Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer Infected [Solved]

Missing e mails; slow running

  • This topic is locked This topic is locked

#1
steve bradbury

steve bradbury

    Member

  • Member
  • PipPip
  • 24 posts

About 3 weeks ago, I made the mistake of opening a link apparently sent by my niece. As soon as it opened I realised that it must have been a scam as it did not tie up with what i expected.

 

I immediately closed the link and ran malwarebytes (free version), but did not get any indication that it had discovered anything.

 

However, two strange things have happened on my PC.

1. Some e mail addresses are no longer in my outlook account

2. The PC takes much longer to start up when switched on and on occassion now freezes. When this happens, sometimes the mouse cursor will move, and at other times it won't.

 

My PC just does not feel the same, yet i have not been able to pinpoint what exactly has altered; other than speed of responses

 

Steps taken so far

My PC protection is via AVG, and includes One Click Maintenance option which I have used.

I have rerun Malwarebytes on two additional occassions,

I have used C Cleaner to get rid of cookies

I have attempted to restore to a previous date but this does not complete. The warning message is "Unable to Complete - this may be because of......  I have tried choosing various dates, but none worked. In desparation, I also tried System restore with my AVG protection temporarilly turned off. 

 

Please can you help

 

Steve Bradbury

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Steve (administrator) on STEVE-PC on 29-06-2015 03:00:06
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Alcatel-Lucent) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Alcatel-Lucent) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
(Spotify Ltd) C:\Users\Steve\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(ScanSoft, Inc) C:\Program Files (x86)\ScanSoft\OmniPageSE\opware32.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(Dropbox, Inc.) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Nikon Corporation) C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Steve\Desktop\FRST64 (3).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [btbb_McciTrayApp] => C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe [3451904 2010-08-12] (Alcatel-Lucent)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Omnipage] => C:\Program Files (x86)\ScanSoft\OmniPageSE\opware32.exe [49152 2002-06-03] (ScanSoft, Inc)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2510784 2015-05-21] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Nikon Transfer Monitor] => C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [485208 2008-09-30] (Nikon Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/w...VFVHKzMtU1AxUzI(the data entry has 145 more characters).
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-15] (Google Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [MusicManager] => C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Spotify Web Helper] => C:\Users\Steve\SpotifyWebHelper.exe [2023480 2015-06-28] (Spotify Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Spotify] => C:\Users\Steve\Application Data\Spotify\Spotify.exe [7112248 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Dropbox Update] => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk [2010-11-15]
ShortcutTarget: NETGEAR WNA1100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk [2013-02-04]
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Steve\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...pr&d=2012-11-2723:15:06&v=18.5.0.909&pid=avg&sg=0&sap=hp
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {86F2012D-EE91-41DA-A7E4-EF637CFCFA3B} URL = http://search.avg.co...}&ychte=us&nt=1
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...pr&d=2012-11-2723:15:06&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20] (Yahoo! Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-21] (AVG Secure Search)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20] (Yahoo! Inc)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM-x32 - BT Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20] (Yahoo! Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-21] (AVG Secure Search)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://hive1.hsbc.c...SetupClient.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-21] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{298CEDCD-E2B7-4EAE-81AA-AF25C09AD2E4}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{69E4A76E-7B6A-49B5-BCD0-937BB741108E}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{E66F522E-1D79-49F3-B2B4-18335DB0210C}: [DhcpNameServer] 192.168.1.254 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-15] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-08-12] (Motive, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3018395322-1037248882-2513499089-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3018395322-1037248882-2513499089-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF user.js: detected! => C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\user.js [2013-08-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-12-22] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-02-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-21]
 
