I'm going to paste them in so everything is in 1 place. I took out the Microsoft files so it fits.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Beatrice (administrator) on BEATRICE on 30-03-2015 18:05:29
Running from C:\Users\Beatrice\Desktop
Loaded Profiles: Beatrice (Available profiles: Beatrice)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo...very-scan-tool/==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(BitTorrent Inc.) C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Dropbox, Inc.) C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-07-23] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Beatrice\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=866453ef907a47d2a1e59913f05f23cd-7b0c96f9aa992d7393c82dd82ae949bc32978813 /CMPID=0214c
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [uTorrent] => C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe [1374032 2015-01-15] (BitTorrent Inc.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BlackBerryLink.exe] => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-12] (Adobe Systems, Inc.)
AppInit_DLLs-x32: acaptuser32.dll => "acaptuser32.dll" File Not Found
Startup: C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Beatrice\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:59220;https=127.0.0.1:59220
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/HPCON14/4HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.comHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
http://www.google.comHKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPCON14/4HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPCON14/4HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://g.msn.com/HPCON14/4SearchScopes: HKLM -> {4A033BE2-44B8-4954-BB49-126C850FAF6E} URL =
http://www.amazon.ca...s={searchTerms}SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
http://rover.ebay.co...56705-11896-0/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3281177217-869368764-2006139627-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-24]
CHR Extension: (Google Drive) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-24]
CHR Extension: (YouTube) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-24]
CHR Extension: (Google Search) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-24]
CHR Extension: (Gmail) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-24]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-06] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-26] (Macrovision Europe Ltd.) [File not signed]
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-07-23] (Hewlett-Packard Development Company, L.P.)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-26] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S2 mcbootdelaystartsvc; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-07] (Advanced Micro Devices, INC.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [280544 2015-02-24] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-02-20] (AVG Technologies CZ, s.r.o.)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (
http://libusb-win32.sourceforge.net)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-06-23] (Research in Motion Limited)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-09-20] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 clwvd; \SystemRoot\system32\DRIVERS\clwvd.sys [X]
U3 McMPFSvc; No ImagePath
U3 McNaiAnn; No ImagePath
U3 mcpltsvc; No ImagePath
U3 McProxy; No ImagePath
U3 mfecore; No ImagePath
U3 MSK80Service; No ImagePath
S0 nbsx; System32\drivers\qhjejf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 18:03 - 2015-03-30 18:03 - 00003217 _____ () C:\Users\Beatrice\Desktop\Virus, Spyware, Malware Removal - Geeks to Go Forum.lnk
2015-03-30 17:43 - 2015-03-30 17:44 - 00022346 _____ () C:\Users\Beatrice\Desktop\Addition.txt
2015-03-30 17:39 - 2015-03-30 18:05 - 00019512 _____ () C:\Users\Beatrice\Desktop\FRST.txt
2015-03-30 17:38 - 2015-03-30 18:05 - 00000000 ____D () C:\FRST
2015-03-30 17:36 - 2015-03-30 17:36 - 02095616 _____ (Farbar) C:\Users\Beatrice\Desktop\FRST64.exe
2015-03-30 17:19 - 2015-03-30 17:20 - 02095616 _____ (Farbar) C:\Users\Beatrice\Downloads\FRST64.exe
2015-03-29 22:42 - 2015-03-29 22:42 - 02208768 _____ () C:\Users\Beatrice\Downloads\AdwCleaner (2).exe
2015-03-29 22:41 - 2015-03-29 22:41 - 02208768 _____ () C:\Users\Beatrice\Downloads\AdwCleaner (1).exe
2015-03-29 22:27 - 2015-03-29 22:27 - 01389240 _____ (Thisisu) C:\Users\Beatrice\Downloads\JRT (3).exe
2015-03-29 22:26 - 2015-03-29 22:27 - 01389240 _____ (Thisisu) C:\Users\Beatrice\Downloads\JRT (2).exe
2015-03-25 23:40 - 2015-03-25 23:40 - 00250637 _____ () C:\Users\Beatrice\Downloads\flyer.zip
2015-03-20 14:13 - 2015-03-30 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-03-14 15:10 - 2012-07-04 11:55 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNQ2414C.dll
2015-03-14 15:10 - 2012-07-04 11:55 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNQ2414I.dll
2015-03-14 15:10 - 2012-07-04 11:29 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414U.dll
2015-03-14 15:10 - 2010-12-17 14:49 - 00515072 _____ (CANON INC.) C:\Windows\system32\CNQ2414L.dll
2015-03-14 15:10 - 2010-12-17 14:49 - 00438272 _____ (CANON INC.) C:\Windows\SysWOW64\CNQ2414L.dll
2015-03-14 15:10 - 2010-03-19 10:04 - 00393256 _____ () C:\Windows\SysWOW64\CNQ2414N.DAT
2015-03-14 15:10 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-03-14 15:10 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-03-11 21:58 - 2015-03-14 05:50 - 00000000 ____D () C:\Users\Beatrice\Desktop\2014 pics
2015-03-11 08:43 - 2015-03-11 08:43 - 00001772 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-11 08:43 - 2015-03-11 08:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-11 08:42 - 2015-03-11 08:43 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-11 08:42 - 2015-03-11 08:43 - 00000000 ____D () C:\Program Files\iTunes
2015-03-11 08:42 - 2015-03-11 08:42 - 00000000 ____D () C:\Program Files\iPod
2015-03-11 08:42 - 2015-03-11 08:42 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-11 08:23 - 2015-03-05 22:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 08:23 - 2015-03-05 22:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 08:23 - 2015-02-25 19:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 08:23 - 2015-01-30 19:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 08:23 - 2015-01-30 19:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 08:23 - 2015-01-28 21:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 08:23 - 2015-01-28 21:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 08:23 - 2015-01-26 23:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 08:23 - 2015-01-23 21:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 08:23 - 2015-01-23 03:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 08:23 - 2015-01-23 01:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 08:22 - 2015-02-19 23:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 08:22 - 2015-02-19 22:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 08:22 - 2015-02-19 22:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 08:22 - 2015-02-19 22:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 08:22 - 2015-02-06 19:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-30 18:04 - 2014-04-04 21:48 - 00000000 ____D () C:\Users\Beatrice\AppData\Roaming\uTorrent
2015-03-30 17:31 - 2014-04-06 09:50 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-30 17:20 - 2014-02-24 22:32 - 01105538 _____ () C:\Windows\WindowsUpdate.log
2015-03-30 17:13 - 2014-02-24 22:57 - 00000000 ____D () C:\Users\Beatrice\AppData\Roaming\ClassicShell
2015-03-30 17:03 - 2014-02-24 22:49 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3281177217-869368764-2006139627-1002
2015-03-30 17:02 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-30 17:00 - 2014-06-10 22:36 - 00000000 ___RD () C:\Users\Beatrice\Dropbox
2015-03-30 17:00 - 2014-06-10 22:34 - 00000000 ____D () C:\Users\Beatrice\AppData\Roaming\Dropbox
2015-03-30 16:58 - 2014-04-06 09:50 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-30 16:58 - 2014-02-24 22:39 - 00000000 ____D () C:\Users\Beatrice
2015-03-30 05:45 - 2013-10-07 03:40 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-03-30 00:51 - 2013-08-26 02:09 - 00956476 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-30 00:46 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-30 00:46 - 2013-08-22 10:46 - 00045730 _____ () C:\Windows\setupact.log
2015-03-30 00:46 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-30 00:45 - 2014-03-31 20:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-30 00:45 - 2014-02-25 17:53 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-30 00:45 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\dsc
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ___SD () C:\Windows\system32\Configuration
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\InputMethod
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\IME
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\InputMethod
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\IME
2015-03-30 00:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\registration
2015-03-30 00:39 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Sysprep
2015-03-30 00:39 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\servicing
2015-03-30 00:38 - 2014-10-18 23:55 - 00000000 ____D () C:\ProgramData\AVG2015
2015-03-30 00:38 - 2014-04-07 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-30 00:38 - 2014-04-07 20:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-30 00:38 - 2014-02-25 18:02 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-03-30 00:38 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-30 00:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2015-03-30 00:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-30 00:33 - 2014-10-18 23:49 - 00000000 ____D () C:\Users\Beatrice\AppData\Local\Avg2015
2015-03-30 00:29 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-30 00:28 - 2014-02-25 18:03 - 00000000 ___HD () C:\$AVG
2015-03-29 22:46 - 2014-04-07 19:24 - 00000000 ____D () C:\AdwCleaner
2015-03-29 22:38 - 2013-08-26 02:01 - 00138560 _____ () C:\Windows\PFRO.log
2015-03-29 22:23 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer
2015-03-29 22:23 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-29 21:39 - 2014-04-07 20:20 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-29 21:39 - 2014-04-07 20:20 - 00001081 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-29 00:19 - 2014-02-24 22:43 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E86B3FDE-7E6F-4AC9-87C7-512C4E67B12B}
2015-03-24 06:24 - 2015-01-20 23:44 - 00000000 ____D () C:\Users\Beatrice\Documents\2015 registrations
2015-03-21 15:32 - 2014-04-06 09:51 - 00002170 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-20 14:23 - 2013-08-22 11:37 - 00006055 _____ () C:\Windows\DtcInstall.log
2015-03-20 14:17 - 2013-08-22 15:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-03-20 14:17 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\sppui
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\setup
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\inetsrv
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\SysWOW64\Com
2015-03-20 14:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-03-20 14:16 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-03-20 14:16 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\SystemResetPlatform
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sppui
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\setup
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\inetsrv
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Com
2015-03-20 14:15 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\IME
2015-03-20 14:15 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe
2015-03-20 14:15 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism
2015-03-20 14:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-03-20 14:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-03-20 14:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-03-20 14:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-03-20 08:51 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-20 08:43 - 2014-10-18 23:58 - 00000948 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-16 10:00 - 2014-07-05 11:17 - 00000000 ____D () C:\Users\Beatrice\Documents\ladies trips
2015-03-15 18:36 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-15 18:32 - 2013-08-22 11:36 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-03-15 18:32 - 2013-08-22 11:36 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2015-03-14 15:11 - 2013-08-22 11:36 - 00000000 __RSD () C:\Windows\Media
2015-03-14 03:24 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-13 17:37 - 2014-06-10 22:36 - 00001084 _____ () C:\Users\Beatrice\Desktop\Dropbox.lnk
2015-03-13 17:37 - 2014-06-10 22:35 - 00000000 ____D () C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-13 03:44 - 2014-02-26 17:49 - 00000000 ____D () C:\Users\Beatrice\AppData\Local\Microsoft Help
2015-03-12 07:09 - 2014-02-24 22:47 - 00000000 ___RD () C:\Users\Beatrice\SkyDrive
2015-03-12 07:06 - 2013-08-22 10:44 - 00489376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-11 23:39 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-11 23:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-11 22:45 - 2014-02-26 17:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 22:35 - 2014-02-26 18:21 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-11 22:25 - 2014-02-26 18:20 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 22:21 - 2014-02-26 17:58 - 00000039 _____ () C:\Windows\vbaddin.ini
2015-03-11 21:56 - 2014-07-01 15:43 - 00275456 ___SH () C:\Users\Beatrice\Desktop\Thumbs.db
2015-03-11 08:42 - 2014-06-23 22:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-03-11 08:42 - 2014-04-04 22:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-04 17:24 - 2014-12-12 23:19 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-04 17:24 - 2014-12-12 23:19 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-02 00:07 - 2014-03-30 14:01 - 00000000 ____D () C:\Users\Beatrice\Documents\2014 registrations
==================== Files in the root of some directories =======
2014-04-06 09:24 - 2014-04-06 09:24 - 0000000 _____ () C:\Users\Beatrice\AppData\Roaming\bitlord_log.txt
2014-09-29 23:04 - 2014-10-05 22:22 - 0000385 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.Exception.log
2014-09-29 23:03 - 2014-10-19 05:53 - 0001937 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-09-29 23:04 - 2014-10-05 22:22 - 0000385 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-25 19:37 - 2015-01-25 19:37 - 0003584 _____ () C:\Users\Beatrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-01 21:59 - 2014-03-01 21:59 - 0000057 _____ () C:\ProgramData\Ament.ini
Some content of TEMP:
====================
C:\Users\Beatrice\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpc_xnve.dll
C:\Users\Beatrice\AppData\Local\Temp\ose00000.exe
C:\Users\Beatrice\AppData\Local\Temp\Quarantine.exe
C:\Users\Beatrice\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-28 08:06
==================== End Of Log ============================