Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

redirect issue


  • This topic is locked This topic is locked

#1
denjhook

denjhook

    New Member

  • Member
  • Pip
  • 2 posts

forgot to add notepad

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Nancy (administrator) on NANCY_LAPTOP (25-09-2015 19:01:42)
Running from C:\Users\Nancy\Downloads
Loaded Profiles: Nancy (Available Profiles: Nancy)
Platform: Windows 8.1 Connected (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel® Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(© 2015 Microsoft Corporation) C:\Users\Nancy\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-09-12] (Realtek Semiconductor)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\System32\DptfPolicyLpmServiceHelper.exe [111488 2014-09-05] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2830576 2014-09-01] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe [9566192 2015-03-10] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] ()
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1125800 2015-09-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3804072 2015-09-12] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7930136 2015-08-02] (SUPERAntiSpyware)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [GoogleChromeAutoLaunch_3312EA6C4F41A42564159DA1D2D4BD7F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-23] (Google Inc.)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [ShopAtHomeWatcher] => C:\Users\Nancy\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [130232 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [ShopAtHomeUpdater] => C:\Users\Nancy\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [199864 2014-11-25] (ShopAtHome.com)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\Run: [BingSvc] => C:\Users\Nancy\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\MountPoints2: {271a8b5a-99fa-11e4-8266-1008b1c42f64} - "E:\TLBootstrap_WPP.exe"
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-02] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Startup: C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-01-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.114.81.1 75.114.81.2
Tcpip\..\Interfaces\{77F8C69A-2C45-49CD-9110-24BF23FC0770}: [DhcpNameServer] 75.114.81.1 75.114.81.2