Chrome: 
=======
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-10-27]
CHR Extension: (AVG Security Toolbar) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1526936 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [954368 2009-11-05] (Atheros Communications, Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-08-09] (Alcatel-Lucent) [File not signed]
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2967864 2015-05-15] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44856 2015-05-15] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36664 2015-05-15] (AVG Technologies)
R2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-21] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [278528 2009-11-27] () [File not signed]
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [316120 2014-08-18] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-08-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-08-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2013-08-03] (Realtek                                            ) [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2015-06-29] (SlimWare Utilities, Inc.)
R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-21] (TP-LINK TECHNOLOGIES CO., LTD)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-08-28] (TuneUp Software)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-29 03:00 - 2015-06-29 03:00 - 00034483 _____ C:\Users\Steve\Desktop\FRST.txt
2015-06-29 02:56 - 2015-06-29 02:56 - 02112512 _____ (Farbar) C:\Users\Steve\Desktop\FRST64 (3).exe
2015-06-29 02:55 - 2015-06-29 02:56 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64 (2).exe
2015-06-29 02:52 - 2015-06-29 02:52 - 00047902 _____ C:\Users\Steve\Downloads\Addition.txt
2015-06-29 02:51 - 2015-06-29 02:52 - 00075801 _____ C:\Users\Steve\Downloads\FRST.txt
2015-06-29 02:50 - 2015-06-29 02:50 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64 (1).exe
2015-06-29 02:44 - 2015-06-29 03:00 - 00000000 ____D C:\FRST
2015-06-29 02:44 - 2015-06-29 02:44 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
2015-06-29 02:08 - 2015-06-29 02:08 - 00000000 _____ C:\Windows\setuperr.log
2015-06-28 22:40 - 2015-06-29 02:10 - 00002892 _____ C:\Windows\System32\Tasks\AVG Driver Updater Startup
2015-06-28 22:40 - 2015-06-29 02:10 - 00000466 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job
2015-06-28 22:40 - 2015-06-29 02:08 - 00025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-06-28 22:40 - 2015-06-29 02:08 - 00000520 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job
2015-06-28 22:40 - 2015-06-28 22:40 - 00003390 _____ C:\Windows\System32\Tasks\AVG Driver Updater Scan
2015-06-28 22:40 - 2015-06-28 22:40 - 00002497 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Users\Steve\AppData\Local\AVG Netherlands BV
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2015-06-28 22:39 - 2015-06-28 22:39 - 01124512 _____ (SlimWare Utilities, Inc.) C:\Users\Steve\Downloads\AVG_Driver_Updater_Setup_12_1.exe
2015-06-28 22:31 - 2015-06-28 22:31 - 00073026 _____ C:\Users\Steve\Downloads\A-Plus - CPD Invoice.zip
2015-06-26 22:47 - 2015-06-26 22:47 - 00859620 _____ C:\Users\Steve\Downloads\certificate of vesting.zip
2015-06-26 22:03 - 2015-06-26 22:03 - 00183005 _____ C:\Users\Steve\Downloads\Invoices (3).zip
2015-06-26 22:01 - 2015-06-26 22:01 - 00183005 _____ C:\Users\Steve\Downloads\Invoices (2).zip
2015-06-26 18:54 - 2015-06-26 18:54 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (3).zip
2015-06-26 18:29 - 2015-06-26 18:30 - 01734516 _____ C:\Users\Steve\Downloads\CIS amendment.zip
2015-06-26 11:29 - 2015-06-26 11:29 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (2).zip
2015-06-26 11:26 - 2015-06-26 11:26 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (1).zip
2015-06-26 11:18 - 2015-06-26 11:18 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th.zip
2015-06-24 17:02 - 2015-06-24 17:02 - 00098560 _____ C:\Users\Steve\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-24 01:27 - 2015-06-28 23:52 - 00036750 _____ C:\Windows\IE11_main.log
2015-06-24 01:10 - 2015-06-29 02:08 - 00000336 _____ C:\Windows\setupact.log
2015-06-24 01:10 - 2015-06-24 01:11 - 00374832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-24 01:05 - 2015-06-24 01:09 - 00002484 _____ C:\Windows\logboot_24.06.2015.tureg.log
2015-06-23 23:24 - 2015-06-23 23:24 - 00010042 _____ C:\Users\Steve\Downloads\Your invoice.zip
2015-06-23 23:22 - 2015-06-23 23:22 - 00062435 _____ C:\Users\Steve\Downloads\Windows.zip
2015-06-23 23:09 - 2015-06-23 23:10 - 00407415 _____ C:\Users\Steve\Downloads\Invoice attached.zip
2015-06-23 12:03 - 2015-06-23 12:03 - 00009480 _____ C:\Users\Steve\Downloads\Ideas.zip
2015-06-22 19:10 - 2015-06-22 19:10 - 02022680 _____ C:\Users\Steve\Downloads\U3 toilet.zip
2015-06-22 19:08 - 2015-06-22 19:08 - 02605739 _____ C:\Users\Steve\Downloads\U4 toilet.zip
2015-06-22 16:47 - 2015-06-22 16:47 - 00869586 _____ C:\Users\Steve\Downloads\Invoice for Swift Plumbing Ltd (1).zip
2015-06-22 16:45 - 2015-06-22 16:45 - 00008741 _____ C:\Users\Steve\Downloads\Invoices (1).zip
2015-06-22 16:16 - 2015-06-22 16:16 - 00575769 _____ C:\Users\Steve\Downloads\Tony Gannon Invoice.zip
2015-06-21 23:31 - 2015-06-21 23:31 - 00000085 _____ C:\Users\Steve\Downloads\Contacts (1).vcf
2015-06-21 23:30 - 2015-06-21 23:30 - 00000085 _____ C:\Users\Steve\Downloads\Contacts.vcf
2015-06-21 21:22 - 2015-06-21 21:22 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows (2).zip
2015-06-21 18:55 - 2015-06-21 18:55 - 01623249 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (3).zip
2015-06-21 18:54 - 2015-06-21 18:54 - 01646194 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (2).zip
2015-06-21 10:38 - 2015-06-21 10:38 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows (1).zip
2015-06-20 19:57 - 2015-06-20 19:57 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (3).zip
2015-06-20 13:19 - 2015-06-20 13:20 - 00482974 _____ C:\Users\Steve\Downloads\Broken Mitre Saw - from Screwfix.zip
2015-06-20 10:22 - 2015-06-20 10:22 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (2).zip
2015-06-20 10:22 - 2015-06-20 10:22 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (1).zip
2015-06-19 20:45 - 2015-06-19 20:45 - 01599095 _____ C:\Users\Steve\Downloads\REVISED QUOTATION.zip
2015-06-19 20:40 - 2015-06-19 20:40 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows.zip
2015-06-19 20:31 - 2015-06-19 20:31 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions.zip
2015-06-19 09:05 - 2015-06-19 09:05 - 00059121 _____ C:\Users\Steve\Downloads\DDU3A Family History Invitation (1).zip
2015-06-18 22:48 - 2015-06-18 22:48 - 00010107 _____ C:\Users\Steve\Downloads\Proforma (1).zip
2015-06-18 22:47 - 2015-06-18 22:47 - 00059121 _____ C:\Users\Steve\Downloads\DDU3A Family History Invitation.zip
2015-06-18 22:45 - 2015-06-18 22:45 - 00085165 _____ C:\Users\Steve\Downloads\New Mitre Saw from Screwfix - to be added to equipment database..zip
2015-06-18 22:17 - 2015-06-18 22:17 - 01623249 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (1).zip
2015-06-18 21:56 - 2015-06-18 21:56 - 00188891 _____ C:\Users\Steve\Downloads\2 Stairs for Clifton Park Developments.zip
2015-06-18 01:48 - 2015-06-18 01:48 - 00010107 _____ C:\Users\Steve\Downloads\Proforma.zip
2015-06-18 01:27 - 2015-06-18 01:27 - 01499089 _____ C:\Users\Steve\Downloads\Apartment 9.zip
2015-06-18 01:25 - 2015-06-18 01:25 - 02090856 _____ C:\Users\Steve\Downloads\Unit 3 Kitchen Order.zip
2015-06-18 01:22 - 2015-06-18 01:22 - 00233810 _____ C:\Users\Steve\Downloads\Unit 4 Kitchen Order - Payment Due.zip
2015-06-17 10:58 - 2015-06-17 10:58 - 00000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 10:57 - 2015-06-28 23:02 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job
2015-06-17 10:57 - 2015-06-28 11:02 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job
2015-06-17 10:57 - 2015-06-17 10:57 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA
2015-06-17 10:57 - 2015-06-17 10:57 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core
2015-06-17 10:57 - 2015-06-17 10:57 - 00000000 ____D C:\Users\Steve\AppData\Local\Dropbox
2015-06-17 10:57 - 2015-06-17 10:57 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 09:49 - 2015-06-17 09:49 - 00008741 _____ C:\Users\Steve\Downloads\Invoice for Swift Plumbing Ltd.zip
2015-06-16 20:47 - 2015-06-16 20:47 - 03149767 _____ C:\Users\Steve\Downloads\Quote for unit 7 tiles.zip
2015-06-16 20:37 - 2015-06-16 20:37 - 01646194 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order..zip
2015-06-16 20:28 - 2015-06-16 20:28 - 00121375 _____ C:\Users\Steve\Downloads\Outlook.com (19).zip
2015-06-16 20:21 - 2015-06-16 20:21 - 00008741 _____ C:\Users\Steve\Downloads\Invoices.zip
2015-06-16 20:20 - 2015-06-16 20:20 - 00061296 _____ C:\Users\Steve\Downloads\Aplus Trading. Park Lea, purchase order number CPD-P1415537 (1).zip
2015-06-16 20:19 - 2015-06-16 20:19 - 00061296 _____ C:\Users\Steve\Downloads\Aplus Trading. Park Lea, purchase order number CPD-P1415537.zip
2015-06-14 23:17 - 2015-06-14 23:17 - 02918253 _____ C:\Users\Steve\Downloads\Interior CGIs Unit 8.zip
2015-06-14 22:41 - 2015-06-14 22:41 - 00027226 _____ C:\Users\Steve\Downloads\Corrections Haybrook (1).zip
2015-06-14 20:45 - 2015-06-14 20:45 - 00010991 _____ C:\Users\Steve\Downloads\Unit 8 Tile.zip
2015-06-14 20:33 - 2015-06-14 20:34 - 19238583 _____ C:\Users\Steve\Downloads\Handover documents.zip
2015-06-14 19:52 - 2015-06-14 19:52 - 00072799 _____ C:\Users\Steve\Downloads\CIS - APLUSCPD Invoice.zip
2015-06-14 19:40 - 2015-06-14 19:40 - 00112930 _____ C:\Users\Steve\Downloads\Party next saturday.zip
2015-06-14 10:19 - 2015-06-14 10:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-13 20:32 - 2015-06-13 20:32 - 00003540 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 7a1d4665b7e84b4fb9573e5743139eacf15682a1e5d24b028dbcf3d2fb6462a3
2015-06-13 20:29 - 2015-06-13 20:29 - 00637165 _____ C:\Users\Steve\Downloads\Your Nutritional Therapy Follow-Up Appointment.zip
2015-06-13 09:43 - 2015-06-29 03:00 - 01518097 _____ C:\Windows\WindowsUpdate.log
2015-06-12 16:14 - 2015-06-12 16:14 - 00619053 _____ C:\Users\Steve\Downloads\RMDH Invoice.zip
2015-06-12 16:11 - 2015-06-12 16:11 - 00002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-11 22:51 - 2015-06-11 22:51 - 00027226 _____ C:\Users\Steve\Downloads\Corrections Haybrook.zip
2015-06-11 16:35 - 2015-06-11 16:35 - 00149123 _____ C:\Users\Steve\Downloads\A-Plus Invoices Week 10 (1).zip
2015-06-11 16:09 - 2015-06-11 16:09 - 00149123 _____ C:\Users\Steve\Downloads\A-Plus Invoices Week 10.zip
2015-06-11 00:34 - 2015-06-11 00:34 - 06549184 _____ (Piriform Ltd) C:\Users\Steve\Downloads\ccsetup506.exe
2015-06-10 23:06 - 2015-06-10 23:06 - 04771266 _____ C:\Users\Steve\Downloads\Outlook.com (17).zip
2015-06-10 23:06 - 2015-06-10 23:06 - 03272482 _____ C:\Users\Steve\Downloads\Outlook.com (18).zip
2015-06-10 23:05 - 2015-06-10 23:05 - 05866464 _____ C:\Users\Steve\Downloads\Outlook.com (15).zip
2015-06-10 23:05 - 2015-06-10 23:05 - 05075530 _____ C:\Users\Steve\Downloads\Outlook.com (16).zip
2015-06-10 23:04 - 2015-06-10 23:04 - 05225862 _____ C:\Users\Steve\Downloads\Outlook.com (14).zip
2015-06-10 23:03 - 2015-06-10 23:03 - 07086600 _____ C:\Users\Steve\Downloads\Outlook.com (13).zip
2015-06-10 23:02 - 2015-06-10 23:03 - 03419974 _____ C:\Users\Steve\Downloads\Outlook.com (12).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 03916899 _____ C:\Users\Steve\Downloads\Outlook.com (11).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 03329919 _____ C:\Users\Steve\Downloads\Outlook.com (8).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 02991910 _____ C:\Users\Steve\Downloads\Outlook.com (10).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 02472954 _____ C:\Users\Steve\Downloads\Outlook.com (9).zip
2015-06-10 22:59 - 2015-06-10 22:59 - 02548168 _____ C:\Users\Steve\Downloads\Outlook.com (7).zip
2015-06-10 22:59 - 2015-06-10 22:59 - 01879871 _____ C:\Users\Steve\Downloads\Outlook.com (6).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04265706 _____ C:\Users\Steve\Downloads\Outlook.com (3).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04227735 _____ C:\Users\Steve\Downloads\Outlook.com (5).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04120169 _____ C:\Users\Steve\Downloads\Outlook.com (4).zip
2015-06-10 22:57 - 2015-06-10 22:57 - 03243751 _____ C:\Users\Steve\Downloads\Outlook.com (2).zip
2015-06-10 22:57 - 2015-06-10 22:57 - 02140011 _____ C:\Users\Steve\Downloads\Outlook.com.zip
2015-06-10 22:57 - 2015-06-10 22:57 - 02038146 _____ C:\Users\Steve\Downloads\Outlook.com (1).zip
2015-06-10 14:46 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 14:46 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 14:46 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 14:46 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 14:46 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 14:46 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 14:46 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 14:46 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 14:46 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 14:46 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 14:45 - 2015-05-25 19:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 14:45 - 2015-05-25 19:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 14:45 - 2015-05-25 19:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 14:45 - 2015-05-25 19:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 14:45 - 2015-05-25 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 14:45 - 2015-05-25 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 14:45 - 2015-05-25 19:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 14:45 - 2015-05-25 19:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 14:45 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 14:45 - 2015-05-25 18:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 14:45 - 2015-05-25 18:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 14:45 - 2015-05-25 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 14:45 - 2015-05-25 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 14:45 - 2015-05-25 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 14:45 - 2015-05-25 17:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 14:45 - 2015-05-22 19:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 14:45 - 2015-05-21 14:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 14:44 - 2015-05-25 18:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 14:44 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 14:44 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 14:44 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 11:42 - 2015-06-10 11:42 - 00340883 _____ C:\Users\Steve\Downloads\Rendering units 6 - 9 plus other CIS info (1).zip
2015-06-10 11:33 - 2015-06-10 11:33 - 00340883 _____ C:\Users\Steve\Downloads\Rendering units 6 - 9 plus other CIS info.zip
2015-06-10 11:16 - 2015-06-10 11:16 - 00581146 _____ C:\Users\Steve\Downloads\Northallerton Landscpaes Invoice.zip
2015-06-03 21:47 - 2015-06-03 21:47 - 00300916 _____ C:\Users\Steve\Downloads\Invoice (1).zip
2015-06-02 18:49 - 2015-06-02 18:49 - 00114555 _____ C:\Users\Steve\Downloads\v3.zip
2015-06-02 09:17 - 2015-06-02 09:17 - 01168671 _____ C:\Users\Steve\Downloads\Units 1 - 2.zip
2015-06-02 09:13 - 2015-06-02 09:13 - 00562125 _____ C:\Users\Steve\Downloads\Brickhunter Invoice - INV032936.zip
2015-06-02 01:33 - 2015-06-02 01:33 - 00114278 _____ C:\Users\Steve\Downloads\cash flow.zip
2015-06-01 17:19 - 2015-06-01 17:19 - 06983357 _____ C:\Users\Steve\Downloads\D&D U3A Newsletter June Issue.zip
2015-06-01 10:28 - 2015-06-01 10:28 - 00017291 _____ C:\Users\Steve\Downloads\Perfect Associates Limited Receipt #R85869.zip
2015-06-01 10:27 - 2015-06-01 10:27 - 00016146 _____ C:\Users\Steve\Downloads\Perfect Associates Limited Receipt #R85942.zip
2015-06-01 09:58 - 2015-06-01 09:58 - 00563434 _____ C:\Users\Steve\Downloads\Brickhunter Proforma Invoice - INV032878.zip
2015-05-30 00:49 - 2015-05-30 00:49 - 00011231 _____ C:\Users\Steve\Downloads\Financial update.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-06-29 02:48 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-29 02:48 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-29 02:38 - 2011-12-31 20:14 - 00000000 ____D C:\Users\Steve\AppData\Local\Spotify
2015-06-29 02:20 - 2013-08-19 16:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-29 02:15 - 2010-11-15 02:47 - 00000000 ____D C:\ProgramData\MFAData
2015-06-29 02:12 - 2014-03-05 00:19 - 00000000 ___RD C:\Users\Steve\Desktop\Dropbox
2015-06-29 02:11 - 2015-05-25 19:46 - 00001068 _____ C:\Users\Steve\Desktop\Dropbox.lnk
2015-06-29 02:08 - 2013-10-26 12:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-29 02:08 - 2010-11-15 02:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-29 02:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-28 22:41 - 2015-02-14 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-28 10:07 - 2015-05-21 09:45 - 41287224 _____ C:\Users\Steve\libcef.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 10457856 _____ C:\Users\Steve\icudtl.dat
2015-06-28 10:07 - 2015-05-21 09:45 - 07415864 _____ (Spotify Ltd) C:\Users\Steve\Spotify.exe
2015-06-28 10:07 - 2015-05-21 09:45 - 04253463 _____ C:\Users\Steve\devtools_resources.pak
2015-06-28 10:07 - 2015-05-21 09:45 - 03457592 _____ (Microsoft Corporation) C:\Users\Steve\d3dcompiler_47.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 02106424 _____ (Microsoft Corporation) C:\Users\Steve\d3dcompiler_43.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 02023480 _____ (Spotify Ltd) C:\Users\Steve\SpotifyWebHelper.exe
2015-06-28 10:07 - 2015-05-21 09:45 - 02018406 _____ C:\Users\Steve\cef.pak
2015-06-28 10:07 - 2015-05-21 09:45 - 01488440 _____ C:\Users\Steve\libGLESv2.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 00968248 _____ (The Chromium Authors) C:\Users\Steve\ffmpegsumo.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 00777272 _____ (Spotify Ltd) C:\Users\Steve\SpotifyCrashService.exe
2015-06-28 10:07 - 2015-05-21 09:45 - 00598403 _____ C:\Users\Steve\cef_200_percent.pak
2015-06-28 10:07 - 2015-05-21 09:45 - 00444515 _____ C:\Users\Steve\cef_100_percent.pak
2015-06-28 10:07 - 2015-05-21 09:45 - 00124472 _____ (Spotify Ltd) C:\Users\Steve\SpotifyLauncher.exe
2015-06-28 10:07 - 2015-05-21 09:45 - 00079928 _____ C:\Users\Steve\libEGL.dll
2015-06-28 10:07 - 2015-05-21 09:45 - 00073272 _____ C:\Users\Steve\wow_helper.exe
2015-06-28 10:07 - 2015-05-21 09:45 - 00000020 _____ C:\Users\Steve\inst_ver.dat
2015-06-28 10:07 - 2015-05-21 09:45 - 00000000 ____D C:\Users\Steve\locales
2015-06-28 10:07 - 2010-11-11 03:29 - 00000000 ____D C:\Users\Steve
2015-06-27 13:28 - 2010-11-19 03:08 - 00000000 ____D C:\Users\Steve\Documents\Steve
2015-06-24 10:20 - 2013-08-19 16:24 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 10:20 - 2013-08-19 16:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 10:20 - 2013-08-19 16:24 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 09:08 - 2014-06-18 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-06-24 08:31 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-24 01:23 - 2014-12-29 11:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 01:09 - 2009-07-14 03:34 - 93061120 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2015-06-24 01:09 - 2009-07-14 03:34 - 25165824 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2015-06-24 01:09 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\SECURITY_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 60293120 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2015-06-22 18:27 - 2013-08-19 16:56 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-21 10:50 - 2014-07-11 00:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-16 19:02 - 2009-07-14 06:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 14:20 - 2010-11-20 21:14 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-06-14 12:48 - 2014-12-15 19:13 - 00000000 ____D C:\Users\Steve\Documents\SteJan
2015-06-12 18:48 - 2010-11-15 05:20 - 00000000 ____D C:\Users\Steve\Desktop\Printer
2015-06-12 18:48 - 2010-11-15 05:15 - 00000000 ____D C:\Users\Steve\Desktop\Security
2015-06-12 18:43 - 2013-05-27 23:47 - 00000000 ____D C:\Program Files (x86)\PopularScreensavers
2015-06-12 18:29 - 2014-07-11 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-12 18:29 - 2012-04-04 09:54 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2015-06-12 16:11 - 2010-11-15 02:10 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-12 00:25 - 2014-03-15 13:19 - 00000000 ____D C:\Users\Steve\Documents\CPD Limited
2015-06-11 10:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:21 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 08:16 - 2014-12-11 09:20 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 08:16 - 2014-05-07 00:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 00:48 - 2012-01-05 22:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 00:47 - 2014-01-28 20:58 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 00:41 - 2010-11-19 03:01 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-01 10:23 - 2014-07-18 13:18 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-05-31 09:23 - 2014-03-30 15:10 - 00000000 ____D C:\Users\Steve\AppData\Local\AVG
2015-05-31 02:32 - 2014-07-18 14:40 - 00000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2015-05-30 20:15 - 2011-01-16 20:01 - 00000000 ____D C:\Users\Steve\Documents\Jan
 
