Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-11-2014 01 Ran by Family (ATTENTION: The logged in user is not administrator) on LEWIS-HOMEPC on 30-11-2014 02:32:02 Running from C:\Users\Family\Desktop Loaded Profiles: Lewis & Family (Available profiles: Lewis & Family & Guest) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe (Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Hewlett-Packard Company) C:\hp\KBD\kbd.exe (CANON INC.) C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE (Hewlett-Packard) C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe (Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe (Western Digital) C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe (Western Digital Technologies, Inc.) C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe () C:\Program Files\AVG Web TuneUp\vprot.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe (AVG Technologies) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Dropbox, Inc.) C:\Users\Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (AVG Secure Search) C:\Program Files\AVG Web TuneUp\avgcefrend.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor) HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company) HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-09-29] (Intel Corporation) HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46632 2007-01-29] (Nuance Communications, Inc.) HKLM\...\Run: [KBD] => C:\HP\KBD\KBD.EXE [61440 2005-02-02] (Hewlett-Packard Company) HKLM\...\Run: [MFNetworkScanUtility] => C:\Program Files\Canon\Canon MF Network Scan Utility\CNMFSUT.EXE [472728 2012-09-26] (CANON INC.) HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [30248 2007-01-29] (Nuance Communications, Inc.) HKLM\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [438272 2008-01-30] (WDC) HKLM\...\Run: [WD Drive Unlocker] => C:\Program Files\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-06-13] (Western Digital) HKLM\...\Run: [WD Quick View] => C:\Program Files\Western Digital\WD Quick View\WDDMStatus.exe [5235128 2012-06-14] (Western Digital Technologies, Inc.) HKLM\...\Run: [vProt] => C:\Program Files\AVG Web TuneUp\vprot.exe [3060248 2014-11-04] () HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguix.exe [1126416 2014-10-10] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.) HKLM\...\RunOnce: [ehssetup] => "%WinDir%\system32\rundll32.exe" "%WinDir%\ehome\ehssetup.dll",LaunchProcessInputFiles HKLM\...\RunOnce: [HDMI ARP Update] => reg add "HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\HDMI" /v Changed /t REG_DWORD /d 1 /f HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters). HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters). HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters). HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation) HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-13] (Microsoft Corporation) HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-05-31] (Google Inc.) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-09-17] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1281781510-1492145563-2711715990-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/?.src=ym&.intl=ca&.lang=en-CA&.done=http://mail.yahoo.com URLSearchHook: [S-1-5-21-1281781510-1492145563-2711715990-1001] ATTENTION ==> Default URLSearchHook is missing. SearchScopes: HKLM -> {0A7F57AF-E6B5-4DE7-A7F5-DACF503C0D20} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDCS7 SearchScopes: HKLM -> {358A9004-0BB7-4404-BDF9-EAAAC2CB52C9} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd SearchScopes: HKLM -> {4D599494-48F5-4625-B4CD-910ED1D8E4B9} URL = http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt SearchScopes: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> {0A7F57AF-E6B5-4DE7-A7F5-DACF503C0D20} URL = http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDCS7 SearchScopes: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> {358A9004-0BB7-4404-BDF9-EAAAC2CB52C9} URL = http://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd SearchScopes: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> {4D599494-48F5-4625-B4CD-910ED1D8E4B9} URL = http://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdt SearchScopes: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={B775B487-0C74-4C93-AD2C-9AC0F1BF8C58}&mid=b99b0fc152bf47d28ae3d153d4f7f28e-fb56570b729c5d9378b0eeaca9c2d79b8f154214&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-10-27 12:05:03&v=4.0.0.17&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.) BHO: CA Toolbar Helper -> {FBF2401B-7447-4727-BE5D-C19B2075CA84} -> No File Toolbar: HKLM - CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No File Toolbar: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) Toolbar: HKU\S-1-5-21-1281781510-1492145563-2711715990-1002 -> &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation) DPF: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} https://www.topproduceronline.com/downloads/msjavx86.exe DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab Handler: callingid - {086D03BA-57AC-4C8E-A33D-0BAABF742411} - No File Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) Handler: intu-qt2007 - {026BF40D-BA05-467b-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-qt2008 - {05E53CE9-66C8-4a9e-A99F-FDB7A8E7B596} - C:\Program Files\QuickTax 2008\ic2008pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-qt2009 - {03947252-2355-4e9b-B446-8CCC75C43370} - C:\Program Files\QuickTax 2009\ic2009pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: intu-tt2010 - {97A0575E-2309-4e75-8509-B1F9390C4DE7} - C:\Program Files\TurboTax 2010\ic2010pp.dll (Intuit Canada, a general partnership/une société en nom collectif.) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search) ShellExecuteHooks: ShellHook Class - {1869181A-9F50-4FCF-8BFF-1B8588ECB85C} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vu4c0nyu.default FF DefaultSearchEngine: AVG Secure Search FF SelectedSearchEngine: AVG Secure Search FF Homepage: https://mysearch.avg.com?cid={B775B487-0C74-4C93-AD2C-9AC0F1BF8C58}&mid=b99b0fc152bf47d28ae3d153d4f7f28e-fb56570b729c5d9378b0eeaca9c2d79b8f154214&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-10-27 12:05:03&v=4.0.0.17&pid=wtu&sg=&sap=hp FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_239.dll () FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npxsciter.dll ( ) FF SearchPlugin: C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vu4c0nyu.default\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\wtu-secure-search.xml FF Extension: AVG Web TuneUp - C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vu4c0nyu.default\Extensions\avg@toolbar [2014-10-27] FF Extension: Bitdefender QuickScan - C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vu4c0nyu.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-10-26] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\vu4c0nyu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-07-04] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-11] Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.ca/" CHR Profile: C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-21] CHR Extension: (Google Drive) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-21] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21] CHR Extension: (YouTube) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-21] CHR Extension: (Google Search) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-21] CHR Extension: (Google Wallet) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-21] CHR Extension: (Bitdefender QuickScan) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-10-25] CHR Extension: (Gmail) - C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-21] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2007-03-05] () [File not signed] S4 AutoSyncService; C:\Program Files\Memeo\AutoSync\MemeoService.exe [31768 2007-07-06] (Memeo) [File not signed] R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [697360 2014-10-10] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.) R2 CCALib8; C:\Program Files\Canon\CAL\CALMAIN.exe [96341 2006-03-30] (Canon Inc.) [File not signed] S2 gupdate1c9e258f563f550; C:\Program Files\Google\Update\GoogleUpdate.exe [107912 2014-10-22] (Google Inc.) S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-06-16] (Hewlett-Packard) [File not signed] S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-25] (HP) [File not signed] R3 hpqcxs08; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll [225280 2007-02-14] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll [131072 2007-02-14] (Hewlett-Packard Co.) [File not signed] R2 IAANTMON; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [81920 2006-09-29] (Intel Corporation) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2006-10-19] (Hewlett-Packard Company) [File not signed] R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed] R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed] R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2165560 2014-11-24] (AVG Technologies) R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-11-24] (AVG Technologies) R2 vToolbarUpdater18.1.10; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-10-27] (AVG Secure Search) R2 WDBackup; C:\Program Files\Western Digital\WD SmartWare\WDBackupEngine.exe [1151424 2012-06-14] (Western Digital ) R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [106496 2008-01-30] (WDC) [File not signed] R2 WDDriveService; C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [213784 2014-10-29] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192792 2014-08-28] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [230680 2014-07-18] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-05] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-18] (AVG Technologies CZ, s.r.o.) R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [200984 2014-10-10] (AVG Technologies CZ, s.r.o.) R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-10-27] (AVG Technologies) S3 BrSerIf; C:\Windows\System32\Drivers\BrSerIf.sys [52224 2006-12-12] (Brother Industries Ltd.) [File not signed] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-10-01] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2014-10-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-10-01] (Malwarebytes Corporation) R3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [134144 2013-02-22] (Prolific Technology Inc.) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2014-09-09] (TuneUp Software) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-30 02:32 - 2014-11-30 02:32 - 00023515 _____ () C:\Users\Family\Desktop\FRST.txt 2014-11-30 02:31 - 2014-11-30 02:32 - 00000000 ____D () C:\FRST 2014-11-30 02:30 - 2014-11-30 02:30 - 01109504 _____ (Farbar) C:\Users\Family\Desktop\FRST.exe 2014-11-29 20:13 - 2014-11-29 20:13 - 00000000 _____ () C:\Windows\setuperr.log 2014-11-29 18:45 - 2014-11-24 06:48 - 00035640 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll 2014-11-29 18:45 - 2014-11-24 06:48 - 00025400 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll 2014-11-29 18:42 - 2014-11-29 18:42 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVG 2014-11-29 18:41 - 2014-11-29 18:41 - 00002163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk 2014-11-29 18:41 - 2014-11-29 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015 2014-11-29 18:41 - 2014-11-24 06:48 - 00036152 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe 2014-11-29 18:32 - 2014-11-29 18:32 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVG2015 2014-11-29 18:31 - 2014-11-29 21:17 - 00000000 ____D () C:\Users\Family\AppData\Local\Avg2015 2014-11-29 18:30 - 2014-11-29 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-11-29 18:28 - 2014-11-29 18:31 - 00000000 ____D () C:\ProgramData\AVG2015 2014-11-29 18:28 - 2014-11-29 18:28 - 00000000 ___HD () C:\$AVG 2014-11-29 18:24 - 2014-11-29 18:24 - 00000902 _____ () C:\Users\Public\Desktop\AVG.lnk 2014-11-29 18:22 - 2014-11-29 19:42 - 00000000 ____D () C:\ProgramData\Avg 2014-11-29 18:22 - 2014-11-29 18:40 - 00000000 ____D () C:\Program Files\AVG 2014-11-29 18:21 - 2014-11-29 18:42 - 00000000 ____D () C:\Users\Family\AppData\Local\Avg 2014-11-29 18:21 - 2014-11-29 18:24 - 00000000 ____D () C:\Users\Family\AppData\Local\AvgSetupLog 2014-11-26 20:48 - 2014-11-26 20:48 - 00051024 _____ () C:\Users\Family\Downloads\Extras.Txt 2014-11-26 20:45 - 2014-11-26 20:45 - 00066588 _____ () C:\Users\Family\Downloads\OTL.Txt 2014-11-26 20:20 - 2014-11-26 20:20 - 00602112 _____ (OldTimer Tools) C:\Users\Family\Downloads\OTL.exe 2014-11-23 14:50 - 2014-11-23 14:50 - 00000000 __SHD () C:\Users\Family\AppData\Local\EmieBrowserModeList 2014-11-15 23:31 - 2014-11-26 16:49 - 00002131 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-15 23:31 - 2014-11-15 23:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-11-12 20:49 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 20:49 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 20:49 - 2014-11-05 22:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 20:49 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 20:49 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 20:49 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 20:49 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 20:49 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 20:49 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 20:49 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 20:49 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 20:49 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 20:49 - 2014-11-05 21:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 20:49 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 20:49 - 2014-11-05 21:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 20:49 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 20:49 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 20:49 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 20:49 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 20:49 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 20:49 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 20:49 - 2014-11-05 21:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 20:49 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 20:49 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 20:49 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 20:49 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 20:49 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 20:49 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 20:49 - 2014-11-05 12:50 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 20:49 - 2014-11-05 12:50 - 00203776 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 20:49 - 2014-11-05 12:47 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 20:49 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 20:49 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 20:49 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 20:49 - 2014-10-09 19:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 20:49 - 2014-10-02 20:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 20:49 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 20:49 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 20:49 - 2014-10-02 20:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 20:49 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 20:49 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 20:49 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 20:49 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 20:49 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 20:48 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 20:48 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 20:48 - 2014-10-13 20:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 20:48 - 2014-10-13 20:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 20:48 - 2014-10-13 20:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 20:48 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 20:48 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-08 16:11 - 2014-11-08 16:11 - 04799438 _____ () C:\Users\Family\Downloads\u91D1u5C6Cu9398u8D85u6A19u4E4Bu767Du7C73.mp4 2014-11-08 16:10 - 2014-11-08 16:10 - 05046847 _____ () C:\Users\Family\Downloads\Karnavalcom (3).mp4 2014-11-08 16:09 - 2014-11-08 16:09 - 05046847 _____ () C:\Users\Family\Downloads\Karnavalcom (2).mp4 2014-11-08 16:08 - 2014-11-08 16:09 - 05046847 _____ () C:\Users\Family\Downloads\Karnavalcom (1).mp4 2014-11-08 16:07 - 2014-11-08 16:08 - 05046847 _____ () C:\Users\Family\Downloads\Karnavalcom.mp4 ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-30 02:29 - 2010-11-02 23:17 - 00000392 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{3A381596-DF53-49F1-B516-6C1B19F06422}.job 2014-11-30 02:10 - 2013-01-08 21:16 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-30 01:45 - 2010-02-25 20:46 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-30 01:23 - 2014-10-25 19:09 - 00000000 ____D () C:\ProgramData\MFAData 2014-11-29 21:00 - 2014-09-15 05:11 - 01402837 _____ () C:\Windows\WindowsUpdate.log 2014-11-29 20:35 - 2014-09-20 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-29 20:28 - 2014-09-15 04:21 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-29 20:27 - 2014-09-15 04:21 - 00018640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-29 20:20 - 2013-09-21 07:27 - 00000000 ___RD () C:\Users\Family\Dropbox 2014-11-29 20:16 - 2011-06-20 21:52 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Dropbox 2014-11-29 20:14 - 2010-02-25 20:46 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-29 20:13 - 2009-07-13 23:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-29 20:13 - 2009-07-13 23:39 - 01724348 _____ () C:\Windows\setupact.log 2014-11-29 19:51 - 2006-12-13 04:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling 2014-11-29 19:27 - 2014-09-15 04:22 - 00794582 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-27 09:58 - 2012-04-29 20:19 - 00000052 _____ () C:\Windows\system32\DOErrors.log 2014-11-26 22:16 - 2014-09-15 04:23 - 00000000 ____D () C:\Users\Lewis 2014-11-26 22:13 - 2008-04-17 17:38 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Apple Computer 2014-11-26 22:12 - 2008-04-17 17:28 - 00000000 ____D () C:\ProgramData\Apple 2014-11-26 22:09 - 2014-08-19 22:32 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-11-26 09:10 - 2012-12-19 00:45 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-11-26 09:10 - 2011-11-02 20:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-11-16 09:38 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-16 09:22 - 2009-07-13 23:33 - 00373856 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-16 09:20 - 2014-09-16 03:08 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-16 09:20 - 2014-09-15 05:08 - 00100888 _____ () C:\Windows\PFRO.log 2014-11-15 23:31 - 2008-03-06 20:33 - 00000000 ____D () C:\Program Files\Google 2014-11-12 20:27 - 2010-11-02 23:18 - 00103192 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT 2014-11-11 02:01 - 2009-07-13 21:37 - 00000000 ____D () C:\Windows\rescache 2014-11-08 16:04 - 2014-09-01 07:31 - 00000000 ____D () C:\Users\Family\AppData\Roaming\Skype 2014-11-07 18:29 - 2014-09-01 07:30 - 00000000 ____D () C:\ProgramData\Skype 2014-11-04 14:30 - 2009-10-03 00:42 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-04 10:48 - 2014-10-27 11:04 - 00000000 ____D () C:\Program Files\AVG Web TuneUp Some content of TEMP: ==================== C:\Users\Family\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn8yu5n.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed ATTENTION: ==> Could not access BCD, see Addition.txt for additional information. ==================== End Of Log ============================