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/HPNOT14/1
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-25]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Profile: C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-30]
CHR Extension: (Google Docs) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-30]
CHR Extension: (Google Drive) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-30]
CHR Extension: (YouTube) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-30]
CHR Extension: (Google Search) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-30]
CHR Extension: (Avast SafePrice) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-30]
CHR Extension: (Google Sheets) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-30]
CHR Extension: (Gmail) - C:\Users\Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-30]
CHR HKU\S-1-5-21-2755095785-517186114-2926042947-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [603120 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3793392 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1042344 2015-09-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [595832 2015-09-12] (AVG Technologies CZ, s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [94936 2014-07-04] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 DptfParticipantAcpiProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115656 2014-09-05] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-09-12] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel® Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe [720760 2015-03-10] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-12] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-01] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-09-11] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [293296 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [251312 2015-08-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [314800 2015-08-31] (AVG Technologies CZ, s.r.o.)
S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 DptfDevAcpiProc; C:\Windows\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2014-09-05] (Intel Corporation)
S3 DptfDevDisplay; C:\Windows\System32\drivers\DptfDevDisplay.sys [70752 2014-09-05] (Intel Corporation)
S3 DptfDevDram; C:\Windows\System32\drivers\DptfDevDram.sys [145640 2014-09-05] (Intel Corporation)
S3 DptfDevFan; C:\Windows\System32\drivers\DptfDevFan.sys [50640 2014-09-05] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [78504 2014-09-05] (Intel Corporation)
S3 DptfDevPch; C:\Windows\System32\drivers\DptfDevPch.sys [116752 2014-09-05] (Intel Corporation)
S3 DptfDevPower; C:\Windows\System32\drivers\DptfDevPower.sys [71808 2014-09-05] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [493240 2014-09-05] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-25] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-08-05] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-25] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [578776 2014-08-05] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3560664 2014-09-05] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-09-01] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-09-01] (Synaptics Incorporated)
S3 sscdserd; C:\Windows\system32\DRIVERS\sscdserd.sys [141384 2012-06-27] (MCCI Corporation)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-01-22] (BitDefender S.R.L.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35320 2014-09-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [258368 2014-09-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-25 19:01 - 2015-09-25 19:02 - 00023503 _____ C:\Users\Nancy\Downloads\FRST.txt
2015-09-25 19:00 - 2015-09-25 19:01 - 00000000 ____D C:\FRST
2015-09-25 18:58 - 2015-09-25 19:00 - 02192384 _____ (Farbar) C:\Users\Nancy\Downloads\FRST64.exe
2015-09-24 17:14 - 2015-09-24 17:14 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\AVG
2015-09-24 17:14 - 2015-09-24 17:14 - 00000000 ____D C:\Program Files\Common Files\AV
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ___HD C:\$AVG
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\TuneUp Software
2015-09-24 17:13 - 2015-09-24 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-09-24 17:09 - 2015-09-24 17:13 - 00000000 ____D C:\ProgramData\Avg
2015-09-24 17:09 - 2015-09-24 17:12 - 00000000 ____D C:\Program Files (x86)\AVG
2015-09-24 17:05 - 2015-09-25 18:52 - 00000000 ____D C:\ProgramData\MFAData
2015-09-24 17:05 - 2015-09-24 17:14 - 00000000 ____D C:\Users\Nancy\AppData\Local\Avg
2015-09-24 17:05 - 2015-09-24 17:10 - 00000000 ____D C:\Users\Nancy\AppData\Local\AvgSetupLog
2015-09-24 17:05 - 2015-09-24 17:05 - 00000000 ____D C:\Users\Nancy\AppData\Local\MFAData
2015-09-24 17:05 - 2015-09-24 17:05 - 00000000 ____D C:\Users\Nancy\AppData\Local\Avg2015
2015-09-24 16:51 - 2015-09-24 22:03 - 00000624 _____ C:\Windows\Tasks\SparkTrust PC Cleaner Plus Startup.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000671 _____ C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000490 _____ C:\Windows\Tasks\SparkTrust Registration3.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000448 _____ C:\Windows\Tasks\SparkTrust Update Version3_triggeronce.job
2015-09-24 16:51 - 2015-09-24 22:01 - 00000448 _____ C:\Windows\Tasks\SparkTrust Update Version3.job
2015-09-24 16:51 - 2015-09-24 16:51 - 00004092 _____ C:\Windows\System32\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64
2015-09-24 16:51 - 2015-09-24 16:51 - 00003238 _____ C:\Windows\System32\Tasks\SparkTrust Update Version3
2015-09-24 16:51 - 2015-09-24 16:51 - 00003134 _____ C:\Windows\System32\Tasks\SparkTrust Registration3
2015-09-24 16:51 - 2015-09-24 16:51 - 00002906 _____ C:\Windows\System32\Tasks\SparkTrust Update Version3_triggeronce
2015-09-24 16:51 - 2015-09-24 16:51 - 00002704 _____ C:\Windows\System32\Tasks\SparkTrust PC Cleaner Plus Startup
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\ProgramData\SparkTrust
2015-09-24 16:51 - 2015-09-24 16:51 - 00000000 ____D C:\Program Files (x86)\SparkTrust
2015-09-23 20:20 - 2015-09-23 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-23 19:40 - 2015-09-23 19:40 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-09-21 10:59 - 2015-09-23 19:34 - 00000358 _____ C:\Windows\Tasks\HPCeeScheduleForNancy.job
2015-09-21 10:59 - 2015-09-21 10:59 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForNancy
2015-09-13 19:29 - 2015-09-23 20:33 - 00002994 _____ C:\Windows\System32\Tasks\LAUNCH CDPCO
2015-09-11 15:59 - 2015-09-11 15:59 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-09-09 03:23 - 2015-09-09 03:23 - 00023152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgboota.sys
2015-09-08 16:42 - 2015-08-26 22:48 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 16:42 - 2015-08-26 14:00 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 16:42 - 2015-08-26 14:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 16:42 - 2015-08-26 10:46 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 16:42 - 2015-08-26 10:29 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 16:42 - 2015-08-26 10:27 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 16:42 - 2015-08-26 10:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 16:42 - 2015-08-26 10:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 16:41 - 2015-07-30 13:18 - 00268288 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 16:41 - 2015-07-30 12:22 - 00230912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 16:40 - 2015-09-02 22:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 16:40 - 2015-09-02 22:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 16:40 - 2015-09-02 14:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 16:40 - 2015-09-02 13:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 16:40 - 2015-08-22 14:19 - 25188352 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:35 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 16:40 - 2015-08-22 13:34 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 16:40 - 2015-08-22 13:22 - 19856384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 16:40 - 2015-08-22 13:21 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 16:40 - 2015-08-22 13:20 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:55 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 16:40 - 2015-08-22 12:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 16:40 - 2015-08-22 12:44 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:41 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 16:40 - 2015-08-22 12:41 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:39 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:28 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 16:40 - 2015-08-22 12:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 16:40 - 2015-08-22 12:23 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-09-08 16:40 - 2015-08-22 12:22 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 16:40 - 2015-08-22 12:20 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 16:40 - 2015-08-22 12:18 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 16:40 - 2015-08-22 12:18 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 16:40 - 2015-08-22 12:14 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 16:40 - 2015-08-22 12:01 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 16:40 - 2015-08-22 12:00 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 16:40 - 2015-08-22 11:56 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 16:40 - 2015-08-22 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 16:40 - 2015-07-22 10:34 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 16:40 - 2015-07-22 10:33 - 01728000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2015-09-08 16:40 - 2015-07-22 10:25 - 02461184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-08 16:40 - 2015-07-22 10:25 - 01546752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 16:40 - 2015-07-18 14:31 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-09-08 16:40 - 2015-07-18 14:29 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2015-09-08 16:40 - 2015-07-18 14:29 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2015-09-08 16:40 - 2015-07-18 14:27 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2015-09-08 16:39 - 2015-09-01 22:56 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 16:39 - 2015-09-01 22:55 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:50 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 16:39 - 2015-09-01 22:17 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 16:39 - 2015-09-01 22:13 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00074928 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 16:39 - 2015-08-03 17:15 - 00065600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 16:39 - 2015-08-01 10:22 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 16:39 - 2015-07-31 23:47 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2015-09-08 16:39 - 2015-07-31 23:38 - 01265152 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 16:39 - 2015-07-31 23:37 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-09-08 16:39 - 2015-07-31 23:37 - 00359936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2015-09-08 16:39 - 2014-10-28 22:46 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 16:39 - 2014-10-28 22:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 16:39 - 2014-10-28 22:28 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-05 21:07 - 2015-09-05 21:07 - 00000000 ____D C:\Program Files (x86)\Sling Media
2015-09-05 16:15 - 2015-09-23 20:34 - 00003166 _____ C:\Windows\System32\Tasks\MyCleanPC PC Optimizer
2015-09-05 16:15 - 2015-09-13 18:58 - 00000480 _____ C:\Windows\Tasks\USTSPCO-USTSPCOOneClickCare.job
2015-09-05 16:15 - 2015-09-05 16:15 - 00003334 _____ C:\Windows\System32\Tasks\USTSPCO-USTSPCOOneClickCare
2015-09-05 16:15 - 2015-09-05 16:15 - 00001884 _____ C:\Users\Public\Desktop\MyCleanPC PC Optimizer.lnk
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\USTechSupport
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyCleanPC
2015-09-05 16:15 - 2015-09-05 16:15 - 00000000 ____D C:\Program Files (x86)\USTechSupport
2015-09-05 16:14 - 2015-09-07 13:26 - 00000000 ____D C:\ProgramData\USTechSupport
2015-09-05 16:12 - 2015-09-05 16:12 - 01774656 _____ (US Tech Support LLC) C:\Users\Nancy\Downloads\MyCleanPC (1).exe
2015-09-05 16:11 - 2015-09-05 16:12 - 01774656 _____ (US Tech Support LLC) C:\Users\Nancy\Downloads\MyCleanPC.exe
2015-09-05 15:49 - 2015-09-05 15:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-09-05 15:48 - 2015-09-05 15:49 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Nancy\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-05 15:45 - 2015-09-05 15:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_E912C09A-0944-4FD0-A697-3AB6DAE93ECB_.exe
2015-09-05 15:44 - 2015-09-05 15:44 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_08B2ABDE-2D60-4F0E-9F04-6DA2350D5153_.exe
2015-09-05 14:57 - 2015-09-05 14:57 - 00000000 ____D C:\ProgramData\VIPRE
2015-09-05 14:47 - 2015-09-24 22:03 - 00000458 _____ C:\Windows\Tasks\MyTurboPC Startup.job
2015-09-05 14:47 - 2015-09-19 18:00 - 00000502 _____ C:\Windows\Tasks\MyTurboPC.com Registration3.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000577 _____ C:\Windows\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000466 _____ C:\Windows\Tasks\MyTurboPC.com Update3_triggeronce.job
2015-09-05 14:47 - 2015-09-13 18:58 - 00000466 _____ C:\Windows\Tasks\MyTurboPC.com Update3.job
2015-09-05 14:47 - 2015-09-05 14:47 - 00003998 _____ C:\Windows\System32\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64
2015-09-05 14:47 - 2015-09-05 14:47 - 00003260 _____ C:\Windows\System32\Tasks\MyTurboPC.com Update3
2015-09-05 14:47 - 2015-09-05 14:47 - 00003146 _____ C:\Windows\System32\Tasks\MyTurboPC.com Registration3
2015-09-05 14:47 - 2015-09-05 14:47 - 00002924 _____ C:\Windows\System32\Tasks\MyTurboPC.com Update3_triggeronce
2015-09-05 14:47 - 2015-09-05 14:47 - 00002604 _____ C:\Windows\System32\Tasks\MyTurboPC Startup
2015-09-05 14:47 - 2015-09-05 14:47 - 00001183 _____ C:\Users\Nancy\Desktop\MyTurboPC.lnk
2015-09-05 14:47 - 2015-09-05 14:47 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\MyTurboPC.com
2015-09-05 14:47 - 2015-09-05 14:47 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyTurboPC.com
2015-09-05 14:46 - 2015-09-05 14:47 - 00000000 ____D C:\ProgramData\MyTurboPC.com
2015-09-05 14:46 - 2015-09-05 14:46 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_8F3216E8-B200-46DE-8FD9-C8C958C99F88_.exe
2015-09-05 14:46 - 2015-09-05 14:46 - 00000000 ____D C:\Program Files (x86)\MyTurboPC.com
2015-09-05 14:45 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_37E31300-5559-423E-8D80-65F996E2F104_.exe
2015-09-05 14:45 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_0177B9D3-5778-418F-BC36-E1CC3DDC43B6_.exe
2015-09-05 14:44 - 2015-09-05 14:45 - 06431232 _____ (MyTurboPC.com) C:\Users\Nancy\Downloads\Myturbopc_22D10C6C-B269-4E1A-AC26-B5601B2689C9_.exe
2015-09-04 10:51 - 2015-09-04 10:51 - 00013225 _____ C:\Users\Nancy\Downloads\PC_2015_HW_1st_semester_docx
2015-08-31 23:45 - 2015-08-31 23:45 - 00314800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-08-29 10:49 - 2015-08-29 10:49 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (4).html
2015-08-29 10:49 - 2015-08-29 10:49 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (3).html
2015-08-26 18:05 - 2015-08-26 18:05 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (2).html
2015-08-26 17:57 - 2015-08-26 17:57 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You.html
2015-08-26 17:57 - 2015-08-26 17:57 - 00288487 _____ C:\Users\Nancy\Downloads\Thank You (1).html
2015-08-26 17:54 - 2015-08-26 17:54 - 00008524 _____ C:\Users\Nancy\Downloads\University Bookstore - Your Order.html

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-25 19:02 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-09-25 18:58 - 2015-07-22 16:23 - 01462411 _____ C:\Windows\WindowsUpdate.log
2015-09-25 16:05 - 2015-01-30 17:28 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-25 16:05 - 2014-12-25 20:46 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2755095785-517186114-2926042947-1001
2015-09-25 15:44 - 2014-12-25 14:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-24 22:08 - 2014-03-18 05:53 - 00956476 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-24 22:02 - 2015-01-30 17:28 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-24 22:01 - 2015-04-13 18:52 - 00002352 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-09-24 22:01 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-24 22:00 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-09-24 21:59 - 2014-12-25 17:30 - 00000000 ____D C:\Users\Nancy
2015-09-24 21:56 - 2015-01-30 17:47 - 00002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-24 17:17 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-09-24 17:13 - 2013-08-22 11:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-09-24 16:31 - 2015-04-16 19:33 - 00000000 ____D C:\Users\Nancy\AppData\Roaming\Skype
2015-09-23 21:13 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-09-23 21:01 - 2015-01-11 21:15 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-23 20:20 - 2015-04-16 19:33 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-23 20:20 - 2015-04-16 19:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-23 20:20 - 2015-04-16 19:33 - 00000000 ____D C:\ProgramData\Skype
2015-09-23 19:35 - 2014-12-25 15:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-21 10:55 - 2014-12-29 12:44 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-18 17:59 - 2015-01-30 17:28 - 00003904 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-18 17:59 - 2015-01-30 17:28 - 00003668 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 20:47 - 2014-12-25 17:30 - 00000000 ____D C:\Users\Nancy\AppData\Local\Packages
2015-09-15 20:17 - 2015-01-12 15:57 - 00003104 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2755095785-517186114-2926042947-1001
2015-09-15 20:17 - 2015-01-12 15:57 - 00000000 ___RD C:\Users\Nancy\OneDrive
2015-09-15 16:58 - 2015-01-30 17:28 - 00000000 ____D C:\Users\Nancy\AppData\Local\Google
2015-09-14 21:18 - 2013-08-22 11:38 - 00812008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-14 21:18 - 2013-08-22 11:38 - 00178152 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-14 19:09 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\NDF
2015-09-13 19:23 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-09-13 18:58 - 2013-08-22 10:44 - 00486992 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-13 18:57 - 2014-03-18 05:38 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-13 18:57 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-13 18:55 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-09-08 16:51 - 2015-01-29 16:59 - 00000000 ____D C:\Windows\system32\MRT
2015-09-05 16:13 - 2015-07-22 16:11 - 00001121 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-05 16:13 - 2014-12-25 14:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-05 16:13 - 2014-12-25 14:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-05 14:20 - 2014-09-19 12:23 - 00000000 ___HD C:\hp
2015-08-26 18:37 - 2015-01-29 16:59 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2015-09-05 14:47 - 2015-09-25 15:40 - 0000115 _____ () C:\Users\Nancy\AppData\Roaming\LogFile.txt

Some files in TEMP:
====================
C:\Users\Nancy\AppData\Local\Temp\avg-0ab87223-c2a5-496e-8a4e-34787b05407c.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-09-19 20:56

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Nancy (2015-09-25 19:03:23)
Running from C:\Users\Nancy\Downloads
Windows 8.1 Connected (X64) (2014-12-25 21:30:22)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2755095785-517186114-2926042947-500 - Administrator - Disabled)
Guest (S-1-5-21-2755095785-517186114-2926042947-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2755095785-517186114-2926042947-1003 - Limited - Enabled)
Nancy (S-1-5-21-2755095785-517186114-2926042947-1001 - Administrator - Enabled) => C:\Users\Nancy

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG AntiVirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{FF054A8C-C0A4-4C78-8910-E2A459BEFF05}_AdAwareUpdater) (Version: 11.6.306.7947 - Lavasoft)
AdAwareInstaller (Version: 11.6.306.7947 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.6.306.7947 - Lavasoft) Hidden
Adobe Reader XI (11.0.07)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
AVG (Version: 16.3.7134 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4431 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.3.7134 - AVG Technologies)
Brother MFL-Pro Suite MFC-495CW (HKLM-x32\...\{0A02D347-5E53-48A5-BC49-1469393103FA}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FMW 1 (Version: 1.11.3 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{C925BFCB-DB7B-486A-B551-D637E054FC02}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{403E9EFF-C4B4-4308-BA4E-7093B6BA03D5}) (Version: 2.5.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2210 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3925 - Intel Corporation)
Intel® Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
MyCleanPC PC Optimizer (HKLM-x32\...\{6AAEB4CB-0573-41ec-89B0-0FE0D5134A8B}_is1) (Version: 2.0.648.15898 - USTechSupport)
MyTurboPC (HKLM-x32\...\{A2F37CA8-53F8-4594-B701-32AE64BAED1A}) (Version: 3.2.15.0 - MyTurboPC.com)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.21 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29081 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7339 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.37 - REALTEK Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
ShopAtHome.com Helper (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\ShopAtHome.com Helper) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
ShopAtHome.com Toolbar (HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\ShopAtHome.com Toolbar) (Version: 7.10.2.10 - ShopAtHome.com) <==== ATTENTION
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.11 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.11.102 - Skype Technologies S.A.)
Slingplayer Desktop (x32 Version: 5.0.0.83 - Sling Media) Hidden
SlingPlayer for Web (HKLM-x32\...\{576AB4FA-71CB-4530-9EA2-91308367C169}) (Version: 2.4.0130 - Sling Media)
Slingplayer-Desktop (HKLM-x32\...\{176cb1f2-7151-4061-9811-46494cdc407d}) (Version: 5.0.0.83 - Sling Media)
SparkTrust PC Cleaner Plus (HKLM-x32\...\{35827710-D042-428B-A1E5-E20E12D2FEB9}) (Version: 3.2.15.0 - SparkTrust) <==== ATTENTION
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.20.0 - Synaptics Incorporated)
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{F02C6726-D7AA-472F-8706-9A1F3D8FB1DE}) (Version: 1.13.0103 - SAMSUNG)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Restore Points =========================