==================== Files in the root of some directories =======
 
2013-05-21 12:28 - 2014-06-23 08:01 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2011-03-17 19:08 - 2014-09-28 20:43 - 0005632 _____ () C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-13 00:01 - 2013-12-13 00:01 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-22 22:57 - 2013-12-22 22:57 - 0000268 ___RH () C:\ProgramData\Configure Folder Actions
2013-12-22 23:37 - 2013-12-22 23:37 - 0000268 ___RH () C:\ProgramData\Contents
2013-12-22 22:57 - 2013-12-22 22:57 - 0000012 ___RH () C:\ProgramData\Dance
2013-12-22 23:37 - 2013-12-22 23:37 - 0000012 ___RH () C:\ProgramData\Desktop Pictures
2013-12-22 22:57 - 2013-12-22 22:57 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2013-12-22 23:37 - 2013-12-22 23:37 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
 
Files to move or delete:
====================
C:\Users\Steve\d3dcompiler_43.dll
C:\Users\Steve\d3dcompiler_47.dll
C:\Users\Steve\ffmpegsumo.dll
C:\Users\Steve\icudtl.dat
C:\Users\Steve\inst_ver.dat
C:\Users\Steve\libcef.dll
C:\Users\Steve\libEGL.dll
C:\Users\Steve\libGLESv2.dll
C:\Users\Steve\pdf.dll
C:\Users\Steve\Spotify.exe
C:\Users\Steve\SpotifyCrashService.exe
C:\Users\Steve\SpotifyLauncher.exe
C:\Users\Steve\SpotifyWebHelper.exe
C:\Users\Steve\wow_helper.exe
 
 
Some files in TEMP:
====================
C:\Users\Steve\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofjlhk.dll
C:\Users\Steve\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv_tvtp.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-06-23 13:48
 
==================== End of log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Steve at 2015-06-29 03:00:31
Running from C:\Users\Steve\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3018395322-1037248882-2513499089-500 - Administrator - Disabled)
Guest (S-1-5-21-3018395322-1037248882-2513499089-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3018395322-1037248882-2513499089-1002 - Limited - Enabled)
Steve (S-1-5-21-3018395322-1037248882-2513499089-1000 - Administrator - Enabled) => C:\Users\Steve
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version:  - )
ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6037 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6037 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\{E5D31C47-7177-443A-B65D-333F5ED6CCD0}) (Version: 2.2.0 - AVG Netherlands B.V)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.518 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.518 - AVG Technologies) Hidden
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4000.108 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BT Broadband Desktop Help (HKLM-x32\...\BT Broadband Desktop Help) (Version:  - )
BT Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
BTHomeHub (HKLM-x32\...\BTHomeHub) (Version:  - British Telecommunications Plc.)
ccc-core-static (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Dropbox (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Endless Slideshow Screensaver 1.5.1.1 (HKLM-x32\...\Endless Slideshow Screensaver_is1) (Version: 1.5.1.1 - Extreme Internet Software)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.1.1 - Nikon)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GoToAssist Corporate (x32 Version: 9.0.570 - Citrix) Hidden
HP ENVY 5530 series Basic Device Software (HKLM\...\{FE11AA0F-756F-4879-97A0-B1705E2DCABE}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
Hugin 2012.0.0 (HKLM-x32\...\Hugin) (Version: 2012.0.0 hg_a6e4184ad538 - The Hugin Development Team)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Juniper Networks Setup Client (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Juniper_Setup_Client) (Version: 2.1.1.4401 - Juniper Networks)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\MusicManager) (Version:  - Google, Inc.)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\MyFreeCodec) (Version:  - )
NETGEAR WNA1100 wireless USB 2.0 adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.5 - NETGEAR)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.3.0 - Nikon)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OmniPage SE (HKLM-x32\...\{6249C22D-E6A8-407B-BA8B-40298848ED94}) (Version: 11.00.0001 - ScanSoft, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.3 - Nikon)
Product Improvement Study for HP ENVY 5530 series (HKLM\...\{2EC3E3B8-797A-47FD-B3A2-574C96597A19}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime (HKLM-x32\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.2.0 - Nikon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Studio C++ 9.0 Runtime (HKLM-x32\...\{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}) (Version: 1.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Steve\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
19-06-2015 19:53:19 Windows Update
20-06-2015 01:04:42 Windows Update
21-06-2015 01:33:31 Windows Update
22-06-2015 00:32:08 Windows Update
23-06-2015 00:24:15 Windows Update
24-06-2015 01:26:40 Windows Update
24-06-2015 17:57:42 Windows Update
27-06-2015 03:00:21 Windows Update
27-06-2015 03:14:24 Windows Update
28-06-2015 01:52:29 Windows Update
28-06-2015 23:50:33 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2011-12-01 22:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09C8FADF-ADB2-4C50-9F97-3B0E833C2494} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3018395322-1037248882-2513499089-1000
Task: {0E295E93-52F0-4D73-9660-F0E56925EF92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {1194A9BD-1FE4-437A-A8CC-5364B36C983C} - System32\Tasks\HP AR Program Upload - 5ad05f90af99482d975554b4e48cd433731e53a33bd140ebb4f3b097926b97d1 => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {11F74092-F0DD-4BA8-A2ED-055FE3FAC803} - System32\Tasks\{C1FF2B5A-E895-4BC4-B197-29927D57341E} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6VI5PM1\NisquallyShockwave[1].exe" -d C:\Users\Steve\Desktop
Task: {14FE6FEB-25F3-4648-B890-B6B802413B14} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {3C5B4117-0AB1-44EA-8630-AC95CCF39612} - System32\Tasks\{A8AFBE14-1EAE-4A09-876B-0CC9C4AAF008} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZA719LU9\InstallJewelQuest[1].exe" -d C:\Users\Steve\Desktop
Task: {4471E923-D4CC-4852-9688-9555E4640C15} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {479146FC-8FC3-49A2-82A3-2CFCEB64A98B} - System32\Tasks\{07EBF380-4268-4AF8-9E37-7DA54A0084A1} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB6EDMHN\JuniperSetupClientInstaller[1].exe" -d C:\Users\Steve\Desktop
Task: {4844CE25-B554-4F1D-989D-671ECC95A416} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-05-15] (AVG Technologies)
Task: {4DA0A933-0C9D-45D3-AF6E-CFF6AD4C9FEF} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {56A3DF08-4198-4205-9E16-5609554CA59D} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-08-30] (PC Utility Kit) <==== ATTENTION
Task: {684187A4-6E1D-4A79-A4F2-F257369943BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {764C49C4-216C-4BFB-9840-0DE0A722D2C5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {79D76C02-E802-46BF-ACE4-F7B966C88793} - System32\Tasks\{BDC74CF0-B9DA-41D2-B52C-F368C57D88B2} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {8025715F-FA1E-4700-912A-2DA9781A095D} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {81298383-B06B-44AF-A1C0-D353D4856AAB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11] (Oracle Corporation)
Task: {869CB07A-E01C-44E3-949E-E8B36E0FB1E0} - System32\Tasks\{86CF24A2-26E0-403D-A7B5-AF7099624DA9} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {8C2C3CB9-6B08-48D9-9537-2E2FF42CA9C4} - System32\Tasks\Google Update => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {923DA2FC-D15D-4B5A-9BD3-9A7BE60BC2D4} - System32\Tasks\{94318A51-6913-4602-857E-AD9F3CF124AA} => pcalua.exe -a C:\Users\Steve\Downloads\TextTwistShockwave.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {97CE5694-17C7-420E-8B9D-78ADF3F3FA05} - System32\Tasks\{3CC836C0-FB22-460E-BA91-7B9A227739D5} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6VI5PM1\InstallZuma[1].exe" -d C:\Users\Steve\Desktop
Task: {99228A2E-CF62-4E1E-B33F-6581559617A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {9A169DAF-644D-47B3-B429-C99BF4F19D0B} - System32\Tasks\HP AR Program Upload - 7a1d4665b7e84b4fb9573e5743139eacf15682a1e5d24b028dbcf3d2fb6462a3 => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {9E1707BD-BE20-4EA4-AFE6-577E30FE3D95} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-15] (Microsoft Corporation)
Task: {9FE15508-1DA9-4DFC-8DBC-E75289901E14} - System32\Tasks\{173E5E11-B6C5-49DA-9AFA-F1C4E4A48AE8} => pcalua.exe -a C:\Users\Steve\Downloads\MFInstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A7A627B8-9614-4753-B92C-D02AD13A810D} - System32\Tasks\AVG Driver Updater Scan => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2015-05-13] (AVG Netherlands B.V)
Task: {A7EA721B-B432-4131-B2DE-517C3FEB7753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {AA4A8A79-3377-4F4C-88CF-2578A3808F97} - System32\Tasks\{A6EB591D-6014-4C7A-A0F9-D07423DA823C} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {C572437D-5ACE-4D88-891E-A1C63785DBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {CB429838-DFBE-43F7-B705-631B7BF5AFCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {CF360B8A-DC87-40B2-A5F3-7A9EF939F9A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {D1D02AD3-CD02-4FA4-BBFE-C1034492C6BC} - System32\Tasks\{C4133316-B131-42CC-88CB-EB9E3094C9C2} => pcalua.exe -a "C:\Users\Steve\Downloads\JavaSetup6u26 (1).exe" -d C:\Users\Steve\Desktop
Task: {D8CBCB07-85E7-44EC-955D-F5F030698B89} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {DCDEE55B-1977-4038-8F97-489B8E129FBF} - System32\Tasks\AVG Driver Updater Startup => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2015-05-13] (AVG Netherlands B.V)
Task: {E8B28A79-C182-40EA-B832-A7D8E5BB0B73} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EA39004A-6CAB-4401-B825-895E116059EB} - System32\Tasks\{EC9B8372-B884-4129-9C46-40713E3BE88F} => pcalua.exe -a C:\Users\Steve\Downloads\InstallJewelQuest.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F886D68C-8981-46F6-A560-AA390733A8A4} - System32\Tasks\{8A765C74-CB26-4486-BA6C-D87B4D228AAF} => pcalua.exe -a C:\Users\Steve\Downloads\InstallJewelQuest(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-07-25 15:26 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 14:57 - 2015-05-15 14:57 - 00718136 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2010-11-15 00:28 - 2009-11-27 13:04 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2015-05-21 00:14 - 2015-05-21 00:13 - 00166848 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2013-02-04 17:36 - 2014-08-18 17:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2015-05-15 14:58 - 2015-05-15 14:58 - 00862008 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2010-11-15 00:28 - 2009-12-10 12:13 - 04562944 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2013-02-04 17:36 - 2014-12-11 18:48 - 08397536 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2012-11-28 00:15 - 2015-05-21 00:13 - 02510784 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2010-11-15 00:28 - 2009-11-20 15:59 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2015-05-21 00:14 - 2015-05-21 00:13 - 00526784 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2013-02-04 17:36 - 2015-03-05 18:22 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00117248 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00234496 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00253440 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00344064 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 40506936 _____ () C:\Users\Steve\Application Data\Spotify\libcef.dll
2010-11-15 00:28 - 2009-08-28 17:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2013-02-04 17:36 - 2014-07-22 10:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2015-06-29 02:10 - 2015-06-29 02:10 - 00043008 _____ () c:\users\steve\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv_tvtp.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00750080 _____ () C:\Users\Steve\Application Data\Dropbox\bin\libGLESv2.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00047616 _____ () C:\Users\Steve\Application Data\Dropbox\bin\libEGL.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00865280 _____ () C:\Users\Steve\Application Data\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00200704 _____ () C:\Users\Steve\Application Data\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00726016 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-12-08 22:15 - 2014-08-26 11:42 - 01654296 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 01365560 _____ () C:\Users\Steve\Application Data\Spotify\libglesv2.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 00219192 _____ () C:\Users\Steve\Application Data\Spotify\libegl.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 00990776 _____ () C:\Users\Steve\Application Data\Spotify\ffmpegsumo.dll
2015-06-22 18:27 - 2015-06-20 06:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-22 18:27 - 2015-06-20 06:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2015-06-22 18:27 - 2015-06-20 06:46 - 15003976 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\hsbc.co.uk -> hxxps://hive2.hsbc.co.uk
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\Application Data\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Spotify => "C:\Users\Steve\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Steve\Application Data\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{91AD6337-FFE1-453F-91C4-7E4C7FE7373A}C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe] => (Allow) C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe
FirewallRules: [UDP Query User{FC1B6C47-D400-471A-B804-A5E62577D864}C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe] => (Allow) C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe
FirewallRules: [{3EDFC0CD-C07C-49B2-948A-2E353340D661}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7474C1A3-C8C1-42F7-9407-4A7945600D3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9E970C84-1D10-42C3-B899-7278219AEFF6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23F3EB84-7969-4D6F-BD1D-347300F637BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{39FD02C8-B950-4DF5-92EE-9456D2444BE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{A4FC7EF2-5228-48E8-A709-949FD6F0C535}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe
FirewallRules: [{6635F789-9AD9-4B56-913F-7670F0D9C22E}] => (Allow) LPort=5357
FirewallRules: [{4007F9BD-04FD-4FC9-BE70-4F122640BFE4}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7262F928-74CE-427C-8178-69A7F778DCFB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F3E8EBA-FF62-4723-8720-4D0EF3C72B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28B8E2FA-82E6-49F6-8B90-18BDB8C12F42}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{E3D9FDD6-BBD9-42AB-9642-E5FA4D54C83A}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C988F351-B578-4DCD-B2A9-CC34725A972C}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0DA273C3-1649-4F91-BE4D-9C0074177D20}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{29A3D881-7037-4CD1-8736-DD78395B516F}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0F936B25-8D19-4990-A7D4-0544350748C2}] => (Allow) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B467CBA1-DADC-4BD8-82DD-F0CF5AA66623}] => (Allow) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{53CFEF8D-2A68-4B90-83FB-FB7B8CF3D43D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{63E7C95F-988A-4041-8084-A5920DB9B2CA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E2963765-320E-4974-9C82-F29D37251761}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{97C6D392-BE40-4D6D-BF61-2E41CA3B485A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F1E6036B-D67E-407B-9A17-0BF35650C492}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D89696A1-42CC-4397-A99F-CE66A4B9665B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8F65CDB1-43FB-4142-B9DD-2D038883682B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/28/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
 
System errors:
=============
Error: (06/28/2015 11:52:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (06/28/2015 01:54:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (06/27/2015 09:00:20 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (06/27/2015 09:00:16 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (06/27/2015 03:16:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (06/27/2015 03:08:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (06/26/2015 11:16:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (06/24/2015 05:59:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (06/24/2015 05:57:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {2EAD57C2-492A-4713-A340-8272B88BFF1B}
 
Error: (06/24/2015 08:38:46 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office:
=========================
Error: (06/28/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
4700
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-27 08:57:21.997
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-27 08:57:21.856
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-26 11:26:50.735
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-26 11:26:50.624
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-26 11:26:50.477
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-20 10:19:06.575
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-20 10:19:06.475
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-20 10:19:06.320
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-20 10:19:06.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-12 16:31:32.796
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 66%
Total physical RAM: 4087.05 MB
Available physical RAM: 1367.55 MB
Total Pagefile: 8172.32 MB
Available Pagefile: 4920.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:845.58 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B14AE6DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of log ============================
 
 
 

 


  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi sorry for the delay, if you still require help could I see a fresh FRST scan please
  • 0

#3
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

yes please. I still need some help. New FRST reports below

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by Steve (administrator) on STEVE-PC on 05-07-2015 19:27:17
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(AVG Netherlands B.V) C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Alcatel-Lucent) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Alcatel-Lucent) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe
(Google Inc.) C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
(Spotify Ltd) C:\Users\Steve\SpotifyWebHelper.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(ScanSoft, Inc) C:\Program Files (x86)\ScanSoft\OmniPageSE\opware32.exe
() C:\Program Files (x86)\AVG Secure Search\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Nikon Corporation) C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe
(Dropbox, Inc.) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Steve\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Farbar) C:\Users\Steve\Desktop\FRST64 (3).exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [btbb_McciTrayApp] => C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe [3451904 2010-08-12] (Alcatel-Lucent)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM-x32\...\Run: [Omnipage] => C:\Program Files (x86)\ScanSoft\OmniPageSE\opware32.exe [49152 2002-06-03] (ScanSoft, Inc)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2510784 2015-05-21] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3727824 2015-06-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Nikon Transfer Monitor] => C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe [485208 2008-09-30] (Nikon Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/w...VFVHKzMtU1AxUzI(the data entry has 145 more characters).
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-15] (Google Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144 2013-02-13] (Samsung)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [MusicManager] => C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7646208 2015-05-29] (Google Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Spotify Web Helper] => C:\Users\Steve\SpotifyWebHelper.exe [2030648 2015-07-04] (Spotify Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [HP ENVY 5530 series (NET)] => C:\Program Files\HP\HP ENVY 5530 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Spotify] => C:\Users\Steve\Application Data\Spotify\Spotify.exe [7112248 2015-04-03] (Spotify Ltd)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Run: [Dropbox Update] => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Smart Wizard.lnk [2010-11-15]
ShortcutTarget: NETGEAR WNA1100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk [2013-02-04]
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-25]
ShortcutTarget: Dropbox.lnk -> C:\Users\Steve\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.c...pr&d=2012-11-2723:15:06&v=18.5.0.909&pid=avg&sg=0&sap=hp
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {86F2012D-EE91-41DA-A7E4-EF637CFCFA3B} URL = http://search.avg.co...}&ychte=us&nt=1
SearchScopes: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.c...pr&d=2012-11-2723:15:06&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20] (Yahoo! Inc.)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-21] (AVG Secure Search)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-20] (Yahoo! Inc)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKLM-x32 - BT Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-20] (Yahoo! Inc.)
Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-21] (AVG Secure Search)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-12] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://hive1.hsbc.c...SetupClient.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-21] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{298CEDCD-E2B7-4EAE-81AA-AF25C09AD2E4}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{69E4A76E-7B6A-49B5-BCD0-937BB741108E}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}: [DhcpNameServer] 192.168.1.254 192.168.1.254
Tcpip\..\Interfaces\{E66F522E-1D79-49F3-B2B4-18335DB0210C}: [DhcpNameServer] 192.168.1.254 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-15] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-11-15] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2010-08-12] (Motive, Inc.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3018395322-1037248882-2513499089-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-3018395322-1037248882-2513499089-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-21] (Google Inc.)
FF user.js: detected! => C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\user.js [2013-08-28]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-12-22] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-12-22] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-02-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-21]
 
Chrome: 
=======
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Skype Click to Call) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-10-27]
CHR Extension: (AVG Security Toolbar) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1526936 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3461072 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [312816 2015-06-16] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe [954368 2009-11-05] (Atheros Communications, Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [319488 2010-08-09] (Alcatel-Lucent) [File not signed]
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [703984 2014-09-22] (SEIKO EPSON CORPORATION)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2970424 2015-06-29] (AVG Technologies)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44856 2015-06-29] (AVG Technologies)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36664 2015-06-29] (AVG Technologies)
R2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-21] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [278528 2009-11-27] () [File not signed]
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [316120 2014-08-18] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [67552 2015-04-14] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [287200 2015-05-19] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [224224 2015-05-12] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [77040 2012-11-08] (Fresco Logic)
S3 irsir; C:\Windows\System32\DRIVERS\irsir.sys [27648 2008-01-19] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-08-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-08-12] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2013-08-03] (Realtek                                            ) [File not signed]
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2015-07-05] (SlimWare Utilities, Inc.)
R3 tpg64win7; C:\Windows\System32\DRIVERS\tpg64win7.sys [648808 2012-02-21] (TP-LINK TECHNOLOGIES CO., LTD)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-03 08:31 - 2015-07-03 08:31 - 00000354 _____ C:\Windows\PFRO.log
2015-07-01 06:55 - 2015-07-05 09:37 - 00000280 _____ C:\Windows\setupact.log
2015-07-01 06:55 - 2015-07-01 06:55 - 00374832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-01 06:55 - 2015-07-01 06:55 - 00000000 _____ C:\Windows\setuperr.log
2015-07-01 02:35 - 2015-07-05 01:53 - 00030625 _____ C:\Windows\IE11_main.log
2015-07-01 02:18 - 2015-07-01 02:18 - 00098560 _____ C:\Users\Steve\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-30 10:23 - 2015-07-03 17:55 - 00000000 ____D C:\Users\Steve\New folder
2015-06-29 03:28 - 2015-07-05 19:24 - 00000000 ____D C:\Users\Steve\Documents\Computer
2015-06-29 03:00 - 2015-07-05 19:27 - 00034054 _____ C:\Users\Steve\Desktop\FRST.txt
2015-06-29 03:00 - 2015-06-29 03:01 - 00047900 _____ C:\Users\Steve\Desktop\Addition.txt
2015-06-29 02:56 - 2015-06-29 02:56 - 02112512 _____ (Farbar) C:\Users\Steve\Desktop\FRST64 (3).exe
2015-06-29 02:55 - 2015-06-29 02:56 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64 (2).exe
2015-06-29 02:52 - 2015-06-29 02:52 - 00047902 _____ C:\Users\Steve\Downloads\Addition.txt
2015-06-29 02:51 - 2015-06-29 02:52 - 00075801 _____ C:\Users\Steve\Downloads\FRST.txt
2015-06-29 02:50 - 2015-06-29 02:50 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64 (1).exe
2015-06-29 02:44 - 2015-07-05 19:27 - 00000000 ____D C:\FRST
2015-06-29 02:44 - 2015-06-29 02:44 - 02112512 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
2015-06-28 22:40 - 2015-07-05 09:39 - 00002892 _____ C:\Windows\System32\Tasks\AVG Driver Updater Startup
2015-06-28 22:40 - 2015-07-05 09:39 - 00000466 _____ C:\Windows\Tasks\AVG Driver Updater Startup.job
2015-06-28 22:40 - 2015-07-05 09:38 - 00025608 _____ (SlimWare Utilities, Inc.) C:\Windows\system32\Drivers\SWDUMon.sys
2015-06-28 22:40 - 2015-06-29 02:08 - 00000520 _____ C:\Windows\Tasks\AVG Driver Updater Scan.job
2015-06-28 22:40 - 2015-06-28 22:40 - 00003390 _____ C:\Windows\System32\Tasks\AVG Driver Updater Scan
2015-06-28 22:40 - 2015-06-28 22:40 - 00002497 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Users\Steve\AppData\Local\AVG Netherlands BV
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Driver Updater
2015-06-28 22:40 - 2015-06-28 22:40 - 00000000 ____D C:\Program Files (x86)\AVG Driver Updater
2015-06-28 22:39 - 2015-06-28 22:39 - 01124512 _____ (SlimWare Utilities, Inc.) C:\Users\Steve\Downloads\AVG_Driver_Updater_Setup_12_1.exe
2015-06-28 22:31 - 2015-06-28 22:31 - 00073026 _____ C:\Users\Steve\Downloads\A-Plus - CPD Invoice.zip
2015-06-26 22:47 - 2015-06-26 22:47 - 00859620 _____ C:\Users\Steve\Downloads\certificate of vesting.zip
2015-06-26 22:03 - 2015-06-26 22:03 - 00183005 _____ C:\Users\Steve\Downloads\Invoices (3).zip
2015-06-26 22:01 - 2015-06-26 22:01 - 00183005 _____ C:\Users\Steve\Downloads\Invoices (2).zip
2015-06-26 18:54 - 2015-06-26 18:54 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (3).zip
2015-06-26 18:29 - 2015-06-26 18:30 - 01734516 _____ C:\Users\Steve\Downloads\CIS amendment.zip
2015-06-26 11:29 - 2015-06-26 11:29 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (2).zip
2015-06-26 11:26 - 2015-06-26 11:26 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th (1).zip
2015-06-26 11:18 - 2015-06-26 11:18 - 00151399 _____ C:\Users\Steve\Downloads\Re week 12 A Plus invs....sorry about intermittent contact...im on my phone in MCR. I would suggest we forget mark and swift and craig for this payroll as my chasing has been unproductive. Hope th.zip
2015-06-23 23:24 - 2015-06-23 23:24 - 00010042 _____ C:\Users\Steve\Downloads\Your invoice.zip
2015-06-23 23:22 - 2015-06-23 23:22 - 00062435 _____ C:\Users\Steve\Downloads\Windows.zip
2015-06-23 23:09 - 2015-06-23 23:10 - 00407415 _____ C:\Users\Steve\Downloads\Invoice attached.zip
2015-06-23 12:03 - 2015-06-23 12:03 - 00009480 _____ C:\Users\Steve\Downloads\Ideas.zip
2015-06-22 19:10 - 2015-06-22 19:10 - 02022680 _____ C:\Users\Steve\Downloads\U3 toilet.zip
2015-06-22 19:08 - 2015-06-22 19:08 - 02605739 _____ C:\Users\Steve\Downloads\U4 toilet.zip
2015-06-22 16:47 - 2015-06-22 16:47 - 00869586 _____ C:\Users\Steve\Downloads\Invoice for Swift Plumbing Ltd (1).zip
2015-06-22 16:45 - 2015-06-22 16:45 - 00008741 _____ C:\Users\Steve\Downloads\Invoices (1).zip
2015-06-22 16:16 - 2015-06-22 16:16 - 00575769 _____ C:\Users\Steve\Downloads\Tony Gannon Invoice.zip
2015-06-21 23:31 - 2015-06-21 23:31 - 00000085 _____ C:\Users\Steve\Downloads\Contacts (1).vcf
2015-06-21 23:30 - 2015-06-21 23:30 - 00000085 _____ C:\Users\Steve\Downloads\Contacts.vcf
2015-06-21 21:22 - 2015-06-21 21:22 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows (2).zip
2015-06-21 18:55 - 2015-06-21 18:55 - 01623249 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (3).zip
2015-06-21 18:54 - 2015-06-21 18:54 - 01646194 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (2).zip
2015-06-21 10:38 - 2015-06-21 10:38 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows (1).zip
2015-06-20 19:57 - 2015-06-20 19:57 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (3).zip
2015-06-20 13:19 - 2015-06-20 13:20 - 00482974 _____ C:\Users\Steve\Downloads\Broken Mitre Saw - from Screwfix.zip
2015-06-20 10:22 - 2015-06-20 10:22 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (2).zip
2015-06-20 10:22 - 2015-06-20 10:22 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions (1).zip
2015-06-19 20:45 - 2015-06-19 20:45 - 01599095 _____ C:\Users\Steve\Downloads\REVISED QUOTATION.zip
2015-06-19 20:40 - 2015-06-19 20:40 - 00724633 _____ C:\Users\Steve\Downloads\Payments for windows.zip
2015-06-19 20:31 - 2015-06-19 20:31 - 00025708 _____ C:\Users\Steve\Downloads\Unit Descriptions.zip
2015-06-19 09:05 - 2015-06-19 09:05 - 00059121 _____ C:\Users\Steve\Downloads\DDU3A Family History Invitation (1).zip
2015-06-18 22:48 - 2015-06-18 22:48 - 00010107 _____ C:\Users\Steve\Downloads\Proforma (1).zip
2015-06-18 22:47 - 2015-06-18 22:47 - 00059121 _____ C:\Users\Steve\Downloads\DDU3A Family History Invitation.zip
2015-06-18 22:45 - 2015-06-18 22:45 - 00085165 _____ C:\Users\Steve\Downloads\New Mitre Saw from Screwfix - to be added to equipment database..zip
2015-06-18 22:17 - 2015-06-18 22:17 - 01623249 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order. (1).zip
2015-06-18 21:56 - 2015-06-18 21:56 - 00188891 _____ C:\Users\Steve\Downloads\2 Stairs for Clifton Park Developments.zip
2015-06-18 01:48 - 2015-06-18 01:48 - 00010107 _____ C:\Users\Steve\Downloads\Proforma.zip
2015-06-18 01:27 - 2015-06-18 01:27 - 01499089 _____ C:\Users\Steve\Downloads\Apartment 9.zip
2015-06-18 01:25 - 2015-06-18 01:25 - 02090856 _____ C:\Users\Steve\Downloads\Unit 3 Kitchen Order.zip
2015-06-18 01:22 - 2015-06-18 01:22 - 00233810 _____ C:\Users\Steve\Downloads\Unit 4 Kitchen Order - Payment Due.zip
2015-06-17 10:58 - 2015-06-17 10:58 - 00000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-17 10:57 - 2015-07-05 19:02 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job
2015-06-17 10:57 - 2015-07-05 11:02 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job
2015-06-17 10:57 - 2015-06-17 10:57 - 00003888 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA
2015-06-17 10:57 - 2015-06-17 10:57 - 00003492 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core
2015-06-17 10:57 - 2015-06-17 10:57 - 00000000 ____D C:\Users\Steve\AppData\Local\Dropbox
2015-06-17 10:57 - 2015-06-17 10:57 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 09:49 - 2015-06-17 09:49 - 00008741 _____ C:\Users\Steve\Downloads\Invoice for Swift Plumbing Ltd.zip
2015-06-16 20:47 - 2015-06-16 20:47 - 03149767 _____ C:\Users\Steve\Downloads\Quote for unit 7 tiles.zip
2015-06-16 20:37 - 2015-06-16 20:37 - 01646194 _____ C:\Users\Steve\Downloads\CILLS FOR PARK LEA & new order..zip
2015-06-16 20:28 - 2015-06-16 20:28 - 00121375 _____ C:\Users\Steve\Downloads\Outlook.com (19).zip
2015-06-16 20:21 - 2015-06-16 20:21 - 00008741 _____ C:\Users\Steve\Downloads\Invoices.zip
2015-06-16 20:20 - 2015-06-16 20:20 - 00061296 _____ C:\Users\Steve\Downloads\Aplus Trading. Park Lea, purchase order number CPD-P1415537 (1).zip
2015-06-16 20:19 - 2015-06-16 20:19 - 00061296 _____ C:\Users\Steve\Downloads\Aplus Trading. Park Lea, purchase order number CPD-P1415537.zip
2015-06-14 23:17 - 2015-06-14 23:17 - 02918253 _____ C:\Users\Steve\Downloads\Interior CGIs Unit 8.zip
2015-06-14 22:41 - 2015-06-14 22:41 - 00027226 _____ C:\Users\Steve\Downloads\Corrections Haybrook (1).zip
2015-06-14 20:45 - 2015-06-14 20:45 - 00010991 _____ C:\Users\Steve\Downloads\Unit 8 Tile.zip
2015-06-14 20:33 - 2015-06-14 20:34 - 19238583 _____ C:\Users\Steve\Downloads\Handover documents.zip
2015-06-14 19:52 - 2015-06-14 19:52 - 00072799 _____ C:\Users\Steve\Downloads\CIS - APLUSCPD Invoice.zip
2015-06-14 19:40 - 2015-06-14 19:40 - 00112930 _____ C:\Users\Steve\Downloads\Party next saturday.zip
2015-06-14 10:19 - 2015-06-14 10:19 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-13 20:32 - 2015-06-13 20:32 - 00003540 _____ C:\Windows\System32\Tasks\HP AR Program Upload - 7a1d4665b7e84b4fb9573e5743139eacf15682a1e5d24b028dbcf3d2fb6462a3
2015-06-13 20:29 - 2015-06-13 20:29 - 00637165 _____ C:\Users\Steve\Downloads\Your Nutritional Therapy Follow-Up Appointment.zip
2015-06-13 09:43 - 2015-07-05 11:17 - 02059551 _____ C:\Windows\WindowsUpdate.log
2015-06-12 16:14 - 2015-06-12 16:14 - 00619053 _____ C:\Users\Steve\Downloads\RMDH Invoice.zip
2015-06-12 16:11 - 2015-06-12 16:11 - 00002116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-11 22:51 - 2015-06-11 22:51 - 00027226 _____ C:\Users\Steve\Downloads\Corrections Haybrook.zip
2015-06-11 16:35 - 2015-06-11 16:35 - 00149123 _____ C:\Users\Steve\Downloads\A-Plus Invoices Week 10 (1).zip
2015-06-11 16:09 - 2015-06-11 16:09 - 00149123 _____ C:\Users\Steve\Downloads\A-Plus Invoices Week 10.zip
2015-06-11 00:34 - 2015-06-11 00:34 - 06549184 _____ (Piriform Ltd) C:\Users\Steve\Downloads\ccsetup506.exe
2015-06-10 23:06 - 2015-06-10 23:06 - 04771266 _____ C:\Users\Steve\Downloads\Outlook.com (17).zip
2015-06-10 23:06 - 2015-06-10 23:06 - 03272482 _____ C:\Users\Steve\Downloads\Outlook.com (18).zip
2015-06-10 23:05 - 2015-06-10 23:05 - 05866464 _____ C:\Users\Steve\Downloads\Outlook.com (15).zip
2015-06-10 23:05 - 2015-06-10 23:05 - 05075530 _____ C:\Users\Steve\Downloads\Outlook.com (16).zip
2015-06-10 23:04 - 2015-06-10 23:04 - 05225862 _____ C:\Users\Steve\Downloads\Outlook.com (14).zip
2015-06-10 23:03 - 2015-06-10 23:03 - 07086600 _____ C:\Users\Steve\Downloads\Outlook.com (13).zip
2015-06-10 23:02 - 2015-06-10 23:03 - 03419974 _____ C:\Users\Steve\Downloads\Outlook.com (12).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 03916899 _____ C:\Users\Steve\Downloads\Outlook.com (11).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 03329919 _____ C:\Users\Steve\Downloads\Outlook.com (8).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 02991910 _____ C:\Users\Steve\Downloads\Outlook.com (10).zip
2015-06-10 23:02 - 2015-06-10 23:02 - 02472954 _____ C:\Users\Steve\Downloads\Outlook.com (9).zip
2015-06-10 22:59 - 2015-06-10 22:59 - 02548168 _____ C:\Users\Steve\Downloads\Outlook.com (7).zip
2015-06-10 22:59 - 2015-06-10 22:59 - 01879871 _____ C:\Users\Steve\Downloads\Outlook.com (6).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04265706 _____ C:\Users\Steve\Downloads\Outlook.com (3).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04227735 _____ C:\Users\Steve\Downloads\Outlook.com (5).zip
2015-06-10 22:58 - 2015-06-10 22:58 - 04120169 _____ C:\Users\Steve\Downloads\Outlook.com (4).zip
2015-06-10 22:57 - 2015-06-10 22:57 - 03243751 _____ C:\Users\Steve\Downloads\Outlook.com (2).zip
2015-06-10 22:57 - 2015-06-10 22:57 - 02140011 _____ C:\Users\Steve\Downloads\Outlook.com.zip
2015-06-10 22:57 - 2015-06-10 22:57 - 02038146 _____ C:\Users\Steve\Downloads\Outlook.com (1).zip
2015-06-10 14:46 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 14:46 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 14:46 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 14:46 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 14:46 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 14:46 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 14:46 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 14:46 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 14:46 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 14:46 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 14:45 - 2015-05-25 19:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 14:45 - 2015-05-25 19:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 14:45 - 2015-05-25 19:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 14:45 - 2015-05-25 19:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 14:45 - 2015-05-25 19:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 14:45 - 2015-05-25 19:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 14:45 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 14:45 - 2015-05-25 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 14:45 - 2015-05-25 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 19:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 14:45 - 2015-05-25 19:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 14:45 - 2015-05-25 19:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 14:45 - 2015-05-25 19:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 14:45 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 14:45 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 14:45 - 2015-05-25 18:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 14:45 - 2015-05-25 18:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 14:45 - 2015-05-25 18:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 14:45 - 2015-05-25 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 18:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 14:45 - 2015-05-25 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 14:45 - 2015-05-25 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 14:45 - 2015-05-25 17:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 14:45 - 2015-05-25 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 14:45 - 2015-05-22 19:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 14:45 - 2015-05-22 19:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 14:45 - 2015-05-21 14:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 14:44 - 2015-05-25 18:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 14:44 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 14:44 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 14:44 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 11:42 - 2015-06-10 11:42 - 00340883 _____ C:\Users\Steve\Downloads\Rendering units 6 - 9 plus other CIS info (1).zip
2015-06-10 11:33 - 2015-06-10 11:33 - 00340883 _____ C:\Users\Steve\Downloads\Rendering units 6 - 9 plus other CIS info.zip
2015-06-10 11:16 - 2015-06-10 11:16 - 00581146 _____ C:\Users\Steve\Downloads\Northallerton Landscpaes Invoice.zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-05 19:20 - 2013-08-19 16:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-05 18:38 - 2010-11-15 02:47 - 00000000 ____D C:\ProgramData\MFAData
2015-07-05 10:02 - 2011-12-31 20:14 - 00000000 ____D C:\Users\Steve\AppData\Local\Spotify
2015-07-05 09:48 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-05 09:48 - 2009-07-14 05:45 - 00023568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-05 09:40 - 2015-05-25 19:46 - 00001068 _____ C:\Users\Steve\Desktop\Dropbox.lnk
2015-07-05 09:40 - 2014-03-05 00:19 - 00000000 ___RD C:\Users\Steve\Desktop\Dropbox
2015-07-05 09:37 - 2013-10-26 12:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-05 09:37 - 2010-11-15 02:10 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-05 09:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-04 09:01 - 2015-05-21 09:45 - 41287224 _____ C:\Users\Steve\libcef.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 10457856 _____ C:\Users\Steve\icudtl.dat
2015-07-04 09:01 - 2015-05-21 09:45 - 07504952 _____ (Spotify Ltd) C:\Users\Steve\Spotify.exe
2015-07-04 09:01 - 2015-05-21 09:45 - 04253463 _____ C:\Users\Steve\devtools_resources.pak
2015-07-04 09:01 - 2015-05-21 09:45 - 03457592 _____ (Microsoft Corporation) C:\Users\Steve\d3dcompiler_47.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 02106424 _____ (Microsoft Corporation) C:\Users\Steve\d3dcompiler_43.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 02030648 _____ (Spotify Ltd) C:\Users\Steve\SpotifyWebHelper.exe
2015-07-04 09:01 - 2015-05-21 09:45 - 02018406 _____ C:\Users\Steve\cef.pak
2015-07-04 09:01 - 2015-05-21 09:45 - 01488440 _____ C:\Users\Steve\libGLESv2.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 00968248 _____ (The Chromium Authors) C:\Users\Steve\ffmpegsumo.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 00778296 _____ (Spotify Ltd) C:\Users\Steve\SpotifyCrashService.exe
2015-07-04 09:01 - 2015-05-21 09:45 - 00598403 _____ C:\Users\Steve\cef_200_percent.pak
2015-07-04 09:01 - 2015-05-21 09:45 - 00444515 _____ C:\Users\Steve\cef_100_percent.pak
2015-07-04 09:01 - 2015-05-21 09:45 - 00124472 _____ (Spotify Ltd) C:\Users\Steve\SpotifyLauncher.exe
2015-07-04 09:01 - 2015-05-21 09:45 - 00079928 _____ C:\Users\Steve\libEGL.dll
2015-07-04 09:01 - 2015-05-21 09:45 - 00073272 _____ C:\Users\Steve\wow_helper.exe
2015-07-04 09:01 - 2015-05-21 09:45 - 00000020 _____ C:\Users\Steve\inst_ver.dat
2015-07-04 09:01 - 2015-05-21 09:45 - 00000000 ____D C:\Users\Steve\locales
2015-07-04 09:01 - 2010-11-11 03:29 - 00000000 ____D C:\Users\Steve
2015-07-01 01:02 - 2010-11-19 03:08 - 00000000 ____D C:\Users\Steve\Documents\Steve
2015-07-01 00:04 - 2014-03-15 13:19 - 00000000 ____D C:\Users\Steve\Documents\CPD Limited
2015-06-30 14:36 - 2014-05-20 11:01 - 00000000 ____D C:\Users\Steve\Documents\Energy
2015-06-30 09:56 - 2011-01-16 20:01 - 00000000 ____D C:\Users\Steve\Documents\Jan
2015-06-29 15:24 - 2014-12-15 19:13 - 00000000 ____D C:\Users\Steve\Documents\SteJan
2015-06-29 09:24 - 2014-10-02 23:26 - 00041784 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe
2015-06-29 09:23 - 2014-11-05 16:11 - 00044856 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll
2015-06-29 09:23 - 2014-11-05 16:11 - 00036664 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll
2015-06-29 09:23 - 2014-10-02 23:26 - 00030520 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll
2015-06-29 09:23 - 2014-10-02 23:26 - 00025912 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll
2015-06-28 22:41 - 2015-02-14 23:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-24 10:20 - 2013-08-19 16:24 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 10:20 - 2013-08-19 16:24 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 10:20 - 2013-08-19 16:24 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 09:08 - 2014-06-18 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-06-24 08:31 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-24 01:23 - 2014-12-29 11:00 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-24 01:09 - 2009-07-14 03:34 - 93061120 _____ C:\Windows\system32\config\SOFTWARE_tureg_old
2015-06-24 01:09 - 2009-07-14 03:34 - 25165824 _____ C:\Windows\system32\config\SYSTEM_tureg_old
2015-06-24 01:09 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\SECURITY_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 60293120 _____ C:\Windows\system32\config\COMPONENTS_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT_tureg_old
2015-06-24 01:04 - 2009-07-14 03:34 - 00024576 _____ C:\Windows\system32\config\SAM_tureg_old
2015-06-22 18:27 - 2013-08-19 16:56 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-21 10:50 - 2014-07-11 00:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-16 19:02 - 2009-07-14 06:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-16 14:20 - 2010-11-20 21:14 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-06-12 18:48 - 2010-11-15 05:20 - 00000000 ____D C:\Users\Steve\Desktop\Printer
2015-06-12 18:48 - 2010-11-15 05:15 - 00000000 ____D C:\Users\Steve\Desktop\Security
2015-06-12 18:43 - 2013-05-27 23:47 - 00000000 ____D C:\Program Files (x86)\PopularScreensavers
2015-06-12 18:29 - 2014-07-11 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-12 18:29 - 2012-04-04 09:54 - 00000000 ____D C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
2015-06-12 16:11 - 2010-11-15 02:10 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 10:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:21 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 08:16 - 2014-12-11 09:20 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 08:16 - 2014-05-07 00:11 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 00:48 - 2012-01-05 22:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 00:47 - 2014-01-28 20:58 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 00:41 - 2010-11-19 03:01 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Files in the root of some directories =======
 
2013-05-21 12:28 - 2014-06-23 08:01 - 0003728 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2011-03-17 19:08 - 2014-09-28 20:43 - 0005632 _____ () C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-12-13 00:01 - 2013-12-13 00:01 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-12-22 22:57 - 2013-12-22 22:57 - 0000268 ___RH () C:\ProgramData\Configure Folder Actions
2013-12-22 23:37 - 2013-12-22 23:37 - 0000268 ___RH () C:\ProgramData\Contents
2013-12-22 22:57 - 2013-12-22 22:57 - 0000012 ___RH () C:\ProgramData\Dance
2013-12-22 23:37 - 2013-12-22 23:37 - 0000012 ___RH () C:\ProgramData\Desktop Pictures
2013-12-22 22:57 - 2013-12-22 22:57 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT
2013-12-22 23:37 - 2013-12-22 23:37 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT
 
Files to move or delete:
====================
C:\Users\Steve\d3dcompiler_43.dll
C:\Users\Steve\d3dcompiler_47.dll
C:\Users\Steve\ffmpegsumo.dll
C:\Users\Steve\icudtl.dat
C:\Users\Steve\inst_ver.dat
C:\Users\Steve\libcef.dll
C:\Users\Steve\libEGL.dll
C:\Users\Steve\libGLESv2.dll
C:\Users\Steve\pdf.dll
C:\Users\Steve\Spotify.exe
C:\Users\Steve\SpotifyCrashService.exe
C:\Users\Steve\SpotifyLauncher.exe
C:\Users\Steve\SpotifyWebHelper.exe
C:\Users\Steve\wow_helper.exe
 
 
Some files in TEMP:
====================
C:\Users\Steve\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb1da43.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-03 00:54
 
==================== End of log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Steve at 2015-07-05 19:28:09
Running from C:\Users\Steve\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3018395322-1037248882-2513499089-500 - Administrator - Disabled)
Guest (S-1-5-21-3018395322-1037248882-2513499089-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3018395322-1037248882-2513499089-1002 - Limited - Enabled)
Steve (S-1-5-21-3018395322-1037248882-2513499089-1000 - Administrator - Enabled) => C:\Users\Steve
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version:  - ArcSoft)
ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version:  - )
ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6037 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6037 - AVG Technologies) Hidden
AVG Driver Updater (HKLM-x32\...\{E5D31C47-7177-443A-B65D-333F5ED6CCD0}) (Version: 2.2.0 - AVG Netherlands B.V)
AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.604 - AVG Technologies) Hidden
AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.604 - AVG Technologies)
AVG PC TuneUp 2015 (x32 Version: 15.0.1001.604 - AVG Technologies) Hidden
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4000.108 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BT Broadband Desktop Help (HKLM-x32\...\BT Broadband Desktop Help) (Version:  - )
BT Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - )
BTHomeHub (HKLM-x32\...\BTHomeHub) (Version:  - British Telecommunications Plc.)
ccc-core-static (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
Dropbox (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Endless Slideshow Screensaver 1.5.1.1 (HKLM-x32\...\Endless Slideshow Screensaver_is1) (Version: 1.5.1.1 - Extreme Internet Software)
EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION)
File Uploader (HKLM-x32\...\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}) (Version: 1.1.1 - Nikon)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
GoToAssist Corporate (x32 Version: 9.0.570 - Citrix) Hidden
HP ENVY 5530 series Basic Device Software (HKLM\...\{FE11AA0F-756F-4879-97A0-B1705E2DCABE}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 6520 series Basic Device Software (HKLM\...\{1151BCF8-3246-4E34-9C17-22E66318C41C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 6520 series Help (HKLM-x32\...\{D3293275-1002-41F5-BC37-099B4251FF5B}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 6520 series Product Improvement Study (HKLM\...\{F144E07C-4019-4092-BE25-B57819C97D2F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
Hugin 2012.0.0 (HKLM-x32\...\Hugin) (Version: 2012.0.0 hg_a6e4184ad538 - The Hugin Development Team)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
Java™ 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Juniper Networks Setup Client (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Juniper_Setup_Client) (Version: 2.1.1.4401 - Juniper Networks)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\MusicManager) (Version:  - Google, Inc.)
MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version:  - SEIKO EPSON Corporation)
MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\MyFreeCodec) (Version:  - )
NETGEAR WNA1100 wireless USB 2.0 adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.2.0.5 - NETGEAR)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.3.0 - Nikon)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OmniPage SE (HKLM-x32\...\{6249C22D-E6A8-407B-BA8B-40298848ED94}) (Version: 11.00.0001 - ScanSoft, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.3 - Nikon)
Product Improvement Study for HP ENVY 5530 series (HKLM\...\{2EC3E3B8-797A-47FD-B3A2-574C96597A19}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime (HKLM-x32\...\{E0D51394-1D45-460A-B62D-383BC4F8B335}) (Version: 7.3.1.70 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
ViewNX (HKLM-x32\...\{F007CBCE-D714-4C0B-8CE9-9B0D78116468}) (Version: 1.2.0 - Nikon)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Visual Studio C++ 9.0 Runtime (HKLM-x32\...\{08C7A49D-2B12-46F6-8B41-26D3B0D1C01F}) (Version: 1.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Steve\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Steve\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Steve\Application Data\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
27-06-2015 03:00:21 Windows Update
27-06-2015 03:14:24 Windows Update
28-06-2015 01:52:29 Windows Update
28-06-2015 23:50:33 Windows Update
29-06-2015 03:00:17 Windows Update
29-06-2015 23:40:09 Windows Update
01-07-2015 02:35:11 Windows Update
02-07-2015 00:54:12 Windows Update
03-07-2015 01:03:51 Windows Update
04-07-2015 00:18:35 Windows Update
05-07-2015 01:51:25 Windows Update
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2011-12-01 22:55 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {09C8FADF-ADB2-4C50-9F97-3B0E833C2494} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3018395322-1037248882-2513499089-1000
Task: {0E295E93-52F0-4D73-9660-F0E56925EF92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {1194A9BD-1FE4-437A-A8CC-5364B36C983C} - System32\Tasks\HP AR Program Upload - 5ad05f90af99482d975554b4e48cd433731e53a33bd140ebb4f3b097926b97d1 => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {11F74092-F0DD-4BA8-A2ED-055FE3FAC803} - System32\Tasks\{C1FF2B5A-E895-4BC4-B197-29927D57341E} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6VI5PM1\NisquallyShockwave[1].exe" -d C:\Users\Steve\Desktop
Task: {14FE6FEB-25F3-4648-B890-B6B802413B14} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {3C5B4117-0AB1-44EA-8630-AC95CCF39612} - System32\Tasks\{A8AFBE14-1EAE-4A09-876B-0CC9C4AAF008} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZA719LU9\InstallJewelQuest[1].exe" -d C:\Users\Steve\Desktop
Task: {4471E923-D4CC-4852-9688-9555E4640C15} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {479146FC-8FC3-49A2-82A3-2CFCEB64A98B} - System32\Tasks\{07EBF380-4268-4AF8-9E37-7DA54A0084A1} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TB6EDMHN\JuniperSetupClientInstaller[1].exe" -d C:\Users\Steve\Desktop
Task: {4844CE25-B554-4F1D-989D-671ECC95A416} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-06-29] (AVG Technologies)
Task: {4DA0A933-0C9D-45D3-AF6E-CFF6AD4C9FEF} - System32\Tasks\HPCustParticipation HP Photosmart 6520 series => C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {56A3DF08-4198-4205-9E16-5609554CA59D} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-08-30] (PC Utility Kit) <==== ATTENTION
Task: {684187A4-6E1D-4A79-A4F2-F257369943BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {764C49C4-216C-4BFB-9840-0DE0A722D2C5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {79D76C02-E802-46BF-ACE4-F7B966C88793} - System32\Tasks\{BDC74CF0-B9DA-41D2-B52C-F368C57D88B2} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {8025715F-FA1E-4700-912A-2DA9781A095D} - System32\Tasks\HPCustParticipation HP ENVY 5530 series => C:\Program Files\HP\HP ENVY 5530 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {81298383-B06B-44AF-A1C0-D353D4856AAB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-11] (Oracle Corporation)
Task: {869CB07A-E01C-44E3-949E-E8B36E0FB1E0} - System32\Tasks\{86CF24A2-26E0-403D-A7B5-AF7099624DA9} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {8C2C3CB9-6B08-48D9-9537-2E2FF42CA9C4} - System32\Tasks\Google Update => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {923DA2FC-D15D-4B5A-9BD3-9A7BE60BC2D4} - System32\Tasks\{94318A51-6913-4602-857E-AD9F3CF124AA} => pcalua.exe -a C:\Users\Steve\Downloads\TextTwistShockwave.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {97CE5694-17C7-420E-8B9D-78ADF3F3FA05} - System32\Tasks\{3CC836C0-FB22-460E-BA91-7B9A227739D5} => pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6VI5PM1\InstallZuma[1].exe" -d C:\Users\Steve\Desktop
Task: {99228A2E-CF62-4E1E-B33F-6581559617A2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-07] (Google Inc.)
Task: {9A169DAF-644D-47B3-B429-C99BF4F19D0B} - System32\Tasks\HP AR Program Upload - 7a1d4665b7e84b4fb9573e5743139eacf15682a1e5d24b028dbcf3d2fb6462a3 => C:\Program Files\HP\HP ENVY 5530 series\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {9E1707BD-BE20-4EA4-AFE6-577E30FE3D95} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-11-15] (Microsoft Corporation)
Task: {9FE15508-1DA9-4DFC-8DBC-E75289901E14} - System32\Tasks\{173E5E11-B6C5-49DA-9AFA-F1C4E4A48AE8} => pcalua.exe -a C:\Users\Steve\Downloads\MFInstall.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {A7A627B8-9614-4753-B92C-D02AD13A810D} - System32\Tasks\AVG Driver Updater Scan => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2015-05-13] (AVG Netherlands B.V)
Task: {A7EA721B-B432-4131-B2DE-517C3FEB7753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {AA4A8A79-3377-4F4C-88CF-2578A3808F97} - System32\Tasks\{A6EB591D-6014-4C7A-A0F9-D07423DA823C} => C:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
Task: {C572437D-5ACE-4D88-891E-A1C63785DBAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {CB429838-DFBE-43F7-B705-631B7BF5AFCB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-17] (Google Inc.)
Task: {CF360B8A-DC87-40B2-A5F3-7A9EF939F9A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
Task: {D1D02AD3-CD02-4FA4-BBFE-C1034492C6BC} - System32\Tasks\{C4133316-B131-42CC-88CB-EB9E3094C9C2} => pcalua.exe -a "C:\Users\Steve\Downloads\JavaSetup6u26 (1).exe" -d C:\Users\Steve\Desktop
Task: {D8CBCB07-85E7-44EC-955D-F5F030698B89} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {DCDEE55B-1977-4038-8F97-489B8E129FBF} - System32\Tasks\AVG Driver Updater Startup => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe [2015-05-13] (AVG Netherlands B.V)
Task: {E8B28A79-C182-40EA-B832-A7D8E5BB0B73} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {EA39004A-6CAB-4401-B825-895E116059EB} - System32\Tasks\{EC9B8372-B884-4129-9C46-40713E3BE88F} => pcalua.exe -a C:\Users\Steve\Downloads\InstallJewelQuest.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {F886D68C-8981-46F6-A560-AA390733A8A4} - System32\Tasks\{8A765C74-CB26-4486-BA6C-D87B4D228AAF} => pcalua.exe -a C:\Users\Steve\Downloads\InstallJewelQuest(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG Driver Updater Scan.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\AVG Driver Updater Startup.job => C:\Program Files (x86)\AVG Driver Updater\AVG Driver Updater.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job => C:\Users\Steve\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000Core.job => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3018395322-1037248882-2513499089-1000UA.job => C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-07-25 15:26 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-29 09:24 - 2015-06-29 09:24 - 00718136 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2015-05-21 00:14 - 2015-05-21 00:13 - 00166848 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2010-11-15 00:28 - 2009-11-27 13:04 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2013-02-04 17:36 - 2014-08-18 17:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2015-06-29 09:24 - 2015-06-29 09:24 - 00862008 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll
2010-11-15 00:28 - 2009-12-10 12:13 - 04562944 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2012-11-28 00:15 - 2015-05-21 00:13 - 02510784 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2013-02-04 17:36 - 2014-12-11 18:48 - 08397536 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2015-05-21 00:14 - 2015-05-21 00:13 - 00526784 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2010-11-15 00:28 - 2009-11-20 15:59 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2013-02-04 17:36 - 2015-03-05 18:22 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00117248 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00234496 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00253440 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-05-29 21:04 - 2015-05-29 21:04 - 00344064 _____ () C:\Users\Steve\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 40506936 _____ () C:\Users\Steve\Application Data\Spotify\libcef.dll
2010-11-15 00:28 - 2009-08-28 17:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2013-12-08 22:15 - 2014-08-26 11:42 - 01654296 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
2013-02-04 17:36 - 2014-07-22 10:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2015-07-05 09:39 - 2015-07-05 09:39 - 00043008 _____ () c:\users\steve\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb1da43.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00750080 _____ () C:\Users\Steve\Application Data\Dropbox\bin\libGLESv2.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00047616 _____ () C:\Users\Steve\Application Data\Dropbox\bin\libEGL.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00865280 _____ () C:\Users\Steve\Application Data\Dropbox\bin\plugins\platforms\qwindows.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00200704 _____ () C:\Users\Steve\Application Data\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00726016 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-05-25 19:43 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\Steve\Application Data\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 01365560 _____ () C:\Users\Steve\Application Data\Spotify\libglesv2.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 00219192 _____ () C:\Users\Steve\Application Data\Spotify\libegl.dll
2015-04-03 13:31 - 2015-04-03 13:31 - 00990776 _____ () C:\Users\Steve\Application Data\Spotify\ffmpegsumo.dll
2011-03-17 01:11 - 2011-03-17 01:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\...\hsbc.co.uk -> hxxps://hive2.hsbc.co.uk
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\Application Data\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Spotify => "C:\Users\Steve\Application Data\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Steve\Application Data\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{91AD6337-FFE1-453F-91C4-7E4C7FE7373A}C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe] => (Allow) C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe
FirewallRules: [UDP Query User{FC1B6C47-D400-471A-B804-A5E62577D864}C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe] => (Allow) C:\program files (x86)\scansoft\omnipagese\eregeng\navbrowser.exe
FirewallRules: [{3EDFC0CD-C07C-49B2-948A-2E353340D661}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7474C1A3-C8C1-42F7-9407-4A7945600D3E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{9E970C84-1D10-42C3-B899-7278219AEFF6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23F3EB84-7969-4D6F-BD1D-347300F637BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{39FD02C8-B950-4DF5-92EE-9456D2444BE7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{A4FC7EF2-5228-48E8-A709-949FD6F0C535}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\DeviceSetup.exe
FirewallRules: [{6635F789-9AD9-4B56-913F-7670F0D9C22E}] => (Allow) LPort=5357
FirewallRules: [{4007F9BD-04FD-4FC9-BE70-4F122640BFE4}] => (Allow) C:\Program Files\HP\HP ENVY 5530 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7262F928-74CE-427C-8178-69A7F778DCFB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F3E8EBA-FF62-4723-8720-4D0EF3C72B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28B8E2FA-82E6-49F6-8B90-18BDB8C12F42}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\DeviceSetup.exe
FirewallRules: [{E3D9FDD6-BBD9-42AB-9642-E5FA4D54C83A}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C988F351-B578-4DCD-B2A9-CC34725A972C}] => (Allow) C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0DA273C3-1649-4F91-BE4D-9C0074177D20}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{29A3D881-7037-4CD1-8736-DD78395B516F}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0F936B25-8D19-4990-A7D4-0544350748C2}] => (Allow) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B467CBA1-DADC-4BD8-82DD-F0CF5AA66623}] => (Allow) C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{53CFEF8D-2A68-4B90-83FB-FB7B8CF3D43D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{63E7C95F-988A-4041-8084-A5920DB9B2CA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E2963765-320E-4974-9C82-F29D37251761}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{97C6D392-BE40-4D6D-BF61-2E41CA3B485A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{F1E6036B-D67E-407B-9A17-0BF35650C492}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D89696A1-42CC-4397-A99F-CE66A4B9665B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{8F65CDB1-43FB-4142-B9DD-2D038883682B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/05/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (06/30/2015 06:05:52 PM) (Source: MsiInstaller) (EventID: 11321) (User: Steve-PC)
Description: Product: AVG PC TuneUp 2015 -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\AVG\AVG PC TuneUp\ShortcutCleaner.exe. System Error 5.
 
Error: (06/28/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location I:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (07/05/2015 09:47:15 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/05/2015 01:53:32 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (07/04/2015 02:36:04 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/04/2015 09:57:30 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/04/2015 00:20:41 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 11 for Windows 7 for x64-based Systems.
 
Error: (07/03/2015 06:58:24 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/03/2015 06:51:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.74.
The computer with the IP address 192.168.1.81 did not allow the name to be claimed by
this computer.
 
Error: (07/03/2015 06:08:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/03/2015 05:56:27 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
Error: (07/03/2015 05:44:04 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer JUDE-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{7B830BF4-9D8A-4EF7-8C3E-E586F65FA4DE}.
The master browser is stopping or an election is being forced.
 
 
Microsoft Office:
=========================
Error: (07/05/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (06/30/2015 06:05:52 PM) (Source: MsiInstaller) (EventID: 11321) (User: Steve-PC)
Description: Product: AVG PC TuneUp 2015 -- Error 1321. The Installer has insufficient privileges to modify this file: C:\Program Files (x86)\AVG\AVG PC TuneUp\ShortcutCleaner.exe. System Error 5.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (06/28/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (06/22/2015 08:12:24 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (06/22/2015 08:12:20 AM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-06-30 18:05:51.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:51.639
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:51.528
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:51.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:48.339
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:48.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:48.162
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:48.073
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:47.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-06-30 18:05:47.860
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 46%
Total physical RAM: 4087.05 MB
Available physical RAM: 2167.93 MB
Total Pagefile: 8172.32 MB
Available Pagefile: 5787.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:845.89 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B14AE6DC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End of log ============================

  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm not a great deal showing so we will clear that first and then see how the computer is behaving

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF user.js: detected! => C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\user.js [2013-08-28]
Task: {56A3DF08-4198-4205-9E16-5609554CA59D} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-08-30] (PC Utility Kit) <==== ATTENTION
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.

  • 0

#5
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Many thanks for your help with this.

I have followed your instructions.

Attached are the two reports you have asked for

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01
Ran by Steve at 2015-07-05 21:43:22 Run:1
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve (Available Profiles: Steve)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
Toolbar: HKU\S-1-5-21-3018395322-1037248882-2513499089-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
FF user.js: detected! => C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\user.js [2013-08-28]
Task: {56A3DF08-4198-4205-9E16-5609554CA59D} - System32\Tasks\PC Utility Kit => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe [2012-08-30] (PC Utility Kit) <==== ATTENTION
Task: C:\Windows\Tasks\PC Utility Kit.job => C:\Program Files (x86)\PC Utility Kit\PC Utility Kit\pcutilitykit.exe <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************
 
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value removed successfully
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value removed successfully
HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => key not found. 
C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\user.js => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56A3DF08-4198-4205-9E16-5609554CA59D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56A3DF08-4198-4205-9E16-5609554CA59D}" => key removed successfully
C:\Windows\System32\Tasks\PC Utility Kit => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PC Utility Kit" => key removed successfully
C:\Windows\Tasks\PC Utility Kit.job => moved successfully.
 
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= RemoveProxy: =========
 
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-3018395322-1037248882-2513499089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 
========= End of RemoveProxy: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {F0016DC7-931A-4C6B-B15B-857336375050}.
Unable to cancel {426D699B-26EB-40AC-8402-2CCA0E41D668}.
0 out of 2 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => 639.5 MB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 21:44:26 ====
 
# AdwCleaner v4.207 - Logfile created 05/07/2015 at 21:56:40
# Updated 21/06/2015 by Xplode
# Database : 2015-07-05.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Steve - STEVE-PC
# Running from : C:\Users\Steve\New folder\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : YahooAUService
[#] Service Deleted : swdumon
[#] Service Deleted : vToolbarUpdater18.5.0
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\PopularScreensavers
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\foxtabvideoconverter
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\Store
Folder Deleted : C:\Users\Steve\AppData\Local\apn
Folder Deleted : C:\Users\Steve\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Steve\AppData\Local\PackageAware
Folder Deleted : C:\Users\Steve\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Steve\AppData\LocalLow\AVG Security Toolbar
Folder Deleted : C:\Users\Steve\Application Data\AVG Secure Search
Folder Deleted : C:\Users\Steve\Application Data\Delta
Folder Deleted : C:\Users\Steve\Application Data\DriverCure
Folder Deleted : C:\Users\Steve\Application Data\ParetoLogic
Folder Deleted : C:\Users\Steve\Application Data\Systweak
Folder Deleted : C:\Users\Steve\Application Data\Uniblue
Folder Deleted : C:\Users\Steve\Application Data\Fighters
Folder Deleted : C:\Users\Steve\Application Data\download Manager
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
File Deleted : C:\Windows\System32\drivers\swdumon.sys
File Deleted : C:\Users\Steve\Application Data\Mozilla\Firefox\Profiles\95kcrfr7.default\invalidprefs.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@PopularScreensavers.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\PopularScreensavers_7i.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\PopularScreensavers_7i.SettingsPlugin.1
Key Deleted : HKCU\Software\f6dedab53ae544
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8798BBE7-DDF6-448B-AE0E-83C9E28A5598}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F37BCE7B-6055-418C-A301-E715F36F1E79}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\PopularScreensavers
Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
Key Deleted : HKU\.DEFAULT\Software\IGearSettings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16447
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 
-\\ Mozilla Firefox v35.0.1 (x86 en-US)
 
[95kcrfr7.default\prefs.js] - Line Deleted : user_pref("extensions.xpiState", "{\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E[...]
 
-\\ Google Chrome v43.0.2357.130
 
 
*************************
 
AdwCleaner[R0].txt - [21409 bytes] - [05/07/2015 21:54:56]
AdwCleaner[S0].txt - [20831 bytes] - [05/07/2015 21:56:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20891  bytes] ##########

  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
What is the systems behaviour now ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#7
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hi Essexboy

 

Thank you so much for your time and patience. I am not experiencing any more hanging screens when on the net, which is great, and part of my original concerns. And no more e mail addresses have disappeared.

 

Not sure if the following two points are linked or just a by product from earlier. Start up is still a bit laboured; but not a big problem. When shutting down I am continuing to get a Windows 7 installing update 1 of 1 message. But clearly it does not work as it reappears next day. Again, not a big issue as I click shut down and just leave it.

 

ASW log as requested

 

aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2015-07-06 21:31:52
-----------------------------
21:31:52.913    OS Version: Windows x64 6.1.7601 Service Pack 1
21:31:52.913    Number of processors: 4 586 0x2505
21:31:52.913    ComputerName: STEVE-PC  UserName: Steve
21:31:57.058    Initialize success
21:31:57.169    VM: initialized successfully
21:31:57.170    VM: Intel CPU supported 
21:32:02.361    VM: supported disk I/O ataport.SYS
21:36:31.842    AVAST engine defs: 15070602
21:38:16.976    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3
21:38:16.979    Disk 0 Vendor: Hitachi_HDS721010CLA332 JP4OA3EA Size: 953869MB BusType: 3
21:38:17.050    VM: Disk 0 MBR read successfully
21:38:17.053    Disk 0 MBR scan
21:38:17.057    Disk 0 Windows 7 default MBR code
21:38:17.059    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
21:38:17.062    Disk 0 default boot code
21:38:17.070    Disk 0 Partition 2 00     07      HPFS/NTFS NTFS       953767 MB offset 206848
21:38:17.088    Disk 0 scanning C:\Windows\system32\drivers
21:38:25.135    Service scanning
21:38:45.273    Modules scanning
21:38:45.280    Disk 0 trace - called modules:
21:38:45.316    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
21:38:45.320    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004b7c060]
21:38:45.323    3 CLASSPNP.SYS[fffff8800181043f] -> nt!IofCallDriver -> [0xfffffa80048fb520]
21:38:45.326    5 ACPI.sys[fffff88000ee57a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-3[0xfffffa80048fd060]
21:38:47.283    AVAST engine scan C:\Windows
21:38:50.091    AVAST engine scan C:\Windows\system32
21:42:20.132    AVAST engine scan C:\Windows\system32\drivers
21:42:34.090    AVAST engine scan C:\Users\Steve
21:43:19.864    Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\MBR.dat"
21:50:30.904    AVAST engine scan C:\ProgramData
21:52:26.818    Disk 0 statistics 4311170/0/18 @ 3.42 MB/s
21:52:26.824    Scan finished successfully
21:59:52.957    Disk 0 MBR has been saved successfully to "C:\Users\Steve\Desktop\MBR.dat"
21:59:52.961    The log file has been saved successfully to "C:\Users\Steve\Desktop\aswMBR.txt"

  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Could you go to control panel > windows updates
On the left select view update history
Does it give a KB number for the one that is failing
  • 0

#9
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hi

The one which fails is Internet Explorer 11 for Windows 7 for x64-based systems. It is faiiling daily. The error code is 9C59. There is no KB number which I can see

 

cheers


  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK first run the MSFixit on this page https://support.micr...en-gb/kb/971058

Then download the standalone installer from here https://www.microsof...-7-details.aspx

Let me know how that goes :)
  • 0

Advertisements


#11
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Hi

I ran MSFixit and then it asked me to try and install which I did. That again failed to install

Tried to load the standalone installer, and got a Failed to finish installation message


  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Darn .. OK I will do some more research on that one

 

Meanwhile what other problems are apparent ?


  • 0

#13
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

 

Uninstall Internet Explorer 9 before you install Internet Explorer 11

During the installation process of Internet Explorer 11, you may receive the 9C59 error.

To resolve this issue, you may uninstall Internet Explorer 9, restart your computer, and then install Internet Explorer 11.

To uninstall Internet Explorer 9

1.Click the Start button, type Programs and Features in the search box, and then click View installed updates in the left pane.
2.Under Uninstall an update, scroll down to the Microsoft Windows section.
3.Right-click Windows Internet Explorer 9, click Uninstall, and then, when prompted, click Yes.
4.Click Restart now to finish the process of uninstalling Internet Explorer 9.

After your computer restarts, try to install Internet Explorer 11.

 

Just found this on the MS site could you try that


  • 0

#14
steve bradbury

steve bradbury

    Member

  • Topic Starter
  • Member
  • PipPip
  • 24 posts

Bizarre.  Just spent some time trolling through and found that IE9 also failed to install back in August 2013 and ever since. Code 9C48. That seems to have impacted as IE10 has also failed to install (Code 9C49).

 

It is not an issue - more of an irritant, as I spend time wondering what i am missing.

 

Performance wise, once it is booted and loaded, everything seems much smoother.

 

And, as mentioned, no further e mail addresses are disappearing mysteriously

 

cheers. 


  • 0

#15
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm 'tis really weird, looks like I will need to dig back further... Meanwhile

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Remove tools

Download and run Delfix
Select the options as shown
delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
javara.JPG


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Malwarebytes.

Update and run weekly to keep your system clean

Unchecky

Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme ;)

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP