Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-03-2015
Ran by jeff (administrator) on JWJ-ROBOT on 02-03-2015 23:22:00
Running from C:\Users\jeff\Desktop
Loaded Profiles: jeff (Available profiles: jeff)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHWA.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoUpdateCheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2755640 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-09-26] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2780400 2013-09-11] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHWA.EXE [239488 2011-04-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\...\Run: [GoogleChromeAutoLaunch_7006BB24EAB940430C8CD96F5EFEA593] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [843592 2015-02-17] (Google Inc.)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\...\MountPoints2: {6dd8977d-b206-11e4-826c-a01d48fe15cc} - "F:\AutoRun.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\Software\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPNOT14/1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.65
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Dictanote - Speech Recognizer) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjekmpappghadlogpigifkghlmebjk [2015-01-18]
CHR Extension: (Google Drive) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-15]
CHR Extension: (WOT) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-01-15]
CHR Extension: (YouTube) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Adblock Plus) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-01-15]
CHR Extension: (Google Search) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Chrome Connectivity Diagnostics) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2015-01-15]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2015-01-18]
CHR Extension: (Disconnect) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2015-01-15]
CHR Extension: (Google Wallet) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-15]
CHR Extension: (Memo Notepad) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmoihkoninaoanjobiiknmgenhpaecec [2015-01-15]
CHR Extension: (Gmail) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR Profile: C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-28]
CHR Extension: (Google Docs) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-28]
CHR Extension: (Google Drive) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-28]
CHR Extension: (YouTube) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-28]
CHR Extension: (Google Search) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-28]
CHR Extension: (Google Sheets) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-28]
CHR Extension: (Google Wallet) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-28]
CHR Extension: (Gmail) - C:\Users\jeff\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-28]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-09-25] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-25] (Advanced Micro Devices, Inc.) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1486664 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-26] () [File not signed]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-04] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-04] (CyberLink)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-08-29] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-26] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2604344 2015-01-30] (AVG Technologies)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2015-01-17] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2012-01-10] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290520 2013-08-19] (Realtek Semiconductor Corp.)
R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-01-13] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-09-11] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-09-11] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2015-01-13] (TuneUp Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 23:22 - 2015-03-02 23:24 - 00019091 _____ () C:\Users\jeff\Desktop\FRST.txt
2015-03-02 23:22 - 2015-03-02 23:22 - 00852604 _____ () C:\Users\jeff\Desktop\SecurityCheck.exe
2015-03-02 23:20 - 2015-03-02 23:20 - 02092544 _____ (Farbar) C:\Users\jeff\Desktop\FRST64.exe
2015-03-01 01:58 - 2015-03-01 02:02 - 1073741824 _____ () C:\Users\jeff\Documents\Data Safe.avgfv
2015-02-28 20:51 - 2015-02-28 20:51 - 02347384 _____ (ESET) C:\Users\jeff\Desktop\esetsmartinstaller_enu.exe
2015-02-28 20:51 - 2015-02-28 20:51 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-28 20:43 - 2015-02-28 20:43 - 00001039 _____ () C:\Users\jeff\Desktop\mal.txt
2015-02-26 17:04 - 2015-02-26 17:04 - 00000000 _____ () C:\Windows\setuperr.log
2015-02-26 16:52 - 2015-02-26 17:02 - 00000000 ____D () C:\AdwCleaner
2015-02-26 16:02 - 2015-02-26 16:02 - 02126848 _____ () C:\Users\jeff\Desktop\AdwCleaner.exe
2015-02-26 15:58 - 2015-02-26 15:58 - 00000938 _____ () C:\Users\jeff\Desktop\JRT.txt
2015-02-26 15:44 - 2015-02-26 15:44 - 01388274 _____ (Thisisu) C:\Users\jeff\Desktop\JRT.exe
2015-02-26 09:12 - 2015-02-26 09:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2015-02-26 09:12 - 2015-02-26 09:12 - 00000000 ____D () C:\Program Files (x86)\MCShield
2015-02-26 09:05 - 2015-02-26 17:07 - 00000000 ____D () C:\ProgramData\MCShield
2015-02-26 01:22 - 2014-12-13 13:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-26 01:22 - 2014-12-13 13:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-20 20:28 - 2015-02-20 23:25 - 00000000 __SHD () C:\Users\jeff\AppData\Local\EmieUserList
2015-02-20 20:28 - 2015-02-20 23:25 - 00000000 __SHD () C:\Users\jeff\AppData\Local\EmieSiteList
2015-02-17 00:06 - 2015-02-17 00:06 - 04775752 _____ (Google) C:\Users\jeff\Downloads\software_removal_tool.exe
2015-02-16 00:55 - 2015-02-26 17:04 - 00002186 _____ () C:\Windows\setupact.log
2015-02-14 07:26 - 2015-02-14 07:27 - 00030862 _____ () C:\Users\jeff\Downloads\Addition.txt
2015-02-14 07:15 - 2015-03-02 23:22 - 00000000 ____D () C:\FRST
2015-02-13 07:49 - 2015-01-22 20:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-13 07:49 - 2015-01-22 19:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 21:18 - 2015-01-15 14:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 21:18 - 2015-01-15 14:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 21:18 - 2015-01-13 20:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-10 21:18 - 2015-01-13 19:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-10 21:18 - 2015-01-13 14:11 - 01762840 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 21:18 - 2015-01-13 14:04 - 01489072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 21:18 - 2015-01-10 01:10 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 21:18 - 2015-01-10 01:10 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-02-10 21:18 - 2015-01-10 00:28 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-02-10 21:18 - 2015-01-09 23:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 21:18 - 2015-01-09 22:38 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 21:18 - 2014-12-08 19:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 21:18 - 2014-12-08 17:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 21:17 - 2015-02-03 15:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-10 21:17 - 2015-02-03 15:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-10 21:17 - 2015-02-03 15:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-10 21:17 - 2015-02-02 15:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-10 21:17 - 2015-02-02 15:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-10 21:17 - 2015-02-02 15:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-10 21:17 - 2015-01-19 10:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-10 21:17 - 2015-01-11 19:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 21:17 - 2015-01-11 18:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 21:17 - 2015-01-11 18:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 21:17 - 2015-01-11 18:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 21:17 - 2015-01-11 18:34 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-02-10 21:17 - 2015-01-11 18:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 21:17 - 2015-01-11 18:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 21:17 - 2015-01-11 18:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 21:17 - 2015-01-11 18:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 21:17 - 2015-01-11 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 21:17 - 2015-01-11 18:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 21:17 - 2015-01-11 17:58 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-02-10 21:17 - 2015-01-11 17:55 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-02-10 21:17 - 2015-01-11 17:51 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-02-10 21:17 - 2015-01-11 17:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 21:17 - 2015-01-11 17:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 21:17 - 2015-01-11 17:48 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 21:17 - 2015-01-11 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 21:17 - 2015-01-11 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 21:17 - 2015-01-11 17:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 21:17 - 2015-01-11 17:34 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-02-10 21:17 - 2015-01-11 17:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-02-10 21:17 - 2015-01-11 17:27 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-02-10 21:17 - 2015-01-11 17:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 21:17 - 2015-01-11 17:25 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-02-10 21:17 - 2015-01-11 17:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 21:17 - 2015-01-11 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 21:17 - 2015-01-11 17:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 21:17 - 2015-01-11 17:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 21:17 - 2015-01-11 17:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 21:17 - 2015-01-11 17:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 21:17 - 2015-01-11 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 21:17 - 2015-01-11 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 21:17 - 2015-01-11 16:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 21:17 - 2015-01-10 00:22 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-10 21:17 - 2014-12-19 00:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 21:17 - 2014-12-19 00:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 21:17 - 2014-12-08 15:12 - 00391526 _____ () C:\Windows\system32\ApnDatabase.xml
2015-02-08 21:42 - 2015-02-08 21:42 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2015-02-07 00:36 - 2015-01-30 17:23 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-02-07 00:36 - 2015-01-30 17:22 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-02-07 00:36 - 2015-01-30 17:22 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-02-07 00:35 - 2015-02-07 00:35 - 00002198 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk
2015-02-07 00:34 - 2015-02-07 00:34 - 00000000 ____D () C:\Users\jeff\AppData\Roaming\AVG
2015-02-07 00:32 - 2015-02-07 00:32 - 00000000 ____D () C:\Users\jeff\AppData\Local\Avg
2015-02-07 00:30 - 2015-02-07 00:36 - 00000000 ____D () C:\ProgramData\AVG
2015-02-07 00:28 - 2015-02-07 00:30 - 113392440 _____ (AVG Technologies) C:\Users\jeff\Downloads\avg_tuh_stf_all_2015_373_24c4.exe
2015-02-06 20:16 - 2015-02-06 20:16 - 00085450 _____ () C:\Users\jeff\Downloads\manualRequestForm.action
2015-02-05 22:59 - 2015-02-14 06:56 - 00000000 ____D () C:\Windows\Minidump
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-02 23:23 - 2015-01-16 17:59 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-02 23:23 - 2015-01-15 19:12 - 00000926 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-02 23:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-02 22:44 - 2015-01-15 18:36 - 01946426 _____ () C:\Windows\WindowsUpdate.log
2015-03-02 22:35 - 2015-01-15 18:45 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3792397004-3726139591-2730438546-1002
2015-03-02 22:30 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-02 22:23 - 2015-01-15 18:47 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{2DE0847F-986B-45BF-A2E7-DE2B7AD5E9E8}
2015-03-02 22:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-01 23:37 - 2015-01-17 23:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-28 07:02 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-26 17:07 - 2015-01-15 19:12 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-26 17:07 - 2015-01-15 18:46 - 00000000 ___DO () C:\Users\jeff\SkyDrive
2015-02-26 17:04 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-26 17:03 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-26 15:36 - 2015-01-15 18:40 - 00000000 ___RD () C:\Users\jeff\Documents\Youcam
2015-02-26 15:31 - 2015-01-15 18:38 - 00000000 ____D () C:\Users\jeff
2015-02-26 05:04 - 2013-08-22 07:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-21 06:10 - 2015-01-18 22:46 - 00007616 _____ () C:\Users\jeff\AppData\Local\Resmon.ResmonCfg
2015-02-20 20:26 - 2013-08-25 22:01 - 00028542 _____ () C:\Windows\PFRO.log
2015-02-17 20:46 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2015-02-17 00:30 - 2015-01-14 22:37 - 00000000 ____D () C:\ProgramData\Temp
2015-02-17 00:22 - 2015-01-15 20:48 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-17 00:10 - 2015-01-15 20:47 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-16 00:58 - 2013-08-25 22:09 - 00956476 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-14 06:56 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-02-14 01:44 - 2013-11-08 17:52 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-02-11 07:57 - 2013-08-22 06:44 - 00337920 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-11 07:52 - 2015-01-18 07:26 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-11 07:52 - 2015-01-18 07:26 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-08 23:28 - 2015-01-15 18:39 - 00000000 ____D () C:\Users\jeff\AppData\Local\VirtualStore
2015-02-07 07:45 - 2015-01-23 03:15 - 00000000 ____D () C:\Users\jeff\AppData\Roaming\WildTangent
2015-02-07 07:45 - 2015-01-15 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-07 07:45 - 2013-08-22 11:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\IME
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Globalization
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-02-07 07:45 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-02-07 07:44 - 2013-08-22 11:12 - 00000000 ____D () C:\Windows\ShellNew
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 __RSD () C:\Windows\Media
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\ras
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\icsxml
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\SystemResources
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\WinMetadata
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Shared
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\WindowsInternal.Inbox.Media.Shared
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\uk-UA
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\th-TH
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sl-SI
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\setup
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\ro-RO
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\ras
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\MSDRM
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\Macromed
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\lv-LV
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\lt-LT
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\IME
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\icsxml
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\ias
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\hr-HR
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\he-IL
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\et-EE
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\en-GB
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\Com
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\bg-BG
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\system32\ar-SA
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\schemas
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PLA
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-02-07 07:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\L2Schemas
2015-02-07 07:44 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-02-07 07:44 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-02-07 07:44 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-02-07 07:44 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-02-07 07:44 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\servicing
2015-02-07 07:25 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\registration
2015-02-07 00:34 - 2015-01-16 18:02 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-02-07 00:01 - 2013-11-08 17:58 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-07 00:01 - 2013-11-08 17:58 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-05 19:42 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-02-05 12:20 - 2015-01-14 22:27 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-02-05 12:18 - 2015-01-15 19:12 - 00003898 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 12:18 - 2015-01-15 19:12 - 00003662 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-03 11:31 - 2015-01-28 12:37 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 11:31 - 2015-01-28 12:37 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-01-18 22:46 - 2015-02-21 06:10 - 0007616 _____ () C:\Users\jeff\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\jeff\AppData\Local\Temp\Quarantine.exe
C:\Users\jeff\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-01 20:12
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-03-2015
Ran by jeff at 2015-03-02 23:25:26
Running from C:\Users\jeff\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG Internet Security 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2015 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{301D3AA1-5DCC-FCFD-622E-3C7CBA87C80F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4299 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.373 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.373 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.373 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.5.3303 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3228 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3305 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{CA132762-533D-4EA4-81A9-DCB1D5B2B169}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7127.4628 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.54 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{A54CD4B8-3110-4B25-965A-4085D693B887}) (Version: 2.2.6 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.54 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.54 - Softex Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29070 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.13.1 - Synaptics Incorporated)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
13-02-2015 23:39:22 ???heres to hoping
17-02-2015 00:08:44 Windows Update
20-02-2015 20:21:36 Restore Point Created by FRST
26-02-2015 05:02:12 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0E94DA62-6B64-413F-8B88-7368C5DA5B81} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {0F24E2A4-3986-471E-B47E-037C9EE1336C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {1263C35B-8CA0-439C-A193-D934DD9C44CD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {27E827E0-06B1-483B-86AB-AD1088FA6AC8} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-04] (CyberLink)
Task: {2BB9B2D5-6375-4519-B057-EEE895CF6FE3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {4128F1DD-FBF7-420C-95A9-683148A97C28} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-08-09] (Hewlett-Packard)
Task: {4AD96814-53B5-41E6-B98A-2E31C8958F14} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {50DADD68-0B95-4A8A-9DAE-5072612EFF16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {5B9535ED-E0EA-40AA-9593-88BA9744545F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-09-11] (Synaptics Incorporated)
Task: {A32D55EF-7469-4F2D-B23C-0697E3BDDE7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-15] (Google Inc.)
Task: {B6BD2C8B-EA0B-4438-8D22-D5AE506F99AA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-22] (Realtek Semiconductor)
Task: {C436830E-65B1-448F-9F14-EBC8BD713612} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-17] (Microsoft Corporation)
Task: {D690AFDA-2205-4B13-B07D-3220F4176777} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-01-30] (AVG Technologies)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2013-09-26 11:26 - 2013-09-26 11:26 - 00109568 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
2013-09-26 11:32 - 2013-09-26 11:32 - 00627200 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cachedrv.dll
2013-09-26 11:28 - 2013-09-26 11:28 - 02540544 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2013-09-26 11:25 - 2013-09-26 11:25 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2013-09-26 11:39 - 2013-09-26 11:39 - 00306064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2013-09-26 11:39 - 2013-09-26 11:39 - 01298832 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2013-09-25 06:49 - 2013-09-25 06:49 - 00099328 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2013-09-25 06:48 - 2013-09-25 06:48 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-30 17:23 - 2015-01-30 17:23 - 00712504 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2013-09-26 11:34 - 2013-09-26 11:34 - 00064000 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2015-01-30 17:23 - 2015-01-30 17:23 - 00855864 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2013-09-25 06:48 - 2013-09-25 06:48 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-25 06:49 - 2013-09-25 06:49 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-01-17 23:58 - 2015-01-17 23:58 - 01686552 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2015-02-19 23:25 - 2015-02-17 14:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-19 23:25 - 2015-02-17 14:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-19 23:25 - 2015-02-17 14:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2015-01-14 22:44 - 2013-08-04 23:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-30 17:16 - 2015-01-30 17:16 - 00173368 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUBasic.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00726328 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUKernel.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00096056 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUTransl.bpl
2015-01-30 17:17 - 2015-01-30 17:17 - 10215736 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUComponents.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00559416 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\GR32_D6.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00260408 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\XMLComponents.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00054072 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxCoreD12.bpl
2015-01-30 17:17 - 2015-01-30 17:17 - 00089400 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxGDIPlusD12.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00170296 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\PerlRegEx.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00101688 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TUShell.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00069944 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxThemeD12.bpl
2015-01-30 17:17 - 2015-01-30 17:17 - 01076536 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\cxLibraryD12.bpl
2015-01-30 17:17 - 2015-01-30 17:17 - 01374520 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxBarD12.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00063288 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\TURar.bpl
2015-01-30 17:16 - 2015-01-30 17:16 - 00021304 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\dxComnD12.bpl
2015-01-30 17:23 - 2015-01-30 17:23 - 00728888 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulngx.dll
2015-02-19 23:25 - 2015-02-17 14:44 - 14965064 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\jeff\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3792397004-3726139591-2730438546-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img5.jpg
DNS Servers: 192.168.0.1 - 205.171.2.65
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3792397004-3726139591-2730438546-500 - Administrator - Disabled)
Guest (S-1-5-21-3792397004-3726139591-2730438546-501 - Limited - Disabled)
jeff (S-1-5-21-3792397004-3726139591-2730438546-1002 - Administrator - Enabled) => C:\Users\jeff
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61802031
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61802031
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61800313
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61800313
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2015 11:22:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.
System errors:
=============
Error: (03/02/2015 00:15:12 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 7 time(s).
Error: (03/01/2015 08:35:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 6 time(s).
Error: (03/01/2015 02:10:45 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 5 time(s).
Error: (03/01/2015 02:02:42 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume Data Safe encountered a non-retryable error and could not start. The data contains the error code.
Error: (03/01/2015 02:02:00 AM) (Source: Ntfs) (EventID: 137) (User: )
Description: The default transaction resource manager on volume Data Safe encountered a non-retryable error and could not start. The data contains the error code.
Error: (02/28/2015 07:55:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 4 time(s).
Error: (02/28/2015 07:28:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 3 time(s).
Error: (02/27/2015 04:23:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 2 time(s).
Error: (02/27/2015 02:18:18 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CyberLink PowerDVD 12 Media Server Service service terminated unexpectedly. It has done this 1 time(s).
Error: (02/26/2015 07:09:38 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Encrypted volume check: Volume information on G: cannot be read.
Microsoft Office Sessions:
=========================
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1516
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1516
Error: (03/02/2015 00:15:55 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61802031
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61802031
Error: (03/01/2015 07:21:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 61800313
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 61800313
Error: (03/01/2015 07:21:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/28/2015 11:22:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
CodeIntegrity Errors:
===================================
Date: 2015-02-26 17:06:11.512
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-20 20:27:07.628
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-20 20:08:45.195
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-17 00:32:33.448
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-11 07:57:22.718
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-07 07:55:08.887
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-07 02:38:02.574
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-07 01:33:23.946
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-05 23:02:28.996
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-02-05 20:06:00.913
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD A6-5200 APU with Radeon HD Graphics
Percentage of memory in use: 90%
Total physical RAM: 3554.26 MB
Available physical RAM: 330.03 MB
Total Pagefile: 7394.26 MB
Available Pagefile: 1843.45 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:678.91 GB) (Free:637.75 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:18.96 GB) (Free:1.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D0D30292)
Partition: GPT Partition Type.
==================== End Of Log ============================
Results of screen317's Security Check version 0.99.97
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Internet Security 2015
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
AVG PC TuneUp 2015
AVG Web TuneUp
AVG PC TuneUp 2015 (en-US)
AVG PC TuneUp 2015
Java 64-bit 8 Update 31
Google Chrome (40.0.2214.111)
Google Chrome (40.0.2214.115)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
AVG avgwdsvc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````