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DE708E-8DF4-4DD0-870A-6685A53B8B75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {10AA5549-A9E4-4D02-8DD4-ACFEE070C6B1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {1830144F-9C58-475A-B18B-E05F5434E42C} - System32\Tasks\SparkTrust Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll" RunUns <==== ATTENTION
Task: {2319EBB2-7087-4839-9087-4767F0B8137F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {242261B8-A6B1-4267-855C-144072E1A432} - System32\Tasks\MyTurboPC.com Update3 => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-05] (MyTurboPC.com)
Task: {32C0E328-F603-4A8D-A35D-CC5393B4EDDE} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2755095785-517186114-2926042947-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {3625A495-5EE6-42D2-A13B-C0371EDE2E72} - System32\Tasks\SparkTrust PC Cleaner Plus Startup => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2014-12-24] (SparkTrust) <==== ATTENTION
Task: {4144C2B6-87A1-413E-9120-718C08D5CDAE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {4D9F8C2B-6A75-4BE8-BB27-8B3CBE1C7DB4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {55CCD6F1-44F0-4962-8A2C-A9CEE3E2F62C} - System32\Tasks\USTSPCO-USTSPCOOneClickCare => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {56E383DB-059E-4B93-9D48-C0E60A713D2E} - System32\Tasks\MyCleanPC PC Optimizer => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {581DBA5D-7E3A-495B-A763-8FB53CBFC117} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {6C111822-8E5F-45C7-8FD0-5B1FAC6EE830} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6CA727A3-A3A8-47EA-BFB3-C9566D173342} - System32\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64 => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe [2014-12-24] (SparkTrust) <==== ATTENTION
Task: {7583B6E2-4ED0-4675-86C0-C046B6D0AF71} - System32\Tasks\SparkTrust Update Version3 => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-12-24] (SparkTrust Systems) <==== ATTENTION
Task: {80EF6388-744D-4D14-9B43-5CBDF701BE6A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {90A4EB09-3DF2-45E5-99DE-72260B1C75E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {963D6E64-D1D1-469C-AE97-7D7282536488} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {998C23A9-75A9-4A63-8B6A-397A9243A621} - System32\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64 => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-05] (MyTurboPC.com) <==== ATTENTION
Task: {9CACEE26-5BB9-4EB5-8372-E133DD93DBE7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {A3078759-BD5B-4A7E-86E8-5CB998EA2F53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {BF60C6DC-DBD1-4A9F-ADBC-4476A1349BE0} - System32\Tasks\MyTurboPC.com Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll" RunUns
Task: {C79E25CA-D9B3-45AB-B8A1-81FE4D586E4A} - System32\Tasks\MyTurboPC Startup => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe [2015-01-05] (MyTurboPC.com)
Task: {C85B479E-97A1-4EF8-9B01-EC48995621ED} - System32\Tasks\LAUNCH CDPCO => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe
Task: {C87267EB-EFB1-4141-89DF-A19EB9C6AA3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-07-31] (Hewlett-Packard)
Task: {CB3719FF-E3C0-4104-898A-F974235C9FD2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-09-11] (Microsoft Corporation)
Task: {DA855489-301E-4DF6-BFCF-0D793019A181} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-02] (AVAST Software)
Task: {E070C901-EA62-4346-9233-CD7B60377757} - System32\Tasks\MyTurboPC.com Update3_triggeronce => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe [2015-01-05] (MyTurboPC.com)
Task: {E1A9C012-36BE-41F9-AA9C-16B7861970AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-11] (Microsoft Corporation)
Task: {E434F29D-D4F4-427A-9EAB-2A64824C4F5F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-22] (Hewlett-Packard Company)
Task: {EE4C065F-49D0-47D1-A923-8DF7BF7B346C} - System32\Tasks\SparkTrust Update Version3_triggeronce => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe [2014-12-24] (SparkTrust Systems) <==== ATTENTION
Task: {F11CE7F3-C7FB-4D5C-BE42-794935648342} - System32\Tasks\HPCeeScheduleForNancy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForNancy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MyTurboPC Startup.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe8C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe
Task: C:\Windows\Tasks\MyTurboPC.com Registration3.job => C:\Windows\system32\rundll32.exeIC:\Program Files (x86)\Common Files\MyTurboPC.com\UUS3\UUS3.dll RunUns7C:\Program Files (x86)\Common Files\MyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC.com Update3.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3Nancy_laptop\NancyMyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC.com Update3_triggeronce.job => c:\program files (x86)\common files\myturbopc.com\uus3\Update3.exe7c:\program files (x86)\common files\myturbopc.com\uus3Nancy_laptop\NancyMyTurboPC.com
Task: C:\Windows\Tasks\MyTurboPC_sch_927E79CE-53FE-11E5-8287-1008B1C42F64.job => C:\Program Files (x86)\MyTurboPC.com\MyTurboPC\mtpc.exe2 /schedule:927E79CE-53FE-11E5-8287-1008B1C42F64 C:\Program Files (x86)\MyTurboPC.com <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust PC Cleaner Plus Startup.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exeYC:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust PC Cleaner Plus_sch_04AA6993-62FE-11E5-8289-1008B1C42F64.job => C:\Program Files (x86)\SparkTrust\SparkTrust PC Cleaner Plus\SparkTrustPCCleanerPlus.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Registration3.job => C:\Windows\system32\rundll32.exeFC:\Program Files (x86)\Common Files\SparkTrust\UUS3\UUS3.dll <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Update Version3.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\Windows\Tasks\SparkTrust Update Version3_triggeronce.job => c:\program files (x86)\common files\sparktrust\uus3\Update3.exe <==== ATTENTION
Task: C:\Windows\Tasks\USTSPCO-USTSPCOOneClickCare.job => C:\Program Files (x86)\USTechSupport\PC Optimizer\USTSPCO.exe

==================== Loaded Modules (Whitelisted) ==============

2014-10-20 00:37 - 2014-07-04 14:24 - 00094936 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-01-11 21:15 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-10 18:47 - 2015-03-10 18:47 - 00720760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareService.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00107024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_thread-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00024080 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_system-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00055320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_date_time-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00125464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_filesystem-vc100-mt-1_57.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00033296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_chrono-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 12745216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareServiceKernel.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03396064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\RCF.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00785936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_regex-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00744960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareActivation.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00480272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareApplicationUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00812032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareGamingMode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00099312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareReset.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00119792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTime.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdater.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00868896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareDefinitionsUpdaterScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01108992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIgnoreList.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00247808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareQuarantine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01013256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiMalwareEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00211464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiRootkitEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01177608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerHistory.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01302008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScanner.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00034832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_timer-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00977416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareScannerScheduler.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01143824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00237568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareIncompatibles.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00893432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiSpam.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00847872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAntiPhishing.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 03104776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareParentalControl.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02958848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareWebProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01288712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareEmailProtection.dll
2015-03-10 18:51 - 2015-03-10 18:51 - 00053272 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_iostreams-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01293832 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNetworkProtection.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePromo.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00366584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareFeedback.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02787344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareThreatWorkAlliance.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01232888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwarePinCode.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00969208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareNotice.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00963576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareAvcEngine.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 01184792 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareRealTimeProtectionHistory.dll
2015-04-06 18:40 - 2005-04-22 13:36 - 00143360 ____N () C:\Windows\system32\BrSNMP64.dll
2015-09-15 07:04 - 2015-08-11 23:15 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02756616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareShellExtension.dll
2015-04-06 18:40 - 2012-09-25 11:26 - 01163264 ____N () C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
2015-03-10 18:50 - 2015-03-10 18:50 - 09566192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTray.exe
2015-03-10 18:51 - 2015-03-10 18:51 - 00499728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\boost_locale-vc100-mt-1_57.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 02144248 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\HtmlFramework.dll
2015-03-10 18:50 - 2015-03-10 18:50 - 00869896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.6.306.7947\AdAwareTrayDefaultSkin.dll
2015-08-02 12:56 - 2015-08-02 12:56 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-02 12:56 - 2015-08-02 12:56 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-24 16:54 - 2015-09-24 16:54 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092401\algo.dll
2015-09-25 19:01 - 2015-09-25 19:01 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092501\algo.dll
2015-07-15 14:24 - 2015-07-15 14:24 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-06 18:40 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-09-24 17:09 - 2015-09-24 17:05 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-09-15 07:04 - 2015-08-11 20:57 - 08900672 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2755095785-517186114-2926042947-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Signature\Signature01.jpg
DNS Servers: 75.114.81.1 - 75.114.81.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdAwareTray"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "ShopAtHomeUpdater"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "ShopAtHomeWatcher"
HKU\S-1-5-21-2755095785-517186114-2926042947-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2C7FF619-9478-4BB3-9AE4-E632B0D7FB27}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{FAA03678-478D-4248-9FB9-7B88B027B3BF}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E97BD0D6-3A5A-45A0-8193-2B283DB04E4F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{9FE9253F-C97F-45C1-B9CF-6712EF3CBE4E}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08l\FAXRX.exe
FirewallRules: [{8626CDD7-D6AF-47C3-83A5-3A99106BA5B8}] => (Allow) C:\Program Files (x86)\Brother\Brmfl08l\FAXRX.exe
FirewallRules: [{635591C6-9564-4B19-9B24-46FEB697F121}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{1405BB47-C197-4E21-B3D4-C83AE0B75810}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2B87F89D-0CA5-42E3-B711-A71CA0A2A064}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B2555AE1-43B4-4858-9138-0B9F3411DD18}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Allow) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [UDP Query User{887C8927-2368-48F8-895A-8CC368C92C82}C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe] => (Allow) C:\program files (x86)\slingplayer desktop\slingplayer desktop.exe
FirewallRules: [{F76C031A-A1A3-4FD0-A1EF-75F85F36976E}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{A410ABB6-79E0-4457-B67F-69678F08AD24}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{354E12C4-DA3B-4953-9B65-B4A2906DD300}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{09562B70-BAE8-49AD-865A-F3123667FD12}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2A9AD010-BB5B-497D-B9CB-E2FE3E1557CE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{A8D35B1B-EB8C-4248-85A2-E2C0FFC2F897}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{A88807BD-E6F8-4706-96F7-2AD87B67A3D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5E734FCC-0DBF-4AEB-9E19-711C07A71679}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A18B9D06-C374-4F70-9DD3-D18A22B4B8B9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{26CA07AA-290D-4430-91CD-99A5A8B15056}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{4A4CC8E5-D6FF-40C5-875B-737BCA85E85A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{BD59CCC6-3A4D-48B5-92B1-743DEEF68763}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{7C5E4B52-4171-4576-A4C2-DDDD080418D2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C3C2ED05-626D-480B-B147-7277038AB76D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.525]: [00006568]:    Don't Create FileMapping!!!!

Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.522]: [00006568]:    FrendlyName : Brother MFC-495CW Printer

Error: (09/25/2015 07:02:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:02:18.520]: [00006568]:    Error : ExecMonitor()

Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.520]: [00006568]:    Don't Create FileMapping!!!!

Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.519]: [00006568]:    FrendlyName : Brother MFC-495CW Printer

Error: (09/25/2015 07:00:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 19:00:18.517]: [00006568]:    Error : ExecMonitor()

Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.524]: [00006568]:    Don't Create FileMapping!!!!

Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.523]: [00006568]:    FrendlyName : Brother MFC-495CW Printer

Error: (09/25/2015 06:58:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:58:18.516]: [00006568]:    Error : ExecMonitor()

Error: (09/25/2015 06:56:18 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2015/09/25 18:56:18.521]: [00006568]:    Don't Create FileMapping!!!!

System errors:
=============
Error: (09/24/2015 10:00:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%16389

Error: (09/24/2015 05:16:30 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/24/2015 04:40:44 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/23/2015 09:13:34 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (09/23/2015 09:13:04 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (09/23/2015 08:42:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.

Error: (09/23/2015 07:46:26 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/23/2015 07:34:55 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:23:24 PM on ‎9/‎23/‎2015 was unexpected.

Error: (09/20/2015 07:37:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 47.

Error: (09/19/2015 08:57:36 PM) (Source: DCOM) (EventID: 10010) (User: Nancy_laptop)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

==================== Memory info ===========================

Processor: Intel® Celeron® CPU N2840 @ 2.16GHz
Percentage of memory in use: 82%
Total physical RAM: 1939.04 MB
Available physical RAM: 343.71 MB
Total Virtual: 3878.09 MB
Available Virtual: 1447.49 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:21.36 GB) (Free:2.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: BF06539F)

Partition: GPT.

==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)
You can't have more then 1 Anti Virus program running, it will cause issues. What Anti Virus program do want to keep ?  I would suggest keeping Avast and uninstall AVG, Ad-Aware AntiVirus and these programs below:
 
To do that
 
Click start, control panel, programs an features in the list find these programs and uninstall them.
  • Ad-Aware Antivirus
  • AVG Protection
  • MyCleanPC PC Optimizer
  • MyTurboPC
  • ShopAtHome.com Helper
  • ShopAtHome.com Toolbar
  • SparkTrust PC Cleaner Plus
     
    If a program will not uninstall skip it and let me know. I'm currently reviewing the log files.

  • 0

#3
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP