forgot to add notepad
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Nancy (administrator) on NANCY_LAPTOP (25-09-2015 19:01:42)
Running from C:\Users\Nancy\Downloads
Loaded Profiles: Nancy (Available Profiles: Nancy)
Platform: Windows 8.1 Connected (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(© 2015 Microsoft Corporation) C:\Users\Nancy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-09-12] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-05] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2830576 2014-09-01] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-10] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3804072 2015-09-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-02] (SUPERAntiSpyware)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [GoogleChromeAutoLaunch_3312EA6C4F41A42564159DA1D2D4BD7F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [ShopAtHomeWatcher] => C:\Users\Nancy\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [ShopAtHomeUpdater] => C:\Users\Nancy\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [BingSvc] => C:\Users\Nancy\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\MountPoints2: {271a8b5a-99fa-11e4-8266-1008b1c42f64} - "E:\TLBootstrap_WPP.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Startup: C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-01-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2
Tcpip\..\Interfaces\{77F8C69A-2C45-49CD-9110-24BF23FC0770}: [DhcpNameServer] 75.114.81.1 75.114.81.2
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Avast SafePrice) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR HKU\S-1-5-21-2755095785-517186114-2926042947-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [603120 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3793392 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [595832 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-05] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-09-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-12] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-01] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [314800 2015-08-31] (AVG Technologies CZ, s.r.o.)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2014-09-05] (Intel Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-05] (Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-05] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-05] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [78504 2014-09-05] (Intel Corporation)
S3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-09-05] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-05] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2014-09-05] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-08-05] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-25] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [578776 2014-08-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3560664 2014-09-05] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-09-01] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-09-01] (Synaptics Incorporated)
S3 sscdserd; C:\Windows\system32\DRIVERS\sscdserd.sys [141384 2012-06-27] (MCCI Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-25 19:01 - 2015-09-25 19:02 - 00023503 _____ C:\Users\Nancy\Downloads\FRST.txt
2015-09-25 19:00 - 2015-09-25 19:01 - 00000000 ____D C:\FRST
2015-09-25 18:58 - 2015-09-25 19:00 - 02192384 _____ (Farbar) C:\Users\Nancy\Downloads\FRST64.exe
2015-09-24 17:14 - 2015-09-24 17:14 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\AVG
2015-09-24 17:14 - 2015-09-24 17:14 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ___HD C:\$AVG
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\TuneUp Software
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-24 17:09 - 2015-09-24 17:13 - 00000000 ____D C:\ProgramData\Avg
2015-09-24 17:09 - 2015-09-24 17:12 - 00000000 ____D C:\Program Files (x86)\AVG
2015-09-24 17:05 - 2015-09-25 18:52 - 00000000 ____D C:\ProgramData\MFAData
2015-09-24 17:05 - 2015-09-24 17:14 - 00000000 ____D C:\Users\Nancy\AppData\Local\Avg
2015-09-24 17:05 - 2015-09-24 17:10 - 00000000 ____D C:\Users\Nancy\AppData\Local\AvgSetupLog
2015-09-24 17:05 - 2015-09-24 17:05 - 00000000 ____D C:\Users\Nancy\AppData\Local\MFAData
2015-09-24 17:05 - 2015-09-24 17:05 - 00000000 ____D C:\Users\Nancy\AppData\Local\Avg2015
2015-09-24 16:51 - 2015-09-24 22:03 - 00000624 _____ C:\Windows\Tasks\SparkTrust PC Cleaner Plus Startup.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000671 _____ C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000490 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000448 _____ C:\Windows\Tasks\SparkTrust Update Version3_triggeronce.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000448 _____ C:\Windows\Tasks\SparkTrust Update Version3.job
2015-09-24 16:51 - 2015-09-24 16:51 - 00004092 _____ C:\Windows\System32\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64
2015-09-24 16:51 - 2015-09-24 16:51 - 00003238 _____ C:\Windows\System32\Tasks\SparkTrust Update Version3
2015-09-24 16:51 - 2015-09-24 16:51 - 00003134 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2015-09-24 16:51 - 2015-09-24 16:51 - 00002906 _____ C:\Windows\System32\Tasks\SparkTrust Update Version3_triggeronce
2015-09-24 16:51 - 2015-09-24 16:51 - 00002704 _____ C:\Windows\System32\Tasks\SparkTrust PC Cleaner Plus Startup
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\ProgramData\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2015-09-23 20:20 - 2015-09-23 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-23 19:40 - 2015-09-23 19:40 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-09-21 10:59 - 2015-09-23 19:34 - 00000358 _____ C:\Windows\Tasks\HPCeeScheduleForNancy.job
2015-09-21 10:59 - 2015-09-21 10:59 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForNancy
2015-09-13 19:29 - 2015-09-23 20:33 - 00002994 _____ C:\Windows\System32\Tasks\LAUNCH CDPCO
2015-09-11 15:59 - 2015-09-11 15:59 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-09-09 03:23 - 2015-09-09 03:23 - 00023152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgboota.sys
2015-09-08 16:42 - 2015-08-26 22:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 16:42 - 2015-08-26 14:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 16:42 - 2015-08-26 10:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 16:42 - 2015-08-26 10:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 16:42 - 2015-08-26 10:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 16:42 - 2015-08-26 10:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 16:41 - 2015-07-30 13:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 16:41 - 2015-07-30 12:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 16:40 - 2015-09-02 22:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 16:40 - 2015-09-02 22:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 16:40 - 2015-09-02 14:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 16:40 - 2015-09-02 13:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 16:40 - 2015-08-22 14:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 16:40 - 2015-08-22 13:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 16:40 - 2015-08-22 13:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 16:40 - 2015-08-22 13:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 16:40 - 2015-08-22 12:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 16:40 - 2015-08-22 12:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 16:40 - 2015-08-22 12:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 16:40 - 2015-08-22 12:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 16:40 - 2015-08-22 12:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 16:40 - 2015-08-22 11:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 16:40 - 2015-08-22 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 16:40 - 2015-07-22 10:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 16:40 - 2015-07-22 10:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 16:40 - 2015-07-22 10:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 16:40 - 2015-07-22 10:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 16:40 - 2015-07-18 14:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 16:40 - 2015-07-18 14:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 16:40 - 2015-07-18 14:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 16:40 - 2015-07-18 14:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 16:39 - 2015-09-01 22:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 16:39 - 2015-09-01 22:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 16:39 - 2015-09-01 22:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 16:39 - 2015-08-01 10:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 16:39 - 2015-07-31 23:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 16:39 - 2015-07-31 23:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-08 16:39 - 2015-07-31 23:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-08 16:39 - 2014-10-28 22:46 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 16:39 - 2014-10-28 22:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 16:39 - 2014-10-28 22:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-05 21:07 - 2015-09-05 21:07 - 00000000 ____D C:\Program Files (x86)\Sling Media
2015-09-05 16:15 - 2015-09-23 20:34 - 00003166 _____ C:\Windows\System32\Tasks\MyCleanPC PC Optimizer
2015-09-05 16:15 - 2015-09-13 18:58 - 00000480 _____ C:\Windows\Tasks\USTSPCO-USTSPCOOneClickCare.job
2015-09-05 16:15 - 2015-09-05 16:15 - 00003334 _____ C:\Windows\System32\Tasks\USTSPCO-USTSPCOOneClickCare
2015-09-05 16:15 - 2015-09-05 16:15 - 00001884 _____ C:\Users\Public\Desktop\MyCleanPC PC Optimizer.lnk
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\USTechSupport
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanPC
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\Program Files (x86)\USTechSupport
2015-09-05 16:14 - 2015-09-07 13:26 - 00000000 ____D C:\ProgramData\USTechSupport
2015-09-05 16:12 - 2015-09-05 16:12 - 01774656 _____ (US Tech Support LLC) C:\Users\Nancy\Downloads\MyCleanPC (1).exe
2015-09-05 16:11 - 2015-09-05 16:12 - 01774656 _____ (US Tech Support LLC) C:\Users\Nancy\Downloads\MyCleanPC.exe
2015-09-05 15:49 - 2015-09-05 15:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-09-05 15:48 - 2015-09-05 15:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-05 15:45 - 2015-09-05 15:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_E912C09A-0944-4FD0-A697-3AB6DAE93ECB_.exe
2015-09-05 15:44 - 2015-09-05 15:44 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_08B2ABDE-2D60-4F0E-9F04-6DA2350D5153_.exe
2015-09-05 14:57 - 2015-09-05 14:57 - 00000000 ____D C:\ProgramData\VIPRE
2015-09-05 14:47 - 2015-09-24 22:03 - 00000458 _____ C:\Windows\Tasks\MyTurboPC Startup.job
2015-09-05 14:47 - 2015-09-19 18:00 - 00000502 _____ C:\Windows\Tasks\MyTurboPC.com Registration3.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000577 _____ C:\Windows\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000466 _____ C:\Windows\Tasks\MyTurboPC.com Update3_triggeronce.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000466 _____ C:\Windows\Tasks\MyTurboPC.com Update3.job
2015-09-05 14:47 - 2015-09-05 14:47 - 00003998 _____ C:\Windows\System32\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64
2015-09-05 14:47 - 2015-09-05 14:47 - 00003260 _____ C:\Windows\System32\Tasks\MyTurboPC.com Update3
2015-09-05 14:47 - 2015-09-05 14:47 - 00003146 _____ C:\Windows\System32\Tasks\MyTurboPC.com Registration3
2015-09-05 14:47 - 2015-09-05 14:47 - 00002924 _____ C:\Windows\System32\Tasks\MyTurboPC.com Update3_triggeronce
2015-09-05 14:47 - 2015-09-05 14:47 - 00002604 _____ C:\Windows\System32\Tasks\MyTurboPC Startup
2015-09-05 14:47 - 2015-09-05 14:47 - 00001183 _____ C:\Users\Nancy\Desktop\MyTurboPC.lnk
2015-09-05 14:47 - 2015-09-05 14:47 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\MyTurboPC.com
2015-09-05 14:47 - 2015-09-05 14:47 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTurboPC.com
2015-09-05 14:46 - 2015-09-05 14:47 - 00000000 ____D C:\ProgramData\MyTurboPC.com
2015-09-05 14:46 - 2015-09-05 14:46 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_8F3216E8-B200-46DE-8FD9-C8C958C99F88_.exe
2015-09-05 14:46 - 2015-09-05 14:46 - 00000000 ____D C:\Program Files (x86)\MyTurboPC.com
2015-09-05 14:45 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_37E31300-5559-423E-8D80-65F996E2F104_.exe
2015-09-05 14:45 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_0177B9D3-5778-418F-BC36-E1CC3DDC43B6_.exe
2015-09-05 14:44 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_22D10C6C-B269-4E1A-AC26-B5601B2689C9_.exe
2015-09-04 10:51 - 2015-09-04 10:51 - 00013225 _____ C:\Users\Nancy\Downloads\PC_2015_HW_1st_semester_docx
2015-08-31 23:45 - 2015-08-31 23:45 - 00314800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-08-29 10:49 - 2015-08-29 10:49 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (4).html
2015-08-29 10:49 - 2015-08-29 10:49 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (3).html
2015-08-26 18:05 - 2015-08-26 18:05 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (2).html
2015-08-26 17:57 - 2015-08-26 17:57 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You.html
2015-08-26 17:57 - 2015-08-26 17:57 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (1).html
2015-08-26 17:54 - 2015-08-26 17:54 - 00008524 _____ C:\Users\Nancy\Downloads\University Bookstore - Your Order.html
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-25 19:02 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-25 18:58 - 2015-07-22 16:23 - 01462411 _____ C:\Windows\WindowsUpdate.log
2015-09-25 16:05 - 2015-01-30 17:28 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-25 16:05 - 2014-12-25 20:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2755095785-517186114-2926042947-1001
2015-09-25 15:44 - 2014-12-25 14:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-24 22:08 - 2014-03-18 05:53 - 00956476 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-24 22:02 - 2015-01-30 17:28 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-24 22:01 - 2015-04-13 18:52 - 00002352 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-09-24 22:01 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 22:00 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-24 21:59 - 2014-12-25 17:30 - 00000000 ____D C:\Users\Nancy
2015-09-24 21:56 - 2015-01-30 17:47 - 00002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 17:17 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-24 17:13 - 2013-08-22 11:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-09-24 16:31 - 2015-04-16 19:33 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Skype
2015-09-23 21:13 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-23 21:01 - 2015-01-11 21:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-23 20:20 - 2015-04-16 19:33 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-23 20:20 - 2015-04-16 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-23 20:20 - 2015-04-16 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-09-23 19:35 - 2014-12-25 15:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-21 10:55 - 2014-12-29 12:44 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-18 17:59 - 2015-01-30 17:28 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 17:59 - 2015-01-30 17:28 - 00003668 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 20:47 - 2014-12-25 17:30 - 00000000 ____D C:\Users\Nancy\AppData\Local\Packages
2015-09-15 20:17 - 2015-01-12 15:57 - 00003104 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2755095785-517186114-2926042947-1001
2015-09-15 20:17 - 2015-01-12 15:57 - 00000000 ___RD C:\Users\Nancy\OneDrive
2015-09-15 16:58 - 2015-01-30 17:28 - 00000000 ____D C:\Users\Nancy\AppData\Local\Google
2015-09-14 21:18 - 2013-08-22 11:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 21:18 - 2013-08-22 11:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 19:09 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-13 19:23 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-09-13 18:58 - 2013-08-22 10:44 - 00486992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 18:57 - 2014-03-18 05:38 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 18:57 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-13 18:55 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-08 16:51 - 2015-01-29 16:59 - 00000000 ____D C:\Windows\system32\MRT
2015-09-05 16:13 - 2015-07-22 16:11 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-05 16:13 - 2014-12-25 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-05 16:13 - 2014-12-25 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-05 14:20 - 2014-09-19 12:23 - 00000000 ___HD C:\hp
2015-08-26 18:37 - 2015-01-29 16:59 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2015-09-05 14:47 - 2015-09-25 15:40 - 0000115 _____ () C:\Users\Nancy\AppData\Roaming\LogFile.txt
Some files in TEMP:
====================
C:\Users\Nancy\AppData\Local\Temp\avg-0ab87223-c2a5-496e-8a4e-34787b05407c.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-19 20:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Nancy (2015-09-25 19:03:23)
Running from C:\Users\Nancy\Downloads
Windows 8.1 Connected (X64) (2014-12-25 21:30:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2755095785-517186114-2926042947-500 - Administrator - Disabled)
Guest (S-1-5-21-2755095785-517186114-2926042947-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2755095785-517186114-2926042947-1003 - Limited - Enabled)
Nancy (S-1-5-21-2755095785-517186114-2926042947-1001 - Administrator - Enabled) => C:\Users\Nancy
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Reader XI (11.0.07) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (Version: 16.3.7134 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4431 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.3.7134 - AVG Technologies)
Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FMW 1 (Version: 1.11.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{C925BFCB-DB7B-486A-B551-D637E054FC02}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{403E9EFF-C4B4-4308-BA4E-7093B6BA03D5}) (Version: 2.5.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2210 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3925 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
MyCleanPC PC Optimizer (HKLM-x32\...\{6AAEB4CB-0573-41ec-89B0-0FE0D5134A8B}_is1) (Version: 2.0.648.15898 - USTechSupport)
MyTurboPC (HKLM-x32\...\{A2F37CA8-53F8-4594-B701-32AE64BAED1A}) (Version: 3.2.15.0 - MyTurboPC.com)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.21 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29081 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7339 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.37 - REALTEK Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
ShopAtHome.com Helper (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\ShopAtHome.com Helper) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
ShopAtHome.com Toolbar (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\ShopAtHome.com Toolbar) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
Slingplayer Desktop (x32 Version: 5.0.0.83 - Sling Media) Hidden
SlingPlayer for Web (HKLM-x32\...\{576AB4FA-71CB-4530-9EA2-91308367C169}) (Version: 2.4.0130 - Sling Media)
Slingplayer-Desktop (HKLM-x32\...\{176cb1f2-7151-4061-9811-46494cdc407d}) (Version: 5.0.0.83 - Sling Media)
SparkTrust PC Cleaner Plus (HKLM-x32\...\{35827710-D042-428B-A1E5-E20E12D2FEB9}) (Version: 3.2.15.0 - SparkTrust) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.20.0 - Synaptics Incorporated)
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{F02C6726-D7AA-472F-8706-9A1F3D8FB1DE}) (Version: 1.13.0103 - SAMSUNG)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01DE708E-8DF4-4DD0-870A-6685A53B8B75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {10AA5549-A9E4-4D02-8DD4-ACFEE070C6B1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {1830144F-9C58-475A-B18B-E05F5434E42C} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {2319EBB2-7087-4839-9087-4767F0B8137F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {242261B8-A6B1-4267-855C-144072E1A432} - System32\Tasks\MyTurboPC.com Update3 => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-05] (MyTurboPC.com)
Task: {32C0E328-F603-4A8D-A35D-CC5393B4EDDE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2755095785-517186114-2926042947-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {3625A495-5EE6-42D2-A13B-C0371EDE2E72} - System32\Tasks\SparkTrust PC Cleaner Plus Startup => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2014-12-24] (SparkTrust) <==== ATTENTION
Task: {4144C2B6-87A1-413E-9120-718C08D5CDAE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {4D9F8C2B-6A75-4BE8-BB27-8B3CBE1C7DB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {55CCD6F1-44F0-4962-8A2C-A9CEE3E2F62C} - System32\Tasks\USTSPCO-USTSPCOOneClickCare => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {56E383DB-059E-4B93-9D48-C0E60A713D2E} - System32\Tasks\MyCleanPC PC Optimizer => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {581DBA5D-7E3A-495B-A763-8FB53CBFC117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {6C111822-8E5F-45C7-8FD0-5B1FAC6EE830} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6CA727A3-A3A8-47EA-BFB3-C9566D173342} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64 => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2014-12-24] (SparkTrust) <==== ATTENTION
Task: {7583B6E2-4ED0-4675-86C0-C046B6D0AF71} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-12-24] (SparkTrust Systems) <==== ATTENTION
Task: {80EF6388-744D-4D14-9B43-5CBDF701BE6A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {90A4EB09-3DF2-45E5-99DE-72260B1C75E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {963D6E64-D1D1-469C-AE97-7D7282536488} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {998C23A9-75A9-4A63-8B6A-397A9243A621} - System32\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64 => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-05] (MyTurboPC.com) <==== ATTENTION
Task: {9CACEE26-5BB9-4EB5-8372-E133DD93DBE7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {A3078759-BD5B-4A7E-86E8-5CB998EA2F53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {BF60C6DC-DBD1-4A9F-ADBC-4476A1349BE0} - System32\Tasks\MyTurboPC.com Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll" RunUns
Task: {C79E25CA-D9B3-45AB-B8A1-81FE4D586E4A} - System32\Tasks\MyTurboPC Startup => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-05] (MyTurboPC.com)
Task: {C85B479E-97A1-4EF8-9B01-EC48995621ED} - System32\Tasks\LAUNCH CDPCO => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {C87267EB-EFB1-4141-89DF-A19EB9C6AA3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {CB3719FF-E3C0-4104-898A-F974235C9FD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {DA855489-301E-4DF6-BFCF-0D793019A181} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-02] (AVAST Software)
Task: {E070C901-EA62-4346-9233-CD7B60377757} - System32\Tasks\MyTurboPC.com Update3_triggeronce => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-05] (MyTurboPC.com)
Task: {E1A9C012-36BE-41F9-AA9C-16B7861970AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-11] (Microsoft Corporation)
Task: {E434F29D-D4F4-427A-9EAB-2A64824C4F5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {EE4C065F-49D0-47D1-A923-8DF7BF7B346C} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-12-24] (SparkTrust Systems) <==== ATTENTION
Task: {F11CE7F3-C7FB-4D5C-BE42-794935648342} - System32\Tasks\HPCeeScheduleForNancy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNancy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MyTurboPC Startup.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe8C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe
Task: C:\Windows\Tasks\MyTurboPC.com Registration3.job => C:\Windows\system32\rundll32.exeIC:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll RunUns7C:\Program Files (x86)\Common Files\MyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC.com Update3.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3Nancy_laptop\NancyMyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC.com Update3_triggeronce.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3Nancy_laptop\NancyMyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe2 /schedule:927E79CE-53FE-11E5-8287-1008B1C42F64 C:\Program Files (x86)\MyTurboPC.com <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust PC Cleaner Plus Startup.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exeYC:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Registration3.job => C:\Windows\system32\rundll32.exeFC:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\Windows\Tasks\USTSPCO-USTSPCOOneClickCare.job => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
==================== Loaded Modules (Whitelisted) ==============
2014-10-20 00:37 - 2014-07-04 14:24 - 00094936 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-01-11 21:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-04-06 18:40 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-09-15 07:04 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2015-04-06 18:40 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-03-10 18:50 - 2015-03-10 18:50 - 09566192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00499728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02144248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00869896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2015-08-02 12:56 - 2015-08-02 12:56 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-02 12:56 - 2015-08-02 12:56 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-24 16:54 - 2015-09-24 16:54 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092401\algo.dll
2015-09-25 19:01 - 2015-09-25 19:01 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092501\algo.dll
2015-07-15 14:24 - 2015-07-15 14:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-06 18:40 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-24 17:09 - 2015-09-24 17:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-09-15 07:04 - 2015-08-11 20:57 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Signature\Signature01.jpg
DNS Servers: 75.114.81.1 - 75.114.81.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "ShopAtHomeUpdater"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "ShopAtHomeWatcher"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2C7FF619-9478-4BB3-9AE4-E632B0D7FB27}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{FAA03678-478D-4248-9FB9-7B88B027B3BF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E97BD0D6-3A5A-45A0-8193-2B283DB04E4F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9FE9253F-C97F-45C1-B9CF-6712EF3CBE4E}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08l\FAXRX.exe
FirewallRules: [{8626CDD7-D6AF-47C3-83A5-3A99106BA5B8}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08l\FAXRX.exe
FirewallRules: [{635591C6-9564-4B19-9B24-46FEB697F121}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{1405BB47-C197-4E21-B3D4-C83AE0B75810}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2B87F89D-0CA5-42E3-B711-A71CA0A2A064}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B2555AE1-43B4-4858-9138-0B9F3411DD18}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Allow) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [UDP Query User{887C8927-2368-48F8-895A-8CC368C92C82}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Allow) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [{F76C031A-A1A3-4FD0-A1EF-75F85F36976E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A410ABB6-79E0-4457-B67F-69678F08AD24}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{354E12C4-DA3B-4953-9B65-B4A2906DD300}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{09562B70-BAE8-49AD-865A-F3123667FD12}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2A9AD010-BB5B-497D-B9CB-E2FE3E1557CE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{A8D35B1B-EB8C-4248-85A2-E2C0FFC2F897}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A88807BD-E6F8-4706-96F7-2AD87B67A3D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5E734FCC-0DBF-4AEB-9E19-711C07A71679}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A18B9D06-C374-4F70-9DD3-D18A22B4B8B9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{26CA07AA-290D-4430-91CD-99A5A8B15056}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4A4CC8E5-D6FF-40C5-875B-737BCA85E85A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BD59CCC6-3A4D-48B5-92B1-743DEEF68763}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{7C5E4B52-4171-4576-A4C2-DDDD080418D2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C3C2ED05-626D-480B-B147-7277038AB76D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.525]: [00006568]: Don't Create FileMapping!!!!
Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.522]: [00006568]: FrendlyName : Brother MFC-495CW Printer
Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.520]: [00006568]: Error : ExecMonitor()
Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.520]: [00006568]: Don't Create FileMapping!!!!
Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.519]: [00006568]: FrendlyName : Brother MFC-495CW Printer
Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.517]: [00006568]: Error : ExecMonitor()
Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.524]: [00006568]: Don't Create FileMapping!!!!
Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.523]: [00006568]: FrendlyName : Brother MFC-495CW Printer
Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.516]: [00006568]: Error : ExecMonitor()
Error: (09/25/2015 06:56:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:56:18.521]: [00006568]: Don't Create FileMapping!!!!
System errors:
=============
Error: (09/24/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16389
Error: (09/24/2015 05:16:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (09/24/2015 04:40:44 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (09/23/2015 09:13:34 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/23/2015 09:13:04 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/23/2015 08:42:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (09/23/2015 07:46:26 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (09/23/2015 07:34:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:23:24 PM on 9/23/2015 was unexpected.
Error: (09/20/2015 07:37:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.
Error: (09/19/2015 08:57:36 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
==================== Memory info ===========================
Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 82%
Total physical RAM: 1939.04 MB
Available physical RAM: 343.71 MB
Total Virtual: 3878.09 MB
Available Virtual: 1447.49 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:21.36 GB) (Free:2.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: BF06539F)
Partition: GPT.
==================== End of Addition.txt ============================