProfilePath: C:\Users\OrangeandPink\AppData\Roaming\Mozilla\Firefox\Profiles\apq86uw9.default
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-16] ()
FF Plugin: @real.com/nppl3260;version=6.0.11.2571 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2015-06-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.2629 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2015-06-23] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1739 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2015-06-23] (RealNetworks, Inc.)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.0 -> C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll [2006-03-31] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Extension: WOT - C:\Users\OrangeandPink\AppData\Roaming\Mozilla\Firefox\Profiles\apq86uw9.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-06]

Chrome:
=======
CHR Profile: C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Google Docs) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-26]
CHR Extension: (Google Search) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-26]
CHR Extension: (Avast SafePrice) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-07-26]
CHR Extension: (Google Sheets) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (Avast Online Security) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-26]
CHR Extension: (Gmail) - C:\Users\OrangeandPink\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-26]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-06]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-06]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-26] (AVAST Software)
S3 IDriverT; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [265912 2015-07-05] (Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-07-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-07-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-07-26] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-07-26] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-07-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-07-26] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [161472 2015-07-26] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57888 2015-07-26] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-07-26] (AVAST Software)
R3 Linksys_adapter; C:\Windows\System32\DRIVERS\AE2500vista.sys [1073216 2011-03-30] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-30 16:03 - 2015-07-30 16:03 - 00000000 ____D C:\FRST
2015-07-28 01:38 - 2006-11-02 02:52 - 00940648 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-28 01:38 - 2006-11-02 02:52 - 00902248 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-27 00:19 - 2015-07-27 00:19 - 04237042 _____ C:\Users\STUDENTS\Desktop\25 items found on system.txt
2015-07-26 16:31 - 2015-07-26 16:50 - 00019263 ____H C:\Users\STUDENTS\Desktop\~WRL1523.tmp
2015-07-26 11:41 - 2015-07-26 11:41 - 00001046 _____ C:\Users\STUDENTS\Desktop\scan.txt
2015-07-26 11:03 - 2015-07-26 11:03 - 00000000 ____D C:\Diag-Advisor
2015-07-26 10:58 - 2015-07-26 10:58 - 01624872 _____ (bomgar) C:\Users\OrangeandPink\Downloads\bomgar-scc-w0yc301xghxzwejizy5zxzyxd7ighf1zjjf87xc40jc90.exe
2015-07-26 10:34 - 2015-07-26 10:34 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\Google
2015-07-26 10:11 - 2015-07-26 10:11 - 00003170 _____ C:\Windows\PFRO.log
2015-07-26 10:09 - 2015-07-26 10:09 - 00445008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-07-26 10:09 - 2015-07-26 10:09 - 00038480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-07-26 10:09 - 2015-07-26 10:09 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
2015-07-26 09:59 - 2015-07-26 09:58 - 00161472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-07-26 09:58 - 2015-07-26 09:58 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-26 09:58 - 2015-07-26 09:58 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-21 06:40 - 2015-07-21 06:40 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\Adobe
2015-07-21 06:40 - 2015-07-21 06:40 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\Macromedia
2015-07-21 06:39 - 2015-07-27 20:13 - 00000258 __RSH C:\ProgramData\ntuser.pol
2015-07-20 18:44 - 2015-07-20 18:44 - 48901181 _____ C:\Users\STUDENTS\Desktop\Full system scan.txt
2015-07-19 23:32 - 2015-07-26 16:50 - 00000000 ____D C:\Users\STUDENTS\Desktop\English
2015-07-19 23:32 - 2015-07-19 23:33 - 00000000 ____D C:\Users\STUDENTS\Desktop\MAT104
2015-07-19 23:32 - 2015-07-19 23:32 - 00000000 ____D C:\Users\STUDENTS\Desktop\World Cultures
2015-07-14 12:15 - 2015-07-26 11:18 - 00358432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-13 23:39 - 2015-07-18 01:42 - 00000000 ____D C:\Users\STUDENTS\AppData\Roaming\Adobe
2015-07-13 23:39 - 2015-07-13 23:39 - 00000000 ____D C:\Users\STUDENTS\AppData\Roaming\Macromedia
2015-07-13 23:39 - 2015-07-13 23:39 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\Macromedia
2015-07-13 19:46 - 2015-07-28 02:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 19:46 - 2015-07-16 11:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-13 19:46 - 2015-07-16 11:33 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-13 14:28 - 2015-07-26 09:57 - 00000810 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-13 14:28 - 2015-07-26 09:57 - 00000000 ____D C:\Program Files\CCleaner
2015-07-13 14:28 - 2015-07-13 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-13 14:26 - 2015-07-13 14:26 - 06565736 _____ (Piriform Ltd) C:\Users\STUDENTS\Downloads\ccsetup507.exe
2015-07-13 14:22 - 2015-07-13 14:22 - 00000000 ____D C:\Users\STUDENTS\AppData\Roaming\HpUpdate
2015-07-10 20:47 - 2015-07-10 20:58 - 170428968 _____ C:\Users\STUDENTS\Downloads\OJ4630_198.exe
2015-07-10 20:10 - 2015-07-13 14:21 - 00000000 ____D C:\Users\STUDENTS\Documents\OneNote Notebooks
2015-07-10 20:05 - 2015-07-10 20:05 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\HP
2015-07-10 20:01 - 2015-07-10 20:01 - 00000767 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR Registration.lnk
2015-07-10 20:00 - 2015-07-10 20:00 - 00002145 _____ C:\Users\Public\Desktop\HP Officejet 4630 series.lnk
2015-07-10 20:00 - 2015-07-10 20:00 - 00001082 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet 4630 series.lnk
2015-07-10 20:00 - 2015-07-10 20:00 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\HpUpdate
2015-07-10 20:00 - 2014-07-21 15:33 - 00597512 ____N (Hewlett-Packard Development Company, LP) C:\Windows\system32\HPDiscoPMC611.dll
2015-07-10 19:52 - 2015-07-19 23:31 - 00000000 ____D C:\Users\STUDENTS\Desktop\class clipart
2015-07-10 19:50 - 2015-07-10 19:50 - 00000057 _____ C:\ProgramData\Ament.ini
2015-07-10 19:49 - 2015-07-10 20:01 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\HP
2015-07-09 17:18 - 2015-07-26 15:26 - 00001977 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-09 17:18 - 2015-07-09 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-09 17:11 - 2015-07-30 15:54 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-09 17:11 - 2015-07-28 01:12 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-09 17:11 - 2015-07-09 17:18 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\Google
2015-07-09 17:11 - 2015-07-09 17:17 - 00000000 ____D C:\Program Files\Google
2015-07-09 17:08 - 2015-07-18 01:42 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\Adobe
2015-07-06 15:50 - 2015-07-06 15:50 - 00000000 ____D C:\Users\STUDENTS\AppData\Roaming\AVAST Software
2015-07-06 14:49 - 2015-07-06 14:49 - 00001835 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-06 14:49 - 2015-07-06 14:49 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\AVAST Software
2015-07-06 14:49 - 2015-07-06 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-06 14:48 - 2015-07-26 09:58 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00057888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00055200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-06 14:48 - 2015-07-26 09:58 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-06 14:37 - 2015-07-06 14:37 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-06 14:33 - 2015-07-06 14:33 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-06 14:25 - 2015-07-06 14:25 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\TuneUp Software
2015-07-05 20:26 - 2015-07-08 11:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-05 20:24 - 2015-07-05 20:24 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-07-05 20:24 - 2015-07-05 20:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2015-07-05 20:24 - 2015-07-05 20:24 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2015-07-05 20:22 - 2015-07-05 20:22 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-07-05 20:22 - 2015-07-05 20:22 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\NETSTAT.EXE
2015-07-05 20:22 - 2015-07-05 20:22 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\ARP.EXE
2015-07-05 20:22 - 2015-07-05 20:22 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\ROUTE.EXE
2015-07-05 20:22 - 2015-07-05 20:22 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-07-05 20:22 - 2015-07-05 20:22 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\MRINFO.EXE
2015-07-05 20:22 - 2015-07-05 20:22 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\finger.exe
2015-07-05 20:22 - 2015-07-05 20:22 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\TCPSVCS.EXE
2015-07-05 20:22 - 2015-07-05 20:22 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\HOSTNAME.EXE
2015-07-05 20:18 - 2015-07-05 20:18 - 02923520 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-05 20:18 - 2015-07-05 20:18 - 01655289 _____ C:\Windows\system32\wlan.tmf
2015-07-05 20:18 - 2015-07-05 20:18 - 00714240 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-07-05 20:18 - 2015-07-05 20:18 - 00704000 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-07-05 20:18 - 2015-07-05 20:18 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00258232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-07-05 20:18 - 2015-07-05 20:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2015-07-05 20:18 - 2015-07-05 20:18 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2015-07-05 20:14 - 2015-07-05 20:14 - 01406464 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-07-05 20:14 - 2015-07-05 20:14 - 01260032 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-05 20:14 - 2015-07-05 20:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-07-05 20:14 - 2015-07-05 20:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-05 19:56 - 2015-07-05 19:56 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-07-05 19:55 - 2015-07-05 19:55 - 01060920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-05 19:50 - 2015-07-05 19:50 - 00000000 ____D C:\Program Files\Microsoft CAPICOM 2.1.0.2
2015-07-05 19:49 - 2015-07-05 19:49 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-07-05 19:49 - 2015-07-05 19:49 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-07-05 19:47 - 2015-07-05 19:47 - 01233920 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00408136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-05 19:47 - 2015-07-05 19:47 - 00272384 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-05 19:47 - 2015-07-05 19:47 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-05 19:41 - 2015-07-05 19:41 - 03503584 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-05 19:41 - 2015-07-05 19:41 - 03469280 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-05 19:41 - 2015-07-05 19:41 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2015-07-05 19:41 - 2015-07-05 19:41 - 00549888 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-07-05 19:41 - 2015-07-05 19:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\sdohlp.dll
2015-07-05 19:41 - 2015-07-05 19:41 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-07-05 19:41 - 2015-07-05 19:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\iasads.dll
2015-07-05 19:41 - 2015-07-05 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\iasdatastore.dll
2015-07-05 19:41 - 2015-07-05 19:41 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2015-07-05 19:40 - 2015-07-05 19:40 - 00512000 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-05 19:40 - 2015-07-05 19:40 - 00220672 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codecp.acm
2015-07-05 19:40 - 2015-07-05 19:40 - 00062464 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\system32\l3codeca.acm
2015-07-05 19:39 - 2015-07-05 19:39 - 00815104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-05 19:39 - 2015-07-05 19:39 - 00213592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-05 19:39 - 2015-07-05 19:39 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-07-05 19:39 - 2015-07-05 19:39 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-07-05 19:39 - 2015-07-05 19:39 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-07-05 19:39 - 2015-07-05 19:39 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2015-07-05 19:39 - 2015-07-05 19:39 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TUNMP.SYS
2015-07-05 19:38 - 2015-07-05 19:38 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\WMASF.DLL
2015-07-05 19:38 - 2015-07-05 19:38 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\LAPRXY.DLL
2015-07-05 19:38 - 2015-07-05 19:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\asferror.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 02605568 _____ (Microsoft Corporation) C:\Windows\system32\SLsvc.exe
2015-07-05 19:37 - 2015-07-05 19:37 - 00875520 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\SLCommDlg.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\SLUI.exe
2015-07-05 19:37 - 2015-07-05 19:37 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2015-07-05 19:37 - 2015-07-05 19:37 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\SLC.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\SLLUA.exe
2015-07-05 19:37 - 2015-07-05 19:37 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\SLUINotify.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\slcinst.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\slwmi.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\amxread.dll
2015-07-05 19:37 - 2015-07-05 19:37 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\apilogen.dll
2015-07-05 19:36 - 2015-07-05 19:36 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-05 19:36 - 2015-07-05 19:36 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-05 19:36 - 2015-07-05 19:36 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-07-05 19:36 - 2015-07-05 19:36 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2015-07-05 19:35 - 2015-07-05 19:35 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-05 19:35 - 2015-07-05 19:35 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2015-07-05 19:34 - 2015-07-05 19:34 - 02031104 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-05 19:34 - 2015-07-05 19:34 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-07-05 19:34 - 2015-07-05 19:34 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-07-05 19:33 - 2015-07-05 19:33 - 00435712 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-07-05 19:33 - 2015-07-05 19:33 - 00313344 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2015-07-05 19:33 - 2015-07-05 19:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-05 19:33 - 2015-07-05 19:33 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-07-05 19:33 - 2015-07-05 19:33 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-07-05 19:33 - 2015-07-05 19:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.tlb
2015-07-05 19:33 - 2015-07-05 19:33 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\amcompat.tlb
2015-07-05 19:32 - 2015-07-05 19:33 - 00431104 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-05 19:32 - 2015-07-05 19:32 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-07-05 19:32 - 2015-07-05 19:32 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-07-05 19:32 - 2015-07-05 19:32 - 00473088 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-07-05 19:32 - 2015-07-05 19:32 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-07-05 19:32 - 2015-07-05 19:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\sbunattend.exe
2015-07-05 19:31 - 2015-07-05 19:31 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-05 19:31 - 2015-07-05 19:31 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-05 19:31 - 2015-07-05 19:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-05 19:31 - 2015-07-05 19:31 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-07-05 19:31 - 2015-07-05 19:31 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-07-05 19:29 - 2015-07-05 19:29 - 04247552 _____ (Microsoft) C:\Windows\system32\GameUXLegacyGDFs.dll
2015-07-05 19:29 - 2015-07-05 19:29 - 01686528 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-07-05 19:29 - 2015-07-05 19:29 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\Apphlpdm.dll
2015-07-05 19:28 - 2015-07-05 19:28 - 02855424 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-05 19:28 - 2015-07-05 19:28 - 02433536 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-07-05 19:28 - 2015-07-05 19:28 - 00996352 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-07-05 19:28 - 2015-07-05 19:28 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-05 19:28 - 2015-07-05 19:28 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-05 19:28 - 2015-07-05 19:28 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-07-05 19:28 - 2015-07-05 19:28 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-07-05 19:28 - 2015-07-05 19:28 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-05 19:28 - 2015-07-05 19:28 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-05 19:28 - 2015-07-05 19:28 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-05 19:28 - 2015-07-05 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-05 19:27 - 2015-07-05 19:27 - 00737792 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-05 19:27 - 2015-07-05 19:27 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2015-07-05 19:27 - 2015-07-05 19:27 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2015-07-05 19:26 - 2015-07-05 19:26 - 01645568 _____ (Microsoft Corporation) C:\Windows\system32\connect.dll
2015-07-05 19:23 - 2015-07-05 19:23 - 00000000 ____D C:\Users\STUDENTS\AppData\Roaming\Mozilla
2015-07-05 19:23 - 2015-07-05 19:23 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\Mozilla
2015-07-05 19:17 - 2015-07-05 19:17 - 00093040 _____ C:\Users\STUDENTS\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-05 19:17 - 2015-07-05 19:17 - 00000955 _____ C:\Users\STUDENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-05 19:17 - 2015-07-05 19:17 - 00000950 _____ C:\Users\STUDENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-05 19:16 - 2015-07-21 06:26 - 00000000 ____D C:\Users\STUDENTS
2015-07-05 19:16 - 2015-07-05 19:16 - 00000921 _____ C:\Users\STUDENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-07-05 19:16 - 2015-07-05 19:16 - 00000020 ___SH C:\Users\STUDENTS\ntuser.ini
2015-07-05 19:16 - 2015-07-05 19:16 - 00000000 ____D C:\Users\STUDENTS\AppData\Local\VirtualStore
2015-07-05 19:16 - 2006-11-02 05:54 - 00000000 ___RD C:\Users\STUDENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-05 19:16 - 2006-11-02 05:50 - 00000000 ___RD C:\Users\STUDENTS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-01 15:16 - 2015-07-01 15:16 - 00000719 _____ C:\Users\OrangeandPink\Desktop\JRT.txt
2015-07-01 15:14 - 2015-07-01 15:14 - 00000296 _____ C:\Windows\system32\spsys.log
2015-07-01 15:11 - 2015-07-01 15:11 - 00000207 _____ C:\Windows\tweaking.com-regbackup-ORANGEANDPIN-PC-Windows-Vista-™-Home-Premium-(32-bit).dat
2015-07-01 15:11 - 2015-07-01 15:11 - 00000000 ____D C:\RegBackup
2015-07-01 15:07 - 2015-07-30 15:54 - 00000406 _____ C:\Windows\Tasks\AVG_SYS_TASK_0615pi_DELETE.job
2015-07-01 15:07 - 2015-07-01 15:07 - 00000000 ____D C:\ProgramData\Avg_Update_0615pi
2015-07-01 14:47 - 2015-07-06 14:29 - 00000000 ____D C:\ProgramData\MFAData
2015-07-01 14:47 - 2015-07-01 14:47 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\MFAData
2015-07-01 14:41 - 2015-07-01 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2015-07-01 14:41 - 2015-07-01 14:56 - 00000000 ____D C:\Program Files\Auslogics
2015-07-01 14:41 - 2015-07-01 14:43 - 00000000 ____D C:\ProgramData\Auslogics
2015-07-01 14:41 - 2015-07-01 14:41 - 00000968 _____ C:\Users\OrangeandPink\Desktop\Auslogics DiskDefrag.lnk
2015-07-01 14:37 - 2015-07-01 14:37 - 00001898 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-07-01 14:37 - 2015-07-01 14:37 - 00001804 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-01 14:34 - 2015-07-01 14:36 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-01 14:34 - 2015-07-01 14:34 - 00000000 ____D C:\Program Files\Adobe
2015-07-01 14:33 - 2015-07-01 14:33 - 00000000 ____D C:\Users\OrangeandPink\Documents\Updater5
2015-07-01 14:28 - 2015-07-13 19:43 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\Adobe
2015-07-01 14:23 - 2015-07-27 20:14 - 00000000 ____D C:\ProgramData\TEMP
2015-07-01 14:23 - 2015-07-01 14:23 - 00000000 ____D C:\ProgramData\Licenses
2015-07-01 14:22 - 2015-07-26 10:00 - 00000000 ____D C:\Program Files\SpywareBlaster
2015-07-01 14:22 - 2015-07-21 06:38 - 00000882 _____ C:\Users\Public\Desktop\SpywareBlaster.lnk
2015-07-01 14:22 - 2015-07-21 06:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2015-07-01 14:16 - 2015-07-01 14:30 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-01 14:16 - 2015-07-01 14:18 - 00000905 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-01 14:16 - 2015-07-01 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-01 14:16 - 2015-07-01 14:18 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-01 14:16 - 2015-07-01 14:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-01 14:16 - 2015-06-18 08:52 - 00094936 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-01 14:16 - 2015-06-18 08:52 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-01 14:16 - 2015-06-18 08:52 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-01 14:12 - 2015-07-01 14:12 - 00001050 _____ C:\Users\OrangeandPink\Desktop\AdwCleaner[S0].txt
2015-07-01 14:06 - 2015-07-01 14:06 - 00788992 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-01 14:06 - 2015-07-01 14:06 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-07-01 14:06 - 2015-07-01 14:06 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-07-01 14:06 - 2015-07-01 14:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-07-01 14:05 - 2015-07-01 14:06 - 00000000 ____D C:\AdwCleaner
2015-07-01 14:05 - 2015-07-01 14:05 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-01 14:05 - 2015-07-01 14:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2015-07-01 14:05 - 2015-07-01 14:05 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2015-07-01 14:04 - 2015-07-01 14:05 - 02244096 _____ C:\Users\OrangeandPink\Desktop\adwcleaner_4.207.exe
2015-07-01 14:03 - 2015-07-01 14:03 - 02244096 _____ C:\Users\OrangeandPink\Downloads\adwcleaner_4.207.exe
2015-07-01 14:02 - 2015-07-01 14:02 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-07-01 14:00 - 2015-07-01 14:00 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-07-01 14:00 - 2015-07-01 14:00 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-07-01 14:00 - 2015-07-01 14:00 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-01 14:00 - 2015-07-01 14:00 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-01 13:59 - 2015-07-01 13:59 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-07-01 13:59 - 2015-07-01 13:59 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_AE2500vista_01005.Wdf
2015-07-01 13:59 - 2015-07-01 13:59 - 00000000 ____D C:\Program Files\MSXML 4.0
2015-07-01 13:59 - 2011-03-30 20:54 - 01073216 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\AE2500vista.sys
2015-07-01 13:59 - 2011-03-30 20:54 - 00091448 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2015-07-01 13:59 - 2011-03-30 20:51 - 03874816 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv.dll
2015-07-01 13:59 - 2011-03-30 20:51 - 03563520 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui.dll
2015-07-01 13:59 - 2006-11-02 07:09 - 01419232 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01005.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 01327616 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\avicap32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2015-07-01 13:58 - 2015-07-01 13:58 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-07-01 13:57 - 2015-07-01 13:57 - 10622464 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-01 13:57 - 2015-07-01 13:57 - 08147968 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-01 13:57 - 2015-07-01 13:57 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-07-01 13:57 - 2015-07-01 13:57 - 00604672 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2015-07-01 13:56 - 2015-07-01 13:56 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\unregmp2.exe
2015-07-01 13:56 - 2015-07-01 13:56 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-01 13:56 - 2015-07-01 13:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-01 13:56 - 2015-07-01 13:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-01 13:33 - 2015-07-01 13:33 - 00000955 _____ C:\Users\OrangeandPink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-01 13:33 - 2015-07-01 13:33 - 00000950 _____ C:\Users\OrangeandPink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-01 13:33 - 2015-07-01 13:33 - 00000921 _____ C:\Users\OrangeandPink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-07-01 13:33 - 2015-07-01 13:33 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\Snapfish
2015-07-01 13:33 - 2015-07-01 13:33 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\VirtualStore
2015-07-01 13:32 - 2015-07-10 20:00 - 00000000 ____D C:\Users\OrangeandPink
2015-07-01 13:32 - 2015-07-01 13:32 - 00000020 ___SH C:\Users\OrangeandPink\ntuser.ini
2015-07-01 13:32 - 2006-11-02 05:54 - 00000000 ___RD C:\Users\OrangeandPink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-01 13:32 - 2006-11-02 05:50 - 00000000 ___RD C:\Users\OrangeandPink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-01 12:11 - 2015-07-01 12:11 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\Mozilla
2015-07-01 12:11 - 2015-07-01 12:11 - 00000000 ____D C:\Users\OrangeandPink\AppData\Local\Mozilla
2015-07-01 12:10 - 2015-07-08 11:09 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-07-01 12:10 - 2015-07-01 12:10 - 00000864 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-01 12:10 - 2015-07-01 12:10 - 00000852 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-01 12:10 - 2015-07-01 12:10 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-01 12:03 - 2015-07-01 12:03 - 00000000 ____D C:\Users\OrangeandPink\AppData\Roaming\Macromedia

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-30 16:01 - 2006-11-02 03:33 - 00716948 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-30 15:59 - 2006-11-02 05:52 - 01334555 _____ C:\Windows\WindowsUpdate.log
2015-07-30 15:54 - 2015-06-23 12:41 - 00000000 ____D C:\Windows\SMINST
2015-07-30 15:53 - 2006-11-02 06:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-30 15:53 - 2006-11-02 05:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-30 15:53 - 2006-11-02 05:47 - 00003456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-27 23:35 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-27 20:56 - 2006-11-02 05:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-27 20:56 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\rescache
2015-07-27 20:43 - 2006-11-02 05:50 - 00000749 ___RH C:\Windows\WindowsShell.Manifest
2015-07-27 20:43 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-27 20:43 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-27 20:43 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-27 20:43 - 2006-11-02 04:18 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-27 20:43 - 2006-11-02 04:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
2015-07-21 16:24 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\LiveKernelReports
2015-07-21 11:17 - 2006-11-02 06:01 - 00013772 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-21 06:38 - 2006-11-02 04:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-18 01:48 - 2015-06-23 12:22 - 00000000 ____D C:\ProgramData\Adobe
2015-07-13 14:33 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\LogFiles
2015-07-13 14:30 - 2015-06-23 12:34 - 00000000 ____D C:\Windows\Panther
2015-07-10 20:01 - 2015-06-23 12:10 - 00000000 ____D C:\Program Files\HP
2015-07-10 20:01 - 2015-06-23 11:50 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-07-10 20:00 - 2015-06-23 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-07-10 19:50 - 2015-06-23 12:09 - 00000000 ____D C:\ProgramData\HP
2015-07-10 19:50 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\twain_32
2015-07-06 14:15 - 2006-11-02 05:56 - 00001757 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
2015-07-06 14:15 - 2006-11-02 04:18 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-06 14:12 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-06 14:12 - 2006-11-02 05:37 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-06 14:12 - 2006-11-02 04:18 - 00000000 ____D C:\Windows\system32\SLUI
2015-07-06 14:12 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-05 20:19 - 2015-06-23 12:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-05 19:31 - 2015-06-23 12:24 - 00001881 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2003.lnk
2015-07-05 19:31 - 2015-06-23 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works
2015-07-05 19:31 - 2015-06-23 12:24 - 00000000 ____D C:\Program Files\Microsoft Works
2015-07-01 14:01 - 2006-11-02 04:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-01 13:44 - 2015-06-23 12:35 - 00000000 ____D C:\ProgramData\Symantec
2015-07-01 13:44 - 2015-06-23 12:35 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-01 13:36 - 2015-06-23 12:33 - 00000000 ____D C:\Program Files\Yahoo!
2015-07-01 13:36 - 2006-11-02 05:37 - 00000000 ____D C:\Windows\system32\restore

==================== Files in the root of some directories =======

2015-07-10 19:50 - 2015-07-10 19:50 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-06-23 12:09 - 2015-06-23 12:11 - 0000311 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-30 15:59

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-07-2015
Ran by OrangeandPink (2015-07-30 16:04:12)
Running from C:\Users\OrangeandPink\Desktop\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2398904059-3732929413-103434816-500 - Administrator - Disabled)
Guest (S-1-5-21-2398904059-3732929413-103434816-501 - Limited - Disabled)
OrangeandPink (S-1-5-21-2398904059-3732929413-103434816-1000 - Administrator - Enabled) => C:\Users\OrangeandPink
STUDENTS (S-1-5-21-2398904059-3732929413-103434816-1001 - Limited - Enabled) => C:\Users\STUDENTS

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.3.2223 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Google Chrome (HKLM\...\Google Chrome) (Version: 44.0.2403.107 - Google Inc.)
Google Update Helper (Version: 1.3.28.1 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4424.15 - PC-Doctor, Inc.)
HP Customer Experience Enhancements (HKLM\...\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}) (Version: 5.1.0.2264 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{40F7AED3-0C7D-4582-99F6-484A515C73F2}) (Version: 5.1.0.2269 - Hewlett-Packard)
HP Officejet 4630 series Basic Device Software (HKLM\...\{51CE4FA1-8EF3-4293-8396-5820C08AB8C8}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet 4630 series Help (HKLM\...\{9F79230F-EE1C-407E-94E1-D69021954C9B}) (Version: 31.0.0 - Hewlett Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 2.0 (HKLM\...\HP Photosmart Essential) (Version: 2.0 - HP)
HP Total Care Advisor (HKLM\...\{2990BC81-3B19-4E53-A53E-30DE3F1BFFA8}) (Version: 1.1.17 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.0 (HKLM\...\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}) (Version: 6.00.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hpdesktop Master Uninstall) (Version: HPCMPQ1701 - WildTangent)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
Product Improvement Study for HP Officejet 4630 series (HKLM\...\{1E99F824-03E3-483C-A46B-C3CD1CDB4E10}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
PSSWCORE (Version: 2.00.5000 - Hewlett-Packard) Hidden
Python 2.4.3 (HKLM\...\{75E71ADD-042C-4F30-BFAC-A9EC42351313}) (Version: 2.4.3150 - Martin v. Löwis)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version:  - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5377 - Realtek Semiconductor Corp.)
Rhapsody Player Engine (HKLM\...\{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}) (Version: 1.0.604 - RealNetworks)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.4.0 - Roxio)
Roxio Creator Basic v9 (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.4.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.4.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.4.0 - Roxio)
Roxio Creator EasyArchive (HKLM\...\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}) (Version: 3.4.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.4.0 - Roxio)
Roxio Express Labeler 3 (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.559 - Roxio)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
SpywareBlaster 5.2 (HKLM\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

01-07-2015 13:36:26 Removed Snapfish Media Detector
01-07-2015 13:53:41 Windows Update
01-07-2015 13:59:14 Device Driver Package Install: Cisco Consumer Products LLC Network adapters
01-07-2015 14:53:04 Installed AVG 2015
01-07-2015 14:54:44 Installed AVG 2015
05-07-2015 19:11:03 Removed Visual Studio 2012 x86 Redistributables
05-07-2015 19:24:58 Windows Update
06-07-2015 14:21:26 Removed HP Update
06-07-2015 14:23:38 Removed AVG 2015
06-07-2015 14:27:15 Removed AVG 2015
06-07-2015 14:34:38 avast! antivirus system restore point
10-07-2015 19:51:38 Device Driver Package Install: HP Printers
10-07-2015 19:52:22 Device Driver Package Install: Hewlett-Packard Imaging devices
10-07-2015 19:54:01 Device Driver Package Install: HP Printers
10-07-2015 19:57:32 Device Driver Package Install: Hewlett-Packard Universal Serial Bus controllers
26-07-2015 09:53:36 avast! antivirus system restore point
26-07-2015 10:04:27 Windows Update
27-07-2015 20:17:37 Windows Update
27-07-2015 20:52:49 Windows Modules Installer

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 03:23 - 2006-09-18 14:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {209EB8CC-600E-4D56-828A-DB0FF00B846A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-16] (Adobe Systems Incorporated)
Task: {25F816DF-1DE5-48FF-8182-E8BEFA257441} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)
Task: {2662A4A9-B91F-478C-B273-26AE595D4BEA} - System32\Tasks\HPCustParticipation HP Officejet 4630 series => C:\Program Files\HP\HP Officejet 4630 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {4C549E52-2429-49FF-B11C-880372576DCF} - System32\Tasks\AVG_SYS_TASK_0615pi_DELETE => C:\ProgramData\Avg_Update_0615pi\AVG-Secure-Search-Update_0615pi.exe [2015-06-14] ()
Task: {686DB38F-D295-4041-9EE4-3CEAB9DD88B2} - System32\Tasks\hpUtility.exe_{8EEF5E2A-9B3E-4A0B-8A4E-521E6D5B0E01} => C:\Program Files\HP\HP Officejet 4630 series\Bin\utils\hpUtility.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {76863D12-F2DB-4BE8-AF10-2B169315E694} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-26] (AVAST Software)
Task: {91C0B4BB-82C9-4ADC-9748-D2681BA63CFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-07-09] (Google Inc.)
Task: {F2AB0A91-04C0-4C94-936C-4DA00907B142} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG_SYS_TASK_0615pi_DELETE.job => C:\ProgramData\Avg_Update_0615pi\AVG-Secure-Search-Update_0615pi.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-07-26 09:58 - 2015-07-26 09:58 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-26 09:58 - 2015-07-26 09:58 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-28 02:39 - 2015-07-28 02:39 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072800\algo.dll
2015-07-30 16:00 - 2015-07-30 16:00 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll
2015-07-06 14:47 - 2015-07-06 14:47 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2398904059-3732929413-103434816-1000\...\1001movie.com -> 1001movie.com

There are 6091 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2398904059-3732929413-103434816-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\aflow_q.jpg
DNS Servers: 192.168.0.1 - 68.94.157.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KBD => C:\HP\KBD\KbdStub.EXE
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: NvSvc => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
MSCONFIG\startupreg: OsdMaestro => "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
MSCONFIG\startupreg: RtHDVCpl => RtHDVCpl.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{B115F1BB-04BA-478B-9F89-2AD34050782D}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{3EF9BD3A-C4B8-4838-BFED-4D9CA929CA51}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{94CCD5DC-B859-444E-9B03-6AF0DE7DA2DC}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{E20D147B-200F-45E3-9030-129D3269D867}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{30C054FF-D4CE-414E-B259-6AD125216123}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{FC80A1C4-DEA4-4C5F-95BB-0060DE57F4A9}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{2BECB8DD-3CD4-4D73-AE42-79C0360967C5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F6459238-EA44-457F-984E-21F7658633ED}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CD524449-6F5D-4038-847E-8E77DA8DAFD8}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{D1DD6B32-3DAD-4AF0-B795-1C23530C3FB0}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3B4888B9-AB24-443F-9AE7-39B1EACB2556}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\FaxApplications.exe
FirewallRules: [{CE8FBAB4-5DD9-44E8-BD44-A1112B34E5B1}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\DigitalWizards.exe
FirewallRules: [{65FED0C7-B272-412E-BD6C-4A29DF3CD35A}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\bin\SendAFax.exe
FirewallRules: [{C15CE926-C58E-461B-B968-1C0F2FEEBD3C}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\DeviceSetup.exe
FirewallRules: [{FFAAD09C-BCEB-4E69-BF97-ABA135DEB6DB}] => (Allow) LPort=5357
FirewallRules: [{E80F92A4-816C-442D-923B-2353EB450151}] => (Allow) C:\Program Files\HP\HP Officejet 4630 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C41F4AA3-E083-4EE1-B0ED-12A94B88BB26}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe] => Enabled:Earthlink

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2015 11:21:01 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistartm\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/28/2015 12:08:22 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/28/2015 12:08:21 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: DFSRC:\Windows\System32\DfsrPerf.dll4

Error: (07/27/2015 08:52:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Reached the end of the file.

Error: (07/27/2015 08:52:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Reached the end of the file.

Error: (07/27/2015 12:07:12 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/27/2015 12:07:12 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: DFSRC:\Windows\System32\DfsrPerf.dll4

Error: (07/26/2015 09:58:31 PM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistartm\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/26/2015 10:28:35 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: d:\vistartm\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/26/2015 09:53:35 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ab6ce597-571f-4f93-a076-eb1f3e3396db}


System errors:
=============
Error: (07/30/2015 03:52:43 PM) (Source: ACPI) (EventID: 6) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 12, function 0.
Please contact your system vendor for technical assistance.

Error: (07/30/2015 03:52:43 PM) (Source: ACPI) (EventID: 6) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0.
Please contact your system vendor for technical assistance.

Error: (07/30/2015 03:52:43 PM) (Source: ACPI) (EventID: 6) (User: )
Description: IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0.
Please contact your system vendor for technical assistance.

Error: (07/28/2015 11:21:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/28/2015 11:21:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswRvrt
aswSnx
aswSP
aswVmm
spldr
Wanarpv6

Error: (07/28/2015 11:21:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Computer BrowserServer%%1068

Error: (07/28/2015 11:21:04 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/28/2015 11:21:01 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/28/2015 11:20:54 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/28/2015 11:20:37 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv.dll21


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-07-30 16:04:04.283
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:04.237
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:04.174
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:04.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:03.878
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:03.831
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:03.769
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-30 16:04:03.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 00:47:07.439
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2015-07-28 00:47:07.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon™ 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 46%
Total physical RAM: 1917.88 MB
Available physical RAM: 1031.6 MB
Total Virtual: 4056.71 MB
Available Virtual: 3130.54 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:289.3 GB) (Free:246.06 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:8.79 GB) (Free:1.03 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 7E39D227)
Partition 1: (Active) - (Size=289.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.8 GB) - (Type=07 NTFS)

==================== End of log ============================

Welcome to Lunarsoft's PC Cleanup page!

The PC Cleanup page has been converted into a wiki for faster, easier updates. Therefore should there ever be any changes to the programs recommended this page can be updated much faster than before. Also, since the PC Cleanup page is now a wiki version, pages should load faster and images can be loaded separately. When a machine needs to be repaired and is infested with malware, pages do not always load quickly. This is always kept in mind when creating these kind of pages so that even dial-up users may load these pages with ease.

We highly recommend using the Anti-Malware Toolkit to help download the Recommended Software and other useful tools to clean and perform maintenance on your computer.

Disclaimer

Recommended Software

This is very highly recommended software for all users. Many of these programs will help prevent and even protect from malware infections.

Installation Order

This process has been found to be the very best in eliminating and terminating infections. This process will also help to prevent infections from spreading as the infections are removed. You will also want to update each programs definitions/database if updates are available.

1. AdwCleaner does not need to be installed.
2. Install Malwarebytes.

Order of Operations

By following the directions listed below, you increase your chances for a fast reply on getting your logs and your computer cleaned.

Please follow these directions:

1. Run Windows Disk Cleanup.
2. Run AdwCleaner.
   At this point you should perform the recommended reboot to allow AdwCleaner to remove any malware/Potentially Unwanted Programs (PUPs), OEM bloatware, and run fixes.
3. Run Malwarebytes.
   At this point you should perform the recommended reboot to allow Malwarebytes to remove any malware/Potentially Unwanted Programs found.
4. Run Windows Update.

Unable to run Windows Update?

• On Windows 10
  • Settings
  • Update & Security
  • Troubleshoot
  • Under Get up and running, click Windows Update.
• You can also use Microsoft's Diagnose Windows Update if you're on Windows 7 or higher.

Cleaning & Settings

This section will describe how to update the recommended applications and allow you to configure each program with the best settings for malware removal.

Windows Disk Cleanup

Windows Disk Cleanup helps to clean out old, unused files. It can also help to clean out and remove malware from your %TEMP% folders and other common temporary directories where malware can reside. You don't need to start Windows Disk Cleanup with UAC to clean all of the necessary areas.

Scan Settings:

• It is safe to check all available options except for what is mentioned below.

Explanation:

• Windows upgrade log files are good to keep in case something went wrong during the upgrade of Windows. You can review the logs for more details about what happened. These kinds of logs are invaluable to technicians in diagnosing errors as well. They are safe to delete after approximately one to two months.

• Windows Error Reporting sends crash reports to Microsoft to help diagnose and get fixes to software that you use and has problems. These error reports are useful to both Microsoft and the developers of the software, to even technicians alike. Anyone who looks at these error reports or dump files can diagnose what the origin of the crash/problem is and help resolve the issue.

• Device driver packages are useful to keep as they will hold your hardware's drivers - software the tells the hardware what to do - in case of any issues, the latest working driver is stored here.

• Delivery Optimization Files allows you to share Windows Updates you've already downloaded locally on your network. This is faster, safe, and secure. Instead of having to redownload updates on computer two, computer two can get the updates from computer one also!

• Previous Windows installation(s) are good to keep for about ten days. This is especially true on Windows 10, where you get upgrades to the OS and if you have any problems you can revert back to the previous version. This was also true with the free Windows 10 upgrade. You had 30 days to revert back to your previous Windows 7/8 install. This changed when the Windows 10 Creator's Update released on April 5, 2017. If you do not experience any problems you can safely delete this or wait and let the OS do it for you.

AdwCleaner

AdwCleaner will run a quick scan to find and remove known malware and OEM bloatware - software that is not necessary.

Scan Settings

1. Click Settings.
2. Under Settings, scroll to Basic Repair Settings.
3. Turn all of the options to On.
4. Return to the Scanner by clicking Dashboard.

Scanning

1. Click Scan Now

Results

You may see two separate panes, one for malware found, then another after for Bloatware.

1. Quarantine all found malware and Potentially Unwanted Programs (PUPs).
2. It's optional though recommended to review and remove bloatware that was found.

Need further assistance? Refer to the AdwCleaner screenshots.

Malwarebytes

Malwarebytes is a free program that will scan your computer for numerous types of malware, including ransomware and other advanced online threats.

Update Instructions:

• Malwarebytes will automatically check for updates before scanning. A manual update check can be performed by clicking the gear at the top right, then clicking Check for updates.

Scan Settings:

If you want to do a quick scan and have Malwarebytes scan the top, commonly used infected areas of your computer run a Threat scan. However, we recommend running a Custom scan the first time you believe you're infected and scanning over your entire drive. A full custom scan can take several hours.

This will allow for any infected files found on your system to be quarantined.

Threat Scan

1. Click the Scan button. Alternatively, you can click the Scan pane, and then click the Scan button there.
2. Scanning will automatically start.

Custom Scan

1. Click the Scanner pane at the bottom middle.
2. Click Advanced scanners.
3. Under Custom Scan, click the Configure Scan button.
4. Make sure all the checkboxes on the left are checked.
5. Click to select your hard drive(s) and/or solid state drive(s).
6. Click Scan.

Scan Results

1. When the scan has completed, ensure all entries of both malware and Potentially Unwanted Programs (PUPs) are checked and click Quarantine.
2. If prompted to reboot, click Yes.

Need further assistance? Refer to the Malwarebytes screenshots.

Optional cleaning software

These are not necessary to scan with. If you feel that AdwCleaner and Malwarebytes did not catch your infection the software below may help.

SpywareBlaster

SpywareBlaster doesn't scan and clean for spyware - it prevents it from ever being installed. It will also stop malware from communicating with its host server. This helps to stop popups and malware from functioning and further spreading the infections.

Update Instructions:

1. Under "Quick Tasks" click "Download Latest Protection Updates".
2. Click the "Check for Updates" button.

Activation:

1. After updating, click "Protection" near the top.
2. Under "Quick Tasks" click "Enable All Protection" and you're finished with SpywareBlaster.

Need further assistance? Refer to the SpywareBlaster screenshots.

SUPERAntiSpyware

SUPERAntiSpyware Free Edition is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software.

Update Instructions:

• First Install:
  • Click "Yes" on the message box that appears asking about updating.

• Regular Use:
  • Click the "Check for Updates..." button.

First Run:

• A Setup Wizard will appear to assist you.

1. Click "Next"
2. Do not enter any email address and then click "Next".
3. Make sure there is a check applied to Automatic Update checking and then click "Next"
4. Uncheck "Send a diagnostic report to our research center"
5. Protect Homepage appears, click "Do NOT Protect".

Scan Settings:

1. Click the "System Tools & Program Settings" button.
2. Click the "Preferences" button.

• Under "General and Startup" uncheck the following:
  • Uncheck all options.
  • Optionally, you can check to "Disable anonymous threat reporting".
• Under "Scanning Control" uncheck the following:
  • "Display scan option in Explorer context (right-click) menu"
• Under "Scanning Control" check the following:
  • Apply a check to "Terminate memory threats before quarantining"

• You can now click "Back" and then "Home" as all settings have been set accordingly.

Scanning:

1. Make sure "Quick Scan" is selected (it is by default).
2. Click "Scan your Computer..."
3. After the scan completes, a Scan Summary will appear. Click "OK".
4. In the Scan Results window, make sure all results are checked and click "Next >". Reboot if prompted.

On Exit

• Click "Do not show this message next time" if it appears.

Need further assistance? Refer to the SUPERAntiSpyware screenshots.

Conclusion

Haven't registered yet for the Lunarsoft website and forums? Then please register with us!

If you have registered with Lunarsoft already, please post your log on the Malware Removal forum.

After your computer has been given a clean bill of health, you should read the PC Security page for adding extra protection to your computer.

Good luck, Tarun - Lunarsoft