Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot run any antivirus programs [Closed]


  • This topic is locked This topic is locked

#1
amymacca23

amymacca23

    New Member

  • Member
  • Pip
  • 3 posts

Hi, I'm hoping someone can help me...  I use AVG free, never had an issue before, but just the past couple of days I cannot get any virus protection to run.  AVG has stopped working, Malwarebytes won't work. I even purchased one and after that one downloaded I can't even get that to run.  I can download them, but when it gets to the permission pop up box thing, I click Yes but nothing happens. All other programs seem to be fine, it's just the anti-virus stuff that I can't run.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2015
Ran by Elliott (administrator) on ELLIOTT-HP on 15-04-2015 10:01:18
Running from C:\Users\Elliott\Desktop
Loaded Profiles: Elliott (Available profiles: Elliott)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Elliott\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(TweakBit) C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2012-03-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2012-03-09] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-04-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Run: [Google Update] => C:\Users\Elliott\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-20] (Google Inc.)
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Run: [BackUp1356885495] => C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe [679936 2009-07-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\MountPoints2: {b42627be-3ba8-11e2-b21a-402cf421349f} - G:\LaunchU3.exe -a
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\MountPoints2: {b426286e-3ba8-11e2-b21a-402cf421349f} - G:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
Startup: C:\Users\Elliott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-252647834-942573617-265925035-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKU\S-1-5-21-252647834-942573617-265925035-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://au.search.ya...r=spigot-yhp-ie
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/we...&l=dis&o=HPNTDF
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://au.search.yah...psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> {9DBC6570-2E92-462A-9D56-2C72D54CD8D8} URL = https://au.search.ya...p={searchTerms}
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll No File
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL No File
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-13] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-13] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} -  No File
Toolbar: HKLM-x32 - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} -  No File
Toolbar: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\Elliott\AppData\Roaming\Mozilla\Firefox\Profiles\psedqwho.default-1424855180291
FF SelectedSearchEngine: Yahoo!
FF Homepage: www.google.com.au
FF Keyword.URL: https://au.search.ya...&type=926458&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_31\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-252647834-942573617-265925035-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-252647834-942573617-265925035-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-252647834-942573617-265925035-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Elliott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Elliott\AppData\Roaming\Mozilla\Firefox\Profiles\psedqwho.default-1424855180291\searchplugins\yahoo_ff.xml [2015-03-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: SmartPrintButton - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2012-06-17]

