Zep516 (Joe)
Hearty apologies for my delay in responding. A major family crisis intervened, like.
I've followed your advice to the letter and am pasting the two FRST reports below. (I didn't however run the 'optional scan' covering 'List BCD', 'Drivers MD5', 'shortcut.txt', 'Addition.txt' and '90 days files'. If they're vital, I'm happy to run again.) Enormous thanks for taking the time to run your eyeballs over all this stuff.
FRST.txt
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
Ran by Home (administrator) on HOME-PC (18-09-2016 07:33:01)
Running from C:\Users\Home\Desktop
Loaded Profiles: Home (Available Profiles: Home)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Spotify Ltd) C:\Users\Home\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2631120 2016-07-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-09-07] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2588259368-3398593882-3987161955-1000\...\Run: [Spotify Web Helper] => C:\Users\Home\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-06-30] (Spotify Ltd)
HKU\S-1-5-21-2588259368-3398593882-3987161955-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-2588259368-3398593882-3987161955-1000\...\MountPoints2: {165b3c49-78e8-11e4-959f-806e6f6e6963} - E:\RunMe.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk [2016-09-18]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1510 series.lnk -> C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{740F530B-DDF1-4488-8868-BA63A715455B}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2016-09-18]
CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-06]
CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-06]
CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-06]
CHR Extension: (AdBlock) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-09-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-18]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [750032 2016-07-28] (Malwarebytes Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294104 2015-04-10] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [74984 2016-07-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-16] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 USBET; C:\Windows\System32\DRIVERS\ETdrv.sys [6423936 2013-02-04] (Etron)
U4 Avgfwfd; system32\DRIVERS\avgfwd6a.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-11-02 00:08 - 2015-04-06 09:52 - 00524288 ___SH C:\Users\Home\ntuser.dat{c6c2e5f8-9722-14dc-b99e-0018716c3889}.TMContainer00000000000000000002.regtrans-ms
2099-11-02 00:08 - 2015-04-06 09:52 - 00524288 ___SH C:\Users\Home\ntuser.dat{c6c2e5f8-9722-14dc-b99e-0018716c3889}.TMContainer00000000000000000001.regtrans-ms
2099-11-02 00:08 - 2015-04-06 09:52 - 00065536 ___SH C:\Users\Home\ntuser.dat{c6c2e5f8-9722-14dc-b99e-0018716c3889}.TM.blf
2016-09-18 07:33 - 2016-09-18 07:33 - 00011639 _____ C:\Users\Home\Desktop\FRST.txt
2016-09-18 07:31 - 2016-09-18 07:33 - 00000000 ____D C:\FRST
2016-09-18 07:26 - 2016-09-18 07:26 - 02399232 _____ (Farbar) C:\Users\Home\Desktop\FRST64.exe
2016-09-18 07:05 - 2016-09-18 07:05 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk
2016-09-18 07:05 - 2016-09-18 07:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-09-18 07:02 - 2016-09-18 07:02 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Home\Downloads\AVG_Protection_Free_1606.exe
2016-09-16 07:16 - 2016-09-16 07:16 - 03861056 _____ C:\Users\Home\Desktop\adwcleaner_6.020.exe
2016-09-05 16:15 - 2016-09-05 16:15 - 00127996 _____ C:\Users\Home\Downloads\Listing_Details2016-09-05-17-14.pdf
2016-08-31 07:42 - 2016-08-31 07:43 - 54287072 _____ (Microsoft Corporation) C:\Users\Home\Desktop\Windows-KB890830-x64-V5.39.exe
2016-08-30 08:34 - 2016-08-30 08:34 - 00009904 ____N C:\bootsqm.dat
2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-11-02 00:02 - 2014-12-01 10:33 - 00000000 ____D C:\Users\Home\AppData\Local\Microsoft Games
2016-09-18 07:31 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-18 07:31 - 2009-07-14 05:45 - 00028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-18 07:19 - 2014-12-01 09:28 - 00000000 ____D C:\ProgramData\MFAData
2016-09-18 07:17 - 2015-04-06 10:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-18 07:17 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 07:14 - 2015-06-28 10:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-18 07:14 - 2015-04-29 07:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-09-18 07:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-09-18 07:05 - 2015-08-15 06:44 - 00000000 ____D C:\Users\Home\AppData\Local\AvgSetupLog
2016-09-18 07:05 - 2015-08-15 06:44 - 00000000 ____D C:\ProgramData\Avg
2016-09-18 07:05 - 2014-12-01 09:30 - 00000000 ____D C:\Program Files (x86)\AVG
2016-09-17 20:48 - 2015-04-06 10:35 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-17 19:28 - 2015-08-07 06:56 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-17 07:53 - 2015-04-06 10:36 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-17 07:53 - 2015-04-06 10:36 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-09-17 07:26 - 2016-07-12 19:16 - 00000000 ____D C:\Users\Home\Documents\Architectural Insides and Outsides
2016-09-16 07:22 - 2016-04-18 18:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-16 07:21 - 2015-05-02 09:26 - 00000000 ____D C:\AdwCleaner
2016-09-16 07:15 - 2014-12-01 09:56 - 00000000 ____D C:\ProgramData\TEMP
2016-09-16 07:14 - 2015-07-18 04:54 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2016-09-14 16:35 - 2015-06-14 09:29 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 08:32 - 2015-05-02 13:49 - 00000000 ____D C:\Users\Home\Documents\Primus eBills
2016-09-12 16:24 - 2016-02-20 11:21 - 00000000 ____D C:\Users\Home\Documents\Miller Parris etc
2016-09-11 19:18 - 2015-05-02 16:55 - 00000000 ____D C:\Users\Home\AppData\Local\Spotify
2016-09-11 19:18 - 2015-05-02 16:54 - 00000000 ____D C:\Users\Home\AppData\Roaming\Spotify
2016-09-10 08:38 - 2015-04-06 12:47 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-05 06:57 - 2009-07-14 06:08 - 00032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-09-04 21:10 - 2015-04-29 06:45 - 00000000 ____D C:\Users\Home\AppData\Roaming\vlc
2016-09-04 19:01 - 2015-07-23 19:30 - 00000000 ____D C:\Users\Home\AppData\Roaming\dvdcss
==================== Files in the root of some directories =======
2015-05-11 08:44 - 2015-05-11 08:44 - 0000057 _____ () C:\ProgramData\Ament.ini
Some files in TEMP:
====================
C:\Users\Home\AppData\Local\Temp\avguirn_081692346769.exe
C:\Users\Home\AppData\Local\Temp\avguirn_081778736183.exe
C:\Users\Home\AppData\Local\Temp\avguirn_082048732973.exe
C:\Users\Home\AppData\Local\Temp\avguirn_082124867046.exe
C:\Users\Home\AppData\Local\Temp\avguirn_08230171427.exe
C:\Users\Home\AppData\Local\Temp\avguirn_08529085845.exe
C:\Users\Home\AppData\Local\Temp\avguirn_08699622339.exe
C:\Users\Home\AppData\Local\Temp\avguirn_08798282415.exe
C:\Users\Home\AppData\Local\Temp\avguirn_08815743683.exe
C:\Users\Home\AppData\Local\Temp\HPPSdr.exe
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-10 08:13
==================== End of FRST.txt ============================
ADDITION.txt
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-09-2016
Ran by Home (18-09-2016 07:34:26)
Running from C:\Users\Home\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-11-30 23:31:31)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2588259368-3398593882-3987161955-500 - Administrator - Disabled)
Guest (S-1-5-21-2588259368-3398593882-3987161955-501 - Limited - Disabled)
Home (S-1-5-21-2588259368-3398593882-3987161955-1000 - Administrator - Enabled) => C:\Users\Home
HomeGroupUser$ (S-1-5-21-2588259368-3398593882-3987161955-1002 - Limited - Enabled)
Malcolm_Richardson (S-1-5-21-2588259368-3398593882-3987161955-1003 - Administrator - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
AVG (HKLM\...\AvgZen) (Version: 1.91.2.35777 - AVG Technologies)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4656 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
AVG Zen (Version: 1.91.11 - AVG Technologies) Hidden
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HP Deskjet 1510 series Basic Device Software (HKLM\...\{C9064E5C-D5AB-4EEB-86A6-50756901038A}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.)
HP Deskjet 1510 series Help (HKLM-x32\...\{2E25FCEB-EFCB-4696-AA01-D3CBAC721831}) (Version: 30.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
Edited by Waste of Space, 19 September 2016 - 01:43 AM.