Chrome:
=======
CHR StartupUrls: Default -> "https://au.search.ya...&fr=yo-yhp-ch",
            "hxxp://www.google.com.au/"
CHR DefaultSearchKeyword: Default -> yahoo.com Search
CHR DefaultSearchURL: Default -> https://au.search.ya...p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.ya...d={searchTerms}
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.6.758\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Users\Elliott\AppData\Local\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Elliott\AppData\Local\Google\Chrome\Application\40.0.2214.115\internal-nacl-plugin No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Elliott\AppData\Local\Google\Chrome\Application\40.0.2214.115\pdf.dll No File
CHR Plugin: (HP Product Detection Plugin) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\plugins/npProductDetectPlugin.dll (Hewlett-Packard)
CHR Plugin: (HP Active Check Plugin) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\plugins/npAclmPlugin.dll (Hewlett-Packard)
CHR Plugin: (HP Pit Plugin) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\plugins/npPitPlugin.dll (Hewlett-Packard)
CHR Plugin: (HP Active Check Plugin) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\2.0.5.6_0\plugins/npIdfPlugin.dll (Hewlett-Packard)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.6) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 8.0.310.13) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 8 U31) - C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Unity Player) - C:\Users\Elliott\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll No File
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
CHR Profile: C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HP Product Detection Plugin) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp [2013-03-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-24]
CHR Extension: (YouTube) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-15]
CHR Extension: (Google Search) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-15]
CHR Extension: (Google Wallet) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Elliott\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-15]
StartMenuInternet: Google Chrome - C:\Users\Elliott\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSLPSVC; C:\Users\Elliott\AppData\Local\Temp\7zS4935\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2372096 2011-02-19] (Realsil Microelectronics Inc.) [File not signed]
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16000 2013-05-30] (Seagate Technology LLC)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 vToolbarUpdater14.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-20] (AVG Technologies)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [24576 2011-11-12] (LeapFrog)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
S3 BS1356885495; \??\C:\Users\Elliott\AppData\Local\Temp\NTFS.sys [X]
S3 CpqDfw; system32\drivers\CpqDfw.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnet; system32\DRIVERS\ZTEusbnet.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 10:01 - 2015-04-15 10:02 - 00027007 _____ () C:\Users\Elliott\Desktop\FRST.txt
2015-04-15 10:01 - 2015-04-15 10:01 - 00000000 ____D () C:\FRST
2015-04-15 09:59 - 2015-04-15 09:59 - 02096640 _____ (Farbar) C:\Users\Elliott\Desktop\FRST64.exe
2015-04-15 08:32 - 2015-04-15 08:42 - 14160536 _____ (Microsoft Corporation) C:\Users\Elliott\Downloads\mseinstall.exe
2015-04-15 08:31 - 2015-04-15 09:38 - 00000000 ____D () C:\ProgramData\BSD
2015-04-15 08:31 - 2015-04-15 08:31 - 00001201 _____ () C:\Users\Elliott\Desktop\TweakBit Driver Updater.lnk
2015-04-15 08:29 - 2015-04-15 08:31 - 00000000 ____D () C:\Windows\System32\Tasks\TweakBit
2015-04-15 08:29 - 2015-04-15 08:31 - 00000000 ____D () C:\ProgramData\TweakBit
2015-04-15 08:29 - 2015-04-15 08:31 - 00000000 ____D () C:\Program Files (x86)\TweakBit
2015-04-14 21:39 - 2015-04-14 21:32 - 21541880 _____ (Malwarebytes Corporation ) C:\Users\Elliott\Documents\mbam_premium.exe
2015-04-14 21:28 - 2015-04-14 21:32 - 21541880 _____ (Malwarebytes Corporation ) C:\Users\Elliott\Downloads\mbam_premium.exe
2015-04-14 21:08 - 2015-04-15 08:09 - 312338446 _____ () C:\Users\Elliott\Downloads\Game.of.Thrones.S05E01.HDTV.x264-Xclusive.mp4
2015-04-14 21:07 - 2015-04-14 21:07 - 00000000 ____D () C:\Users\Elliott\Downloads\Wentworth S03E01 PDTV XviD-FUM[ettv]
2015-04-14 19:39 - 2015-04-14 19:39 - 00000000 ____D () C:\Users\Elliott\AppData\Roaming\SparkTrust
2015-04-14 19:38 - 2015-04-14 21:12 - 00000000 ____D () C:\ProgramData\SparkTrust
2015-04-14 19:38 - 2015-04-14 19:38 - 00000000 ____D () C:\Program Files (x86)\SparkTrust
2015-04-14 19:12 - 2015-04-15 09:58 - 00000000 ____D () C:\Users\Elliott\AppData\Roaming\tor
2015-04-14 19:07 - 2015-04-14 19:07 - 00262144 _____ () C:\Windows\Minidump\041415-32448-01.dmp
2015-04-12 10:59 - 2015-04-12 10:59 - 00262144 _____ () C:\Windows\Minidump\041215-43742-01.dmp
2015-04-12 07:49 - 2015-04-13 09:55 - 00000000 ____D () C:\Users\Elliott\Downloads\2 Fast 2 Furious (2003) [1080p]
2015-04-11 20:03 - 2015-04-13 09:23 - 00000000 ____D () C:\Users\Elliott\Downloads\Sex Tape (2014)
2015-04-11 19:53 - 2015-04-11 23:16 - 788128411 _____ () C:\Users\Elliott\Downloads\The Fast And The Furious 1 2001 720p BRRip Dual Audio English Hindi GOPI SAHI PDR.mkv
2015-04-11 14:04 - 2015-04-12 23:56 - 01226652 _____ () C:\Windows\system32\CFG1356885495
2015-04-11 14:01 - 2015-04-11 14:01 - 00262144 _____ () C:\Windows\Minidump\041115-42198-01.dmp
2015-04-11 13:57 - 2015-04-11 13:58 - 00262144 _____ () C:\Windows\Minidump\041115-43617-01.dmp
2015-04-11 07:53 - 2015-04-11 08:21 - 00000000 ____D () C:\Users\Elliott\Downloads\The Fast and the Furious Complete Collection (2001-2013) + Extras
2015-04-09 20:37 - 2015-04-09 20:37 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{16653AD5-49B7-4245-BA22-58A04457C604}
2015-04-08 07:43 - 2015-04-08 07:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-07 07:34 - 2015-04-07 07:34 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-07 07:34 - 2015-04-07 07:34 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-06 17:14 - 2015-04-06 17:14 - 00074942 _____ () C:\Users\Elliott\Desktop\U7 United - 2015 Fixtures TTGCSC.xlsx
2015-04-01 18:14 - 2015-04-01 18:14 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{8EE02563-52E1-45B0-AAB9-8A81A72A7759}
2015-03-28 09:20 - 2015-03-28 09:20 - 00000000 ____D () C:\Program Files (x86)\pazera-software
2015-03-28 09:15 - 2015-03-28 09:15 - 00000000 ____D () C:\Users\Elliott\AppData\Local\videoconverter
2015-03-28 09:15 - 2015-03-28 09:15 - 00000000 ____D () C:\Users\Elliott\AppData\Local\Movavi
2015-03-28 09:14 - 2015-03-28 09:14 - 00000000 ____D () C:\ProgramData\Movavi
2015-03-25 15:33 - 2015-03-11 13:36 - 00943616 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-03-25 15:33 - 2015-03-11 13:36 - 00760832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-03-25 15:33 - 2015-03-11 13:36 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-03-25 15:33 - 2015-03-11 13:36 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-03-25 15:33 - 2015-03-11 13:35 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-03-25 15:33 - 2015-03-11 13:35 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-03-25 15:33 - 2015-03-11 13:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-03-25 15:33 - 2015-03-11 13:32 - 01107456 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-03-23 16:31 - 2015-03-23 16:32 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{9A7D358B-E72D-4D77-A5C7-C5362B6C46F1}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-15 09:54 - 2012-02-15 17:58 - 00114776 _____ () C:\Users\Elliott\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-15 09:47 - 2011-07-06 18:11 - 01091233 _____ () C:\Windows\WindowsUpdate.log
2015-04-15 09:29 - 2012-12-20 06:51 - 00000342 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-04-15 09:18 - 2012-02-15 18:12 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000UA.job
2015-04-15 09:18 - 2012-02-15 18:12 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000Core.job
2015-04-15 09:17 - 2012-09-26 08:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-15 08:31 - 2009-07-14 12:04 - 00000466 _____ () C:\Windows\win.ini
2015-04-15 08:21 - 2012-09-26 08:23 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 08:20 - 2015-02-06 08:19 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-15 08:20 - 2012-09-26 08:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 08:20 - 2012-03-27 08:00 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 08:19 - 2012-09-28 17:16 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2015-04-15 08:18 - 2012-09-28 17:16 - 00000000 ____D () C:\Users\Elliott\AppData\Local\PokerStars
2015-04-15 08:11 - 2012-02-15 20:06 - 00000000 ____D () C:\Users\Elliott\AppData\Roaming\uTorrent
2015-04-15 08:10 - 2009-07-14 14:15 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-15 08:10 - 2009-07-14 14:15 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-15 08:06 - 2009-07-14 14:43 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-15 08:00 - 2014-03-05 18:25 - 00000000 ___RD () C:\Users\Elliott\Dropbox
2015-04-15 08:00 - 2014-03-05 18:24 - 00000000 ____D () C:\Users\Elliott\AppData\Roaming\Dropbox
2015-04-15 07:59 - 2009-07-14 14:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-15 07:59 - 2009-07-14 14:21 - 00103537 _____ () C:\Windows\setupact.log
2015-04-15 07:25 - 2013-10-16 12:00 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{D640E227-1A42-4E4E-916E-F31049D1DF78}
2015-04-14 19:07 - 2012-03-11 14:22 - 461406327 _____ () C:\Windows\MEMORY.DMP
2015-04-14 19:07 - 2012-03-11 14:22 - 00000000 ____D () C:\Windows\Minidump
2015-04-13 07:53 - 2012-02-25 08:18 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2015-04-11 19:57 - 2012-04-15 18:54 - 00000000 ____D () C:\Users\Elliott\AppData\Local\CrashDumps
2015-04-11 13:59 - 2009-07-14 14:39 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-11 13:57 - 2010-11-21 13:17 - 00536168 _____ () C:\Windows\PFRO.log
2015-04-11 13:56 - 2009-07-14 12:50 - 00000000 ____D () C:\Windows\system32\sysprep
2015-04-11 09:53 - 2012-02-15 19:57 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-10 13:00 - 2014-03-05 18:25 - 00000000 ____D () C:\Users\Elliott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-10 12:01 - 2015-02-24 18:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-06 16:41 - 2012-02-15 18:12 - 00002372 _____ () C:\Users\Elliott\Desktop\Google Chrome.lnk
2015-03-31 19:56 - 2012-02-16 06:17 - 00000000 ____D () C:\Users\Elliott\AppData\Local\Adobe
2015-03-28 20:45 - 2012-02-15 17:54 - 00000000 ____D () C:\Users\Elliott\AppData\Local\VirtualStore
2015-03-28 09:15 - 2012-02-15 17:54 - 00000000 ____D () C:\Users\Elliott
2015-03-26 02:16 - 2014-12-11 02:34 - 00000000 ____D () C:\Windows\system32\appraiser
2015-03-26 02:16 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== Files in the root of some directories =======

2009-07-14 08:49 - 2009-07-14 10:44 - 0679936 _____ (Sun Microsystems, Inc.) C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe
2015-04-14 19:39 - 2015-04-14 20:23 - 0000115 _____ () C:\Users\Elliott\AppData\Roaming\LogFile.txt
2012-06-17 16:13 - 2012-06-17 16:13 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Elliott\AppData\Local\Temp\driver-updater-setup.exe
C:\Users\Elliott\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8taol.dll
C:\Users\Elliott\AppData\Local\Temp\ose00000.exe
C:\Users\Elliott\AppData\Local\Temp\UnInstallPlus500.exe
C:\Users\Elliott\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 00:55

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2015
Ran by Elliott at 2015-04-15 10:02:23
Running from C:\Users\Elliott\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-252647834-942573617-265925035-1000\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{127BEDB9-CFBA-91A2-BCC1-A3A21AFA02F6}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
ccc-core-static (x32 Version: 2011.0407.736.11742 - ATI) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3922 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Dropbox) (Version: 3.4.3 - Dropbox, Inc.)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
Google Chrome (HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6C453C9C-38AE-494D-BF89-7AA0DE87F3E5}) (Version: 1.2.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{AF5D2519-C6B4-4AFD-9A8D-FBF74DD4F0A0}) (Version: 11.15.0004 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 3.2.19.13664 - LeapFrog)
LeapFrog Connect (x32 Version: 3.2.19.13664 - LeapFrog) Hidden
LeapFrog My Pals Plugin (x32 Version: 3.2.19.13664 - LeapFrog) Hidden
LeapFrog Tag Plugin (x32 Version: 3.2.19.13664 - LeapFrog) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-252647834-942573617-265925035-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.10000.1.0 - Nero AG)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Seagate Dashboard 2.0 (HKLM-x32\...\{43C423D9-E6D6-4607-ADC9-EBB54F690C57}) (Version: 2.2.29.0 - Seagate)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
TweakBit Driver Updater (HKLM-x32\...\{62D64B30-6E10-4C49-95FE-EDD8F8165DED}_is1) (Version: 1.6.8.4 - Auslogics Labs Pty Ltd)
Unity Web Player (HKU\S-1-5-21-252647834-942573617-265925035-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (HKLM-x32\...\MyPalsPlugin) (Version:  - LeapFrog)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM-x32\...\TagPlugin) (Version: 3.2.19.13664 - LeapFrog)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Elliott\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-252647834-942573617-265925035-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Elliott\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

07-04-2015 00:00:01 Scheduled Checkpoint
07-04-2015 07:33:31 Windows Update
13-04-2015 02:11:44 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:04 - 2009-06-11 06:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B44E684-F293-41AF-ABBC-52D628D30CE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {1AFADDFF-1CDA-42BA-8B90-838924BE014D} - System32\Tasks\hpUrlLauncher.exe_{D71235D1-1278-46E9-997A-2FDD8922E712} => C:\Program Files\HP\HP Photosmart 5510 series\Bin\utils\hpUrlLauncher.exe [2011-09-17] (Hewlett-Packard Co.)
Task: {1CCB12D4-DC33-494F-9E5B-D1082DCAED7C} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {1FCF2871-D5AA-4197-BD44-EEB7ED3EF44B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {208134F0-33BE-4F13-815D-817C9D32E7CE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2561F216-9FE7-44D8-B4BB-C1E7F4536E19} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000Core => C:\Users\Elliott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {33C2BE5F-35FD-4846-920D-F36B992A6F9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000UA => C:\Users\Elliott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {3AB590B1-97C8-42C3-A1B6-42F8629AFFFE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {3D2DA312-58B7-4744-85D6-476E432B98C2} - System32\Tasks\{35FD3E13-143F-4E64-8A9D-351D7B302A46} => pcalua.exe -a C:\Users\Elliott\Downloads\sp53851.exe -d C:\Users\Elliott\Downloads
Task: {588B7BCF-C877-4BC2-B7C9-D80A67422D93} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {5C13EEF4-36C8-4047-93A4-2B82A3450E39} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {5DC12518-0E89-419E-A234-D2C2C920F497} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6E77DD8D-2890-4A2C-A384-784F1036170B} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {702CBC69-0A53-41D3-B990-CC48B04A4276} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {81DC1CCD-DEE6-47D9-ADEF-CA60A1966FD0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {842A5DDA-98C7-4B9E-8E81-B6DC3CE64957} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2014-10-19] ()
Task: {91729ED7-46D0-4758-9512-D6007F64F191} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.)
Task: {9723F8B2-2B36-4C67-B3AA-166A86B40B5F} - System32\Tasks\Elliott DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2013-05-30] (Seagate Technology LLC)
Task: {9BA0A0DA-5F4D-42C8-958B-17F8662438C6} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-23] (CyberLink)
Task: {AC3CE634-E607-445E-A4A5-0AC6931EAFAF} - System32\Tasks\{E83FC713-6BFE-4894-8BE6-808A9C57C7F6} => pcalua.exe -a C:\Users\Elliott\Downloads\sp55029.exe -d C:\Users\Elliott\Downloads
Task: {E5C90C03-D4CC-463B-8945-FFE8877AC4B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {F2FBEA96-48A6-464A-83B0-FA099044D32E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {F744DC11-6C18-4990-BAEF-1818ED49E2FE} - System32\Tasks\TweakBit\Driver Updater\Start Driver Updater оn logon => C:\Program Files (x86)\TweakBit\Driver Updater\DriverUpdater.exe [2015-04-02] (TweakBit)
Task: {FEF282DF-8498-4D94-A2C9-EB5CA1CBE30E} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2013-05-30] (Seagate Technology LLC)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000Core.job => C:\Users\Elliott\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-252647834-942573617-265925035-1000UA.job => C:\Users\Elliott\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 21:35 - 2015-01-20 21:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 21:35 - 2015-01-20 21:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-08 10:27 - 2011-01-08 10:27 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2015-01-20 21:35 - 2015-01-20 21:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-15 08:00 - 2015-04-15 08:00 - 00043008 _____ () c:\users\elliott\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8taol.dll
2015-03-05 07:15 - 2015-03-05 07:15 - 00750080 _____ () C:\Users\Elliott\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-05 07:15 - 2015-03-05 07:15 - 00047616 _____ () C:\Users\Elliott\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-05 07:15 - 2015-03-05 07:15 - 00865280 _____ () C:\Users\Elliott\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-05 07:15 - 2015-03-05 07:15 - 00200704 _____ () C:\Users\Elliott\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-04-14 19:12 - 1999-12-31 23:00 - 00714452 _____ () C:\Users\Elliott\AppData\Local\Temp\T1356885495\Tor\libevent-2-0-5.dll
2015-04-14 19:12 - 1999-12-31 23:00 - 00091026 _____ () C:\Users\Elliott\AppData\Local\Temp\T1356885495\Tor\libssp-0.dll
2015-04-14 19:12 - 1999-12-31 23:00 - 00517814 _____ () C:\Users\Elliott\AppData\Local\Temp\T1356885495\Tor\libgcc_s_sjlj-1.dll
2015-04-14 19:12 - 1999-12-31 23:00 - 00110592 _____ () C:\Users\Elliott\AppData\Local\Temp\T1356885495\Tor\zlib1.dll
2011-04-27 16:05 - 2011-04-27 16:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-10-19 02:44 - 2014-10-19 02:44 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2011-07-06 18:10 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows\SysWOW64\CN1C3357BG05V4:NW
AlternateDataStreams: C:\Users\Elliott\Documents\Study:com.dropbox.attributes
AlternateDataStreams: C:\Users\Elliott\Documents\T A Earthmoving:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-252647834-942573617-265925035-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Elliott\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.20.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: DBAgent => "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Monitor => "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

==================== Accounts: =============================

Administrator (S-1-5-21-252647834-942573617-265925035-500 - Administrator - Disabled)
Elliott (S-1-5-21-252647834-942573617-265925035-1000 - Administrator - Enabled) => C:\Users\Elliott
Guest (S-1-5-21-252647834-942573617-265925035-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-252647834-942573617-265925035-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2015 09:57:21 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 09:56:47 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 09:56:30 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:53:23 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:52:47 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:52:47 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:52:47 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:52:18 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:50:59 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (04/15/2015 08:50:59 AM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC


System errors:
=============
Error: (04/15/2015 08:06:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.

Error: (04/15/2015 08:00:03 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (04/15/2015 07:59:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater14.2.0 service failed to start due to the following error:
%%2

Error: (04/15/2015 07:59:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%1053

Error: (04/15/2015 07:59:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG WatchDog service to connect.

Error: (04/15/2015 07:59:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%1053

Error: (04/15/2015 07:59:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect.

Error: (04/15/2015 07:52:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vToolbarUpdater14.2.0 service failed to start due to the following error:
%%2

Error: (04/15/2015 07:52:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%1053

Error: (04/15/2015 07:52:02 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG WatchDog service to connect.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 60%
Total physical RAM: 4043.86 MB
Available physical RAM: 1590 MB
Total Pagefile: 8087.72 MB
Available Pagefile: 5392.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:582.16 GB) (Free:252.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:13.72 GB) (Free:1.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 6C6C1686)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=582.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================


Edited by amymacca23, 14 April 2015 - 06:38 PM.

  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi you may need to repair AVG after this.. Let me know if it starts on the reboot

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Run: [BackUp1356885495] => C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe [679936 2009-07-14] (Sun Microsystems, Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
Toolbar: HKLM - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKLM-x32 - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
S3 BS1356885495; \??\C:\Users\Elliott\AppData\Local\Temp\NTFS.sys [X]
2015-04-09 20:37 - 2015-04-09 20:37 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{16653AD5-49B7-4245-BA22-58A04457C604}
2015-04-01 18:14 - 2015-04-01 18:14 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{8EE02563-52E1-45B0-AAB9-8A81A72A7759}
2015-03-23 16:31 - 2015-03-23 16:32 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{9A7D358B-E72D-4D77-A5C7-C5362B6C46F1}
C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe
C:\PROGRA~2\SearchProtect
C:\Users\Elliott\AppData\Local\Temp\NTFS.sys
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers


Save this as fixlist.txt, in the same location as FRST.exe
FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#3
amymacca23

amymacca23

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Here is the log after I completed the fixlist...

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-04-2015 04
Ran by Elliott at 2015-04-16 07:47:25 Run:1
Running from C:\Users\Elliott\Desktop
Loaded Profiles: Elliott (Available profiles: Elliott)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CreateRestorePoint:
HKU\S-1-5-21-252647834-942573617-265925035-1000\...\Run: [BackUp1356885495] => C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe [679936 2009-07-14] (Sun Microsystems, Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://dts.search-re...q={searchTerms}
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
Toolbar: HKLM - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKLM-x32 - No Name - !{687578b9-7132-4a7a-80e4-30ee31099e03} - No File
Toolbar: HKU\S-1-5-21-252647834-942573617-265925035-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
S3 BS1356885495; \??\C:\Users\Elliott\AppData\Local\Temp\NTFS.sys [X]
2015-04-09 20:37 - 2015-04-09 20:37 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{16653AD5-49B7-4245-BA22-58A04457C604}
2015-04-01 18:14 - 2015-04-01 18:14 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{8EE02563-52E1-45B0-AAB9-8A81A72A7759}
2015-03-23 16:31 - 2015-03-23 16:32 - 00000000 ____D () C:\Users\Elliott\AppData\Local\{9A7D358B-E72D-4D77-A5C7-C5362B6C46F1}
C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe
C:\PROGRA~2\SearchProtect
C:\Users\Elliott\AppData\Local\Temp\NTFS.sys
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset c:\resetlog.txt
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
HKU\S-1-5-21-252647834-942573617-265925035-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BackUp1356885495 => value deleted successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll" => Value Data removed successfully.
"C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" => Value Data removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}" => Key deleted successfully.
HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{687578b9-7132-4a7a-80e4-30ee31099e03} => value deleted successfully.
HKCR\CLSID\!{687578b9-7132-4a7a-80e4-30ee31099e03} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{687578b9-7132-4a7a-80e4-30ee31099e03} => value deleted successfully.
HKCR\Wow6432Node\CLSID\!{687578b9-7132-4a7a-80e4-30ee31099e03} => Key not found.
HKU\S-1-5-21-252647834-942573617-265925035-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\osf" => Key deleted successfully.
HKCR\CLSID\{D924BDC6-C83A-4BD5-90D0-095128A113D1} => Key not found.
"HKCR\PROTOCOLS\Handler\viprotocol" => Key deleted successfully.
HKCR\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key deleted successfully.
BS1356885495 => Service deleted successfully.
C:\Users\Elliott\AppData\Local\{16653AD5-49B7-4245-BA22-58A04457C604} => Moved successfully.
C:\Users\Elliott\AppData\Local\{8EE02563-52E1-45B0-AAB9-8A81A72A7759} => Moved successfully.
C:\Users\Elliott\AppData\Local\{9A7D358B-E72D-4D77-A5C7-C5362B6C46F1} => Moved successfully.
C:\Users\Elliott\AppData\Roaming\BackUp1356885495.exe => Moved successfully.
"C:\PROGRA~2\SearchProtect" => File/Directory not found.
"C:\Users\Elliott\AppData\Local\Temp\NTFS.sys" => File/Directory not found.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.



========= End of Reg: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.
HKU\S-1-5-21-252647834-942573617-265925035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value deleted successfully.
HKU\S-1-5-21-252647834-942573617-265925035-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value deleted successfully.


========= End of RemoveProxy: =========


=========  netsh advfirewall reset =========

Ok.


========= End of CMD: =========


=========  netsh advfirewall set allprofiles state ON =========

Ok.


========= End of CMD: =========


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========  netsh winsock reset catalog =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========


=========  netsh int ip reset c:\resetlog.txt =========

Reseting Global, OK!
Reseting Interface, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  ipconfig /release =========


Windows IP Configuration

No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::f82b:eea6:9aa4:4ea8%15
   Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{BD2A6071-95DF-4926-AEB7-F39F738109D4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:49:2e7e:8356:4c96
   Link-local IPv6 Address . . . . . : fe80::49:2e7e:8356:4c96%20
   Default Gateway . . . . . . . . . : ::

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{6713C0A9-C86F-4CB2-BDA7-E4C47068A42E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{D84C3F9F-4CF2-4CB8-BC20-05990EC9D73D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


=========  ipconfig /renew =========


Windows IP Configuration

No operation can be performed on Wireless Network Connection 2 while it has its media disconnected.
No operation can be performed on Local Area Connection while it has its media disconnected.

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::f82b:eea6:9aa4:4ea8%15
   IPv4 Address. . . . . . . . . . . : 192.168.20.104
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.20.1

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{BD2A6071-95DF-4926-AEB7-F39F738109D4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:49:2e7e:8356:4c96
   Link-local IPv6 Address . . . . . : fe80::49:2e7e:8356:4c96%20
   Default Gateway . . . . . . . . . : ::

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{6713C0A9-C86F-4CB2-BDA7-E4C47068A42E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{D84C3F9F-4CF2-4CB8-BC20-05990EC9D73D}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

========= End of CMD: =========


=========  netsh int ipv4 reset =========

Reseting Interface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  netsh int ipv6 reset =========

Reseting Interface, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.


========= End of CMD: =========


=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

{FC44BD55-2BBA-4006-8602-D839B9D2A0F8} canceled.
1 out of 1 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 1.4 GB temporary data.


The system needed a reboot.

==== End of Fixlog 07:49:59 ====


  • 0

#4
amymacca23

amymacca23

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

I downloaded aswMBR.exe ( 4.5mb ) to my desktop.  I can double click on it and it asks if I want to allow the following program from an unknown publisher to make changes to this computer, I click yes and then nothing happens.  This is the same problem I have been having with the antivirus programs, it downloads and then when I double click to run the program nothing happens.


  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Are you able to access safe mode with network ?

 

If so could you run AswMBR  from there


  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP