Jump to content

Browser bug that won't leave


Recommended Posts

I have a suspected browser bug on my computer that I can't get to leave. Back in the spring, my gmail account started sending out spam to my various contacts. I changed my password. No problems for a couple of months until it started spamming again. Since July of this year, it's spammed my contacts at least twice a month. I've changed my password each time. Also during this time I noticed that a few of the websites I have been visiting start slowing down and the ads on the pages show up in Japanese. I am in the US and don't read Japanese so that was a big eyebrow-raise for me. My webhost received one of the spam emails and has walked me through several attempts to see what is happening. After explaining to her what was going on, she suggested it might be a browser bug after she viewed a copy of several of the emails I sent her. She also suggested seeking advice from this forum. So here I am, seeking your help. I've run my Malwayrebytes daily but it hasn't picked up anything. I've loaded an AV and it picked up a Trojan and a malsign, both of which it deleted. I would greatly appreciate any help y'all can offer.

Link to post
Share on other sites

Ran Farbar as noted in pinned post. Here is FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014

Ran by Mia (administrator) on MIA-HPOMNI on 02-12-2014 15:30:31

Running from C:\Users\Mia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O65B06Q2

Loaded Profile: Mia (Available profiles: Mia)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe

(HP) C:\Program Files\hp\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe

(HP) C:\Windows\System32\HPSIsvc.exe

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe

(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe

() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(CyberLink) C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe

(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe

(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe

(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe

(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrvx.exe

(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_239_ActiveX.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe

(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()

HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)

HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2371264 2014-09-22] (Microsoft Corp.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)

HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Google Update] => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-23] (Google Inc.)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1467200 2014-11-27] (Lavasoft)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\MountPoints2: {23a111ea-f158-11e1-ad81-047d7b87a11c} - F:\SISetup.exe

HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"

AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\AmazonSmile1ButtonApp\AmazonSmileExtIE64.dll [155648 2014-02-03] (Amazon Inc.)

AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\AmazonSmile1ButtonApp\\AmazonSmileExtIE.dll [140288 2014-02-03] (Amazon Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U159

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKLM-x32 -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF

SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.com/web?q={searchterms}&l=dis&o=HPDTDF

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = https://search.yahoo.com/search?p={searchTerms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20140831,20028,0,31,0

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}

SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)

Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)

Toolbar: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)

Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)

Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)

Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)

Winsock: Catalog9 15 C:\Windows\SysWOW64\LavasoftTcpService.dll [312424] (Lavasoft Limited)

Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)

Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)

Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)

Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)

Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [358736] (Lavasoft Limited)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Mia\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)

Chrome:

=======

CHR HomePage: Default ->

CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN36691910022864413&UM=2&UP=SP9E0A9363-F919-4716-9367-3099497EC4FC&SSPV=", "hxxp://www.bing.com/?pc=U217", "hxxp://g.msn.com/1ewenusDefaultPack/U217_DefaultPack_DHP2"

CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}

CHR Profile: C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (USA TODAY) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggljnipbdiebhbmadknfbjlhehbohbn [2013-06-13]

CHR Extension: (AccuWeather Forecast) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaabbcbolfcclofcpdipmefibpgacgc [2013-06-13]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (Facebook) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-06-13]

CHR Extension: (Add to Amazon Wish List) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-06-13]

CHR Extension: (Google Search) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-14]

CHR Extension: (Google+) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-06-13]

CHR Extension: (NYTimes) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2013-06-13]

CHR Extension: (Chromebleed) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-10]

CHR Extension: (Google Calendar) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-06-13]

CHR Extension: (GIMP on rollApp) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2014-10-07]

CHR Extension: (PicMonkey) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2013-06-13]

CHR Extension: (AdBlock) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-13]

CHR Extension: (Pin It Button) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-20]

CHR Extension: (TweetDeck by Twitter) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-13]

CHR Extension: (NPR: News, Music and Books) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamfjcklnmlbokoackecfjidfjafgog [2013-06-13]

CHR Extension: (Caroline Gardner) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlajhhigpcohfpjjmnbifacfbdoponci [2013-06-13]

CHR Extension: (The Weather Channel for Chrome) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2013-06-13]

CHR Extension: (WeatherBug (Legacy App)) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak [2013-06-13]

CHR Extension: (WordPress.com) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2013-10-22]

CHR Extension: (Instagram) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmjgaejdekfmncdecdglcnegpljmfml [2014-05-19]

CHR Extension: (Hootsuite) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2013-06-13]

CHR Extension: (Blogger) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2013-06-13]

CHR Extension: (Skype Click to Call) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-13]

CHR Extension: (feedly) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2013-06-13]

CHR Extension: (Google Wallet) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Outlook.com) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-06-06]

CHR Extension: (Weather Underground) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-05-07]

CHR Extension: (Gmail) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-13]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

CHR StartMenuInternet: Google Chrome - C:\Users\Mia\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)

R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173240 2014-09-22] (Microsoft Corp.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]

R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177136 2014-04-28] (Coupons.com Inc.)

R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]

R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)

R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)

R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()

R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-11-13] (Lavasoft Limited)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)

R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)

R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-11-27] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)

R3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] ()

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-02] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)

R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)

S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)

S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 15:29 - 2014-12-02 15:30 - 00000000 ____D () C:\FRST

2014-11-29 05:59 - 2014-11-29 05:59 - 00193536 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30am.pub

2014-11-28 20:12 - 2014-11-29 06:00 - 00190976 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30pm.pub

2014-11-28 20:03 - 2014-11-29 05:59 - 00193536 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30.pub

2014-11-26 20:45 - 2014-12-02 14:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-11-26 20:45 - 2014-11-26 20:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-11-26 19:32 - 2014-11-26 19:32 - 00001124 _____ () C:\Users\Mia\Documents\Ad-Aware_Report_Quick_Manual_2014-11-26T19-31-24.693661.xml

2014-11-26 12:40 - 2014-11-26 12:40 - 00004688 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini

2014-11-26 12:40 - 2014-11-26 12:40 - 00002520 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini

2014-11-26 12:40 - 2014-11-26 12:40 - 00002520 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini

2014-11-26 12:40 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\LavasoftStatistics

2014-11-26 12:40 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\Mia\AppData\Local\Lavasoft

2014-11-26 12:40 - 2014-11-13 18:42 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll

2014-11-26 12:39 - 2014-11-26 12:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft

2014-11-26 12:39 - 2014-11-13 18:42 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll

2014-11-26 12:38 - 2014-12-02 06:35 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk

2014-11-26 12:38 - 2014-11-27 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

2014-11-26 12:38 - 2014-11-26 19:25 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Lavasoft

2014-11-26 12:37 - 2014-11-26 12:37 - 00000000 ____D () C:\Program Files\Lavasoft

2014-11-26 12:36 - 2014-11-26 12:38 - 00000000 ____D () C:\ProgramData\Lavasoft

2014-11-26 12:36 - 2014-11-26 12:36 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft

2014-11-25 12:50 - 2014-12-02 06:34 - 00001064 _____ () C:\Windows\setupact.log

2014-11-25 12:50 - 2014-11-28 16:43 - 00324490 _____ () C:\Windows\PFRO.log

2014-11-25 11:34 - 2014-11-28 16:43 - 00000000 ____D () C:\ProgramData\AVAST Software

2014-11-24 15:55 - 2014-11-24 15:55 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk

2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\TuneUp Software

2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\AVG2015

2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-11-24 15:54 - 2014-11-24 15:55 - 00000000 ____D () C:\ProgramData\AVG2015

2014-11-24 15:54 - 2014-11-24 15:54 - 00000000 ___HD () C:\$AVG

2014-11-24 15:53 - 2014-11-24 15:53 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-11-24 15:51 - 2014-12-02 09:59 - 00000000 ____D () C:\ProgramData\MFAData

2014-11-24 15:51 - 2014-11-24 15:57 - 00000000 ____D () C:\Users\Mia\AppData\Local\Avg2015

2014-11-24 15:51 - 2014-11-24 15:51 - 00000000 ____D () C:\Users\Mia\AppData\Local\MFAData

2014-11-22 07:26 - 2014-11-25 13:09 - 00000000 ____D () C:\Users\Mia\Documents\Star Wars Snowflakes

2014-11-22 07:26 - 2014-11-22 07:26 - 07464083 _____ () C:\Users\Mia\Downloads\Star_Wars_Snowflakes_2012_AnthonyHerreraDesigns.zip

2014-11-20 08:03 - 2014-11-20 08:03 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Oracle

2014-11-20 07:57 - 2014-11-20 07:57 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-11-20 07:57 - 2014-11-20 07:57 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-11-20 07:57 - 2014-11-20 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-11-20 07:57 - 2014-11-20 07:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-11-20 07:57 - 2014-11-20 07:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-11-19 06:08 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-11-19 06:08 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll

2014-11-19 06:08 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-11-19 06:08 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll

2014-11-15 17:09 - 2014-11-15 17:09 - 00000000 ____D () C:\Users\Mia\Downloads\Lego DD Star Wars

2014-11-15 10:03 - 2014-11-15 17:09 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\LEGO Company

2014-11-15 10:03 - 2014-11-15 10:03 - 00000000 ____D () C:\Users\Mia\Documents\LEGO Creations

2014-11-15 10:01 - 2014-11-15 10:01 - 00002148 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk

2014-11-15 10:01 - 2014-11-15 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company

2014-11-15 10:00 - 2014-11-15 10:00 - 00000000 ____D () C:\Program Files (x86)\LEGO Company

2014-11-15 09:58 - 2014-11-15 09:58 - 00033825 _____ () C:\Users\Mia\Downloads\Lego DD Star Wars.zip

2014-11-12 19:58 - 2014-11-12 19:58 - 00000000 __SHD () C:\Users\Mia\AppData\Local\EmieBrowserModeList

2014-11-12 06:58 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-11-12 06:58 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-11-12 06:58 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-11-12 06:58 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-11-12 06:58 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-11-12 06:58 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-11-12 06:58 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-11-12 06:58 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-11-12 06:58 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-11-12 06:58 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-11-12 06:58 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-11-12 06:58 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-11-12 06:58 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-11-12 06:58 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-11-12 06:58 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-11-12 06:58 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-11-12 06:58 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-11-12 06:58 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-11-12 06:58 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-11-12 06:58 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-11-12 06:58 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-11-12 06:58 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-11-12 06:58 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-11-12 06:58 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-11-12 06:58 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-11-12 06:58 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-11-12 06:58 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-11-12 06:58 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-11-12 06:58 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-11-12 06:58 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-11-12 06:58 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-11-12 06:58 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-11-12 06:58 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-11-12 06:58 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-11-12 06:58 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-11-12 06:58 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-11-12 06:58 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-12 06:58 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-11-12 06:58 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-11-12 06:58 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-11-12 06:58 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-11-12 06:58 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-11-12 06:58 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-11-12 06:58 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-11-12 06:58 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-11-12 06:58 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-11-12 06:58 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-11-12 06:58 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-11-12 06:58 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-11-12 06:58 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-11-12 06:58 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-11-12 06:58 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-11-12 06:58 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-11-12 06:58 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-11-12 06:58 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-11-12 06:58 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-11-12 06:58 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2014-11-12 06:58 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-11-12 06:58 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-11-12 06:58 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-11-12 06:58 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll

2014-11-12 06:58 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-11-12 06:58 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2014-11-12 06:58 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2014-11-12 06:58 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-11-12 06:58 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-11-12 06:58 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2014-11-12 06:58 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2014-11-12 06:58 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll

2014-11-12 06:58 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2014-11-12 06:58 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll

2014-11-12 06:58 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll

2014-11-12 06:58 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll

2014-11-12 06:58 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll

2014-11-12 06:58 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll

2014-11-12 06:58 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-11-12 06:58 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-11-12 06:58 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-11-12 06:58 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-11-12 06:58 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-11-12 06:58 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-11-12 06:58 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-11-12 06:58 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL

2014-11-12 06:58 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL

2014-11-12 06:57 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll

2014-11-12 06:57 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll

2014-11-12 06:57 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2014-11-12 06:57 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2014-11-12 06:57 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-11-12 06:57 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-11-12 06:57 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-11-05 21:01 - 2014-11-05 21:01 - 00190464 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014am.pub

2014-11-05 21:01 - 2014-11-05 21:01 - 00187392 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014pm.pub

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 15:15 - 2012-07-21 06:51 - 01761811 _____ () C:\Windows\WindowsUpdate.log

2014-12-02 15:14 - 2012-07-23 07:37 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA.job

2014-12-02 14:39 - 2014-05-15 14:28 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-12-02 14:38 - 2012-07-31 17:48 - 00000000 ____D () C:\Users\Mia\Documents\Outlook Files

2014-12-02 13:41 - 2014-11-01 04:48 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-12-02 13:41 - 2014-05-15 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-12-02 13:41 - 2014-05-15 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-12-02 11:48 - 2012-07-21 06:56 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DEC8DDE2-D6A5-4709-85BE-DDD9E52AB5E9}

2014-12-02 07:09 - 2012-07-23 07:37 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core.job

2014-12-02 06:44 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-12-02 06:44 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-12-02 06:36 - 2012-07-10 16:36 - 00000000 ____D () C:\ProgramData\PDFC

2014-12-02 06:34 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-12-01 07:20 - 2012-07-21 06:56 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMia

2014-12-01 07:20 - 2012-07-21 06:56 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMia.job

2014-11-30 07:12 - 2012-07-29 07:29 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt

2014-11-30 07:12 - 2012-07-23 06:51 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log

2014-11-29 05:53 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-11-26 20:45 - 2014-08-04 16:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-11-26 20:45 - 2012-07-10 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-11-26 17:41 - 2012-07-23 06:49 - 00000000 ____D () C:\Users\Mia\AppData\Local\CrashDumps

2014-11-26 15:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-11-25 12:16 - 2012-07-10 16:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers

2014-11-25 11:51 - 2014-08-01 06:40 - 00000000 ____D () C:\ProgramData\Adobe

2014-11-25 11:51 - 2012-07-21 06:59 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Adobe

2014-11-25 11:50 - 2014-08-01 06:41 - 00000000 ____D () C:\Users\Mia\AppData\Local\Adobe

2014-11-22 19:14 - 2013-08-21 21:05 - 00000000 ____D () C:\Users\Mia\Documents\Recipes

2014-11-21 06:14 - 2014-05-15 14:28 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-11-21 06:14 - 2014-05-15 14:28 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-11-21 06:14 - 2013-05-31 07:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-11-20 18:15 - 2013-11-13 13:16 - 00000000 ____D () C:\Users\Mia\Documents\My Kindle Content

2014-11-20 18:07 - 2013-11-13 13:16 - 00002223 _____ () C:\Users\Mia\Desktop\Kindle.lnk

2014-11-20 18:06 - 2013-11-13 13:16 - 00000000 ____D () C:\Users\Mia\AppData\Local\Amazon

2014-11-20 08:03 - 2014-09-04 18:04 - 00000000 ____D () C:\ProgramData\Oracle

2014-11-20 07:56 - 2012-09-03 14:39 - 00000000 ____D () C:\Program Files (x86)\Java

2014-11-19 07:20 - 2013-08-21 21:04 - 00000000 ____D () C:\Users\Mia\Documents\Homeschool PDFs

2014-11-18 08:00 - 2012-11-12 20:31 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMIA-HPOMNI$

2014-11-18 08:00 - 2012-11-12 20:31 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForMIA-HPOMNI$.job

2014-11-15 07:04 - 2012-07-23 07:37 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA

2014-11-15 07:04 - 2012-07-23 07:37 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core

2014-11-13 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-11-12 19:40 - 2012-07-21 07:00 - 00109296 _____ () C:\Users\Mia\AppData\Local\GDIPFONTCACHEV1.DAT

2014-11-12 19:39 - 2009-07-13 23:45 - 00408136 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-11-12 19:38 - 2014-05-06 13:10 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-11-12 17:44 - 2012-07-31 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-12 17:40 - 2013-08-14 07:44 - 00000000 ____D () C:\Windows\system32\MRT

Some content of TEMP:

====================

C:\Users\Mia\AppData\Local\Temp\a0736eee-1ad0-4707-858d-5ff68d1767b3.exe

C:\Users\Mia\AppData\Local\Temp\SpOrder.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-25 06:50

==================== End Of Log ============================

Link to post
Share on other sites

Here is addition.txt:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2014
Ran by Mia at 2014-12-02 15:31:28
Running from C:\Users\Mia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O65B06Q2
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Web Companion (x32 Version: 1.0.813.1538 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Amazon Kindle) (Version:  - Amazon)
AmazonSmile 1Button App (HKLM-x32\...\{D775E291-9D15-4AAE-B75C-ECBD32B82B86}) (Version: 1.0.0 - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4235 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.98.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp) <==== ATTENTION
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.9) (Version: 5.0.0.9 - Coupons.com Incorporated)
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Evernote v. 4.5.8 (HKLM-x32\...\{DED01768-E634-11E1-AEB0-984BE15F174E}) (Version: 4.5.8.7356 - Evernote Corp.)
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Google Chrome (HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2430 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28099 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
TheSkyX First Light Edition (HKLM-x32\...\{ECE3188A-3B11-4332-B1B9-43FAA9A02626}) (Version: 10.0.2 - Software Bisque, Inc.)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Companion (HKLM-x32\...\{89C9F6E5-50D4-400C-AB96-5A947584D4D6}_WebCompanion) (Version: 1.0.813.1538 - Lavasoft)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

26-11-2014 17:36:13 AA11
26-11-2014 17:38:49 LavasoftWeCompanion
26-11-2014 22:32:45 Windows Update
27-11-2014 17:37:06 LavasoftWeCompanion
28-11-2014 21:37:34 avast! antivirus system restore point
30-11-2014 11:11:51 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {42BA4E00-E586-4454-928B-A3D161407949} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23] (Google Inc.)
Task: {43938DA9-C510-461A-956C-A0A31ACAFA03} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {48D5F14E-69FF-415D-BBAA-1A0CAEAE64BE} - System32\Tasks\HPCeeScheduleForMIA-HPOMNI$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6CD66EB6-909F-4CCF-861A-34AFDF518286} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7DE08EE3-1183-461E-8729-04C979AED4CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {7F1C9BD5-E92F-43CF-94AF-281C0F924957} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8764E9F0-7423-48E8-9897-4EFA995BA301} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)
Task: {8AE5D8BD-8307-4649-9B31-C794C87301D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9789B0C9-EC3F-4DC1-8D5C-CF8892D86E16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9BE612B3-0BF0-4087-B86B-27DD68D299A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {9E4DC027-32B7-493C-BE19-ECFC487FBD2A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {A9092FE4-3CBB-42DE-939B-006E7F44480E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23] (Google Inc.)
Task: {AFDC88B3-38F0-4064-A989-644E4D716A69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F144E27C-9917-499F-9927-09776057BF95} - System32\Tasks\HPCeeScheduleForMia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core.job => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA.job => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMIA-HPOMNI$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-07-12 08:09 - 2012-09-29 12:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-08-28 16:42 - 2012-09-29 12:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2012-08-28 16:42 - 2012-09-29 12:26 - 03120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2012-08-28 16:42 - 2012-09-29 12:53 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00015208 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2014-11-27 10:42 - 2014-11-27 10:42 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00029032 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2012-08-28 16:40 - 2010-04-28 10:49 - 00222720 _____ () C:\Windows\system32\m1210nwia.dll
2012-07-10 16:08 - 2011-06-26 21:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00067392 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00169320 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00088392 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2014-11-27 10:43 - 2014-11-27 10:43 - 00041304 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00235336 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Filtering.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-25 06:17 - 2014-09-05 10:55 - 00132808 _____ () C:\Users\Mia\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
2014-07-14 12:07 - 2013-11-18 01:56 - 01042432 _____ () C:\Users\Mia\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.3.132\Blingext.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppService => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-1925866461-1870387054-773485301-500 - Administrator - Disabled)
Guest (S-1-5-21-1925866461-1870387054-773485301-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925866461-1870387054-773485301-1002 - Limited - Enabled)
Mia (S-1-5-21-1925866461-1870387054-773485301-1000 - Administrator - Enabled) => C:\Users\Mia

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/02/2014 01:09:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2383352

Error: (12/02/2014 01:09:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2383352

Error: (12/02/2014 01:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 10:48:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 261c

Start Time: 01d00e470757680f

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2014 04:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CouponPrinterService.exe, version: 6.0.1.2, time stamp: 0x5359938c
Faulting module name: ole32.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
Exception code: 0xc0000005
Fault offset: 0x000000000000d89e
Faulting process id: 0x96c
Faulting application start time: 0xCouponPrinterService.exe0
Faulting application path: CouponPrinterService.exe1
Faulting module path: CouponPrinterService.exe2
Report Id: CouponPrinterService.exe3

Error: (12/01/2014 08:42:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15601

Error: (12/01/2014 08:42:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15601

System errors:
=============
Error: (12/02/2014 09:23:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.189.1182.0).

Error: (12/02/2014 09:20:37 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
%%1053

Error: (12/02/2014 09:20:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

Error: (12/02/2014 09:19:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Modules Installer service failed to start due to the following error:
%%1053

Error: (12/02/2014 09:19:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.

Error: (12/02/2014 09:19:46 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053TrustedInstaller{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (12/02/2014 09:18:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (12/02/2014 09:15:52 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version:

 Previous Signature Version: 1.189.1079.0

 Update Source: %NT AUTHORITY59

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/02/2014 09:15:36 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

 New Signature Version: 1.189.1182.0

 Previous Signature Version: 1.189.1079.0

 Update Source: %NT AUTHORITY15

 Update Stage: 4.6.0305.00

 Source Path: 4.6.0305.01

 Signature Type: %NT AUTHORITY602

 Update Type: %NT AUTHORITY604

 User: NT AUTHORITY\SYSTEM

 Current Engine Version: %NT AUTHORITY605

 Previous Engine Version: %NT AUTHORITY606

 Error code: %NT AUTHORITY607

 Error description: %NT AUTHORITY608

Error: (12/02/2014 08:20:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The LavasoftTcpService service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (12/02/2014 01:09:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2383352

Error: (12/02/2014 01:09:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2383352

Error: (12/02/2014 01:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/02/2014 10:48:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420261c01d00e470757680f31C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15616

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15616

Error: (12/02/2014 08:51:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/01/2014 04:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CouponPrinterService.exe6.0.1.25359938cole32.DLL6.1.7601.175144ce7c92cc0000005000000000000d89e96c01d00d5c03fe18f5C:\Program Files (x86)\Coupons\CouponPrinterService.exeC:\Windows\system32\ole32.DLL72e4fde6-79a2-11e4-b0f2-047d7b87a11c

Error: (12/01/2014 08:42:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15601

Error: (12/01/2014 08:42:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15601

==================== Memory info ===========================

Processor: Intel® Pentium® CPU G620 @ 2.60GHz
Percentage of memory in use: 56%
Total physical RAM: 4008.47 MB
Available physical RAM: 1747.12 MB
Total Pagefile: 8015.13 MB
Available Pagefile: 4218.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:448.6 GB) (Free:342.21 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:17.06 GB) (Free:2.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 64E4B27F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

  • Staff

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 

adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner
 
 
 
 

FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites

Thank you, TwinHeadedEagle, for your help! Here are the results as requested:

 

First:

# AdwCleaner v4.103 - Report created 03/12/2014 at 09:21:34
# Updated 01/12/2014 by Xplode
# Database : 2014-12-01.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Mia - MIA-HPOMNI
# Running from : C:\Users\Mia\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Users\Mia\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Mia\AppData\Local\WhiteListing
Folder Deleted : C:\Users\Mia\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Mia\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Folder Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage-journal
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal
File Deleted : C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Tune
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tune
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.9

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

-\\ Google Chrome v

[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://wordpress.org/search/do-search.php?search={searchTerms}
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://movies.netflix.com/WiSearch?raw_query=&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN36691910022864413&ctid=CT2260173&UM=2
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN36691910022864413&ctid=CT2260173&UM=2
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.browneyedbaker.com/search-results/?q={searchTerms}
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://smittenkitchen.com/search-results/?cx=009671904594399389362%3Aoll_ocju5k8&cof=FORID%3A9&ie=UTF-8&q={searchTerms}&siteurl=smittenkitchen.com%2F&ref=www.google.com%2F&ss=2059j1019245j11
[C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.pikenursery.com/search-results?q={searchTerms}&cx=&ie=ISO-8859-1

*************************

AdwCleaner[R0].txt - [8591 octets] - [03/12/2014 09:19:19]
AdwCleaner[s0].txt - [7872 octets] - [03/12/2014 09:21:34]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [7932 octets] ##########

 

Next:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-12-2014
Ran by Mia (administrator) on MIA-HPOMNI on 03-12-2014 10:00:05
Running from C:\Users\Mia\Desktop
Loaded Profile: Mia (Available profiles: Mia)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(HP) C:\Program Files\hp\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink) C:\Program Files (x86)\Cyberlink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDSurrogateHost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingApp.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingBar.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\bingsurrogate.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_15_0_0_239_ActiveX.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [bingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2371264 2014-09-22] (Microsoft Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-11-11] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Google Update] => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-23] (Google Inc.)
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [3414560 2014-05-19] (Fitbit, Inc.)
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1467200 2014-11-27] (Lavasoft)
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\MountPoints2: {23a111ea-f158-11e1-ad81-047d7b87a11c} - F:\SISetup.exe
HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\AmazonSmile1ButtonApp\AmazonSmileExtIE64.dll [155648 2014-02-03] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\AmazonSmile1ButtonApp\\AmazonSmileExtIE.dll [140288 2014-02-03] (Amazon Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/?pc=U159
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {439B6DE6-6AB4-44C9-9483-1F17686A9D4B} URL = http://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://www.ebay.com/sch/i.html?_nkw={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1925866461-1870387054-773485301-1000: CouponNetwork.com/CMDUniversalCouponPrintActivator -> C:\Users\Mia\AppData\Roaming\CATALI~1\NPBCSK~1.DLL (Catalina Marketing Corporation)

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN36691910022864413&UM=2&UP=SP9E0A9363-F919-4716-9367-3099497EC4FC&SSPV=", "hxxp://www.bing.com/?pc=U217", "hxxp://g.msn.com/1ewenusDefaultPack/U217_DefaultPack_DHP2"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (USA TODAY) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aggljnipbdiebhbmadknfbjlhehbohbn [2013-06-13]
CHR Extension: (AccuWeather Forecast) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaabbcbolfcclofcpdipmefibpgacgc [2013-06-13]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Facebook) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2013-06-13]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-06-13]
CHR Extension: (Google Search) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-14]
CHR Extension: (Google+) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-06-13]
CHR Extension: (NYTimes) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2013-06-13]
CHR Extension: (Chromebleed) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-10]
CHR Extension: (Google Calendar) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2013-06-13]
CHR Extension: (GIMP on rollApp) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\eodhmnkhmnkmimhckfpkgmbmcgjkaddo [2014-10-07]
CHR Extension: (PicMonkey) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm [2013-06-13]
CHR Extension: (AdBlock) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-06-13]
CHR Extension: (Pin It Button) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-05-20]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-13]
CHR Extension: (NPR: News, Music and Books) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcamfjcklnmlbokoackecfjidfjafgog [2013-06-13]
CHR Extension: (Caroline Gardner) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlajhhigpcohfpjjmnbifacfbdoponci [2013-06-13]
CHR Extension: (WeatherBug (Legacy App)) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihdkejbciahopmbagpnjmmkkdpfpaaak [2013-06-13]
CHR Extension: (WordPress.com) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2013-10-22]
CHR Extension: (Instagram) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkmjgaejdekfmncdecdglcnegpljmfml [2014-05-19]
CHR Extension: (Hootsuite) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2013-06-13]
CHR Extension: (Blogger) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lejliakmhcfhakneflmicaoikhbicggc [2013-06-13]
CHR Extension: (feedly) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja [2013-06-13]
CHR Extension: (Google Wallet) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Outlook.com) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-06-06]
CHR Extension: (Weather Underground) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-05-07]
CHR Extension: (Gmail) - C:\Users\Mia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-13]
CHR StartMenuInternet: Google Chrome - C:\Users\Mia\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173240 2014-09-22] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177136 2014-04-28] (Coupons.com Inc.)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [1436192 2014-05-19] (Fitbit, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [682040 2011-02-17] (Hewlett-Packard)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [362296 2010-05-11] (HP)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.2.9.5\LavasoftTcpService.exe [1351512 2014-11-13] (Lavasoft Limited)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [15208 2014-11-27] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
R3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16896 2012-11-07] ()
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 10:00 - 2014-12-03 10:00 - 00052942 _____ () C:\Users\Mia\Desktop\2FRST.txt
2014-12-03 09:57 - 2014-12-03 09:57 - 02117120 _____ (Farbar) C:\Users\Mia\Downloads\FRST64.exe
2014-12-03 09:57 - 2014-12-03 09:57 - 02117120 _____ (Farbar) C:\Users\Mia\Desktop\FRST64.exe
2014-12-03 09:28 - 2014-12-03 09:28 - 00008076 _____ () C:\Users\Mia\Desktop\AdwCleaner[s0].txt
2014-12-03 09:18 - 2014-12-03 09:22 - 00000000 ____D () C:\AdwCleaner
2014-12-03 09:18 - 2014-12-03 09:18 - 02154496 _____ () C:\Users\Mia\Desktop\AdwCleaner.exe
2014-12-02 15:32 - 2014-12-03 10:00 - 00028748 _____ () C:\Users\Mia\Desktop\FRST.txt
2014-12-02 15:32 - 2014-12-02 15:32 - 00041850 _____ () C:\Users\Mia\Desktop\Addition.txt
2014-12-02 15:29 - 2014-12-03 10:00 - 00000000 ____D () C:\FRST
2014-11-29 05:59 - 2014-11-29 05:59 - 00193536 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30am.pub
2014-11-28 20:12 - 2014-11-29 06:00 - 00190976 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30pm.pub
2014-11-28 20:03 - 2014-11-29 05:59 - 00193536 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014.11.30.pub
2014-11-26 20:45 - 2014-12-03 09:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-26 20:45 - 2014-11-26 20:45 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 19:32 - 2014-11-26 19:32 - 00001124 _____ () C:\Users\Mia\Documents\Ad-Aware_Report_Quick_Manual_2014-11-26T19-31-24.693661.xml
2014-11-26 12:40 - 2014-11-26 12:40 - 00004688 _____ () C:\Windows\SysWOW64\LavasoftTcpService.ini
2014-11-26 12:40 - 2014-11-26 12:40 - 00002520 _____ () C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2014-11-26 12:40 - 2014-11-26 12:40 - 00002520 _____ () C:\Windows\system32\LavasoftTcpServiceOff.ini
2014-11-26 12:40 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\LavasoftStatistics
2014-11-26 12:40 - 2014-11-26 12:40 - 00000000 ____D () C:\Users\Mia\AppData\Local\Lavasoft
2014-11-26 12:40 - 2014-11-13 18:42 - 00358736 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2014-11-26 12:39 - 2014-11-26 12:39 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-11-26 12:39 - 2014-11-13 18:42 - 00312424 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2014-11-26 12:38 - 2014-12-03 09:50 - 00002307 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-11-26 12:38 - 2014-11-27 12:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-11-26 12:38 - 2014-11-26 19:25 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Lavasoft
2014-11-26 12:37 - 2014-11-26 12:37 - 00000000 ____D () C:\Program Files\Lavasoft
2014-11-26 12:36 - 2014-11-26 12:38 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-11-26 12:36 - 2014-11-26 12:36 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-11-25 12:50 - 2014-12-03 09:49 - 00001288 _____ () C:\Windows\setupact.log
2014-11-25 12:50 - 2014-12-03 09:23 - 00324800 _____ () C:\Windows\PFRO.log
2014-11-25 11:34 - 2014-11-28 16:43 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-24 15:55 - 2014-11-24 15:55 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\TuneUp Software
2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\AVG2015
2014-11-24 15:55 - 2014-11-24 15:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-24 15:54 - 2014-11-24 15:55 - 00000000 ____D () C:\ProgramData\AVG2015
2014-11-24 15:54 - 2014-11-24 15:54 - 00000000 ___HD () C:\$AVG
2014-11-24 15:53 - 2014-11-24 15:53 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-11-24 15:51 - 2014-12-03 09:59 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-24 15:51 - 2014-11-24 15:57 - 00000000 ____D () C:\Users\Mia\AppData\Local\Avg2015
2014-11-24 15:51 - 2014-11-24 15:51 - 00000000 ____D () C:\Users\Mia\AppData\Local\MFAData
2014-11-22 07:26 - 2014-11-25 13:09 - 00000000 ____D () C:\Users\Mia\Documents\Star Wars Snowflakes
2014-11-22 07:26 - 2014-11-22 07:26 - 07464083 _____ () C:\Users\Mia\Downloads\Star_Wars_Snowflakes_2012_AnthonyHerreraDesigns.zip
2014-11-20 08:03 - 2014-11-20 08:03 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Oracle
2014-11-20 07:57 - 2014-11-20 07:57 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-20 07:57 - 2014-11-20 07:57 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-20 07:57 - 2014-11-20 07:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-20 07:57 - 2014-11-20 07:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-20 07:57 - 2014-11-20 07:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-19 06:08 - 2014-11-10 22:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 06:08 - 2014-11-10 22:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 06:08 - 2014-11-10 21:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 06:08 - 2014-11-10 21:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-15 17:09 - 2014-11-15 17:09 - 00000000 ____D () C:\Users\Mia\Downloads\Lego DD Star Wars
2014-11-15 10:03 - 2014-11-15 17:09 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\LEGO Company
2014-11-15 10:03 - 2014-11-15 10:03 - 00000000 ____D () C:\Users\Mia\Documents\LEGO Creations
2014-11-15 10:01 - 2014-11-15 10:01 - 00002148 _____ () C:\Users\Public\Desktop\LEGO Digital Designer.lnk
2014-11-15 10:01 - 2014-11-15 10:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2014-11-15 10:00 - 2014-11-15 10:00 - 00000000 ____D () C:\Program Files (x86)\LEGO Company
2014-11-15 09:58 - 2014-11-15 09:58 - 00033825 _____ () C:\Users\Mia\Downloads\Lego DD Star Wars.zip
2014-11-12 19:58 - 2014-11-12 19:58 - 00000000 __SHD () C:\Users\Mia\AppData\Local\EmieBrowserModeList
2014-11-12 06:58 - 2014-11-07 14:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 06:58 - 2014-11-07 14:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 06:58 - 2014-11-05 23:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 06:58 - 2014-11-05 23:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 06:58 - 2014-11-05 23:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 06:58 - 2014-11-05 22:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 06:58 - 2014-11-05 22:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 06:58 - 2014-11-05 22:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 06:58 - 2014-11-05 22:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 06:58 - 2014-11-05 22:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 06:58 - 2014-11-05 22:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 06:58 - 2014-11-05 22:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 06:58 - 2014-11-05 22:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 06:58 - 2014-11-05 22:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 06:58 - 2014-11-05 22:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 06:58 - 2014-11-05 22:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 06:58 - 2014-11-05 22:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 06:58 - 2014-11-05 22:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 06:58 - 2014-11-05 22:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 06:58 - 2014-11-05 22:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 06:58 - 2014-11-05 22:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 06:58 - 2014-11-05 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 06:58 - 2014-11-05 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 06:58 - 2014-11-05 22:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 06:58 - 2014-11-05 22:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 06:58 - 2014-11-05 22:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 06:58 - 2014-11-05 22:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 06:58 - 2014-11-05 22:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 06:58 - 2014-11-05 22:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 06:58 - 2014-11-05 22:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 06:58 - 2014-11-05 22:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 06:58 - 2014-11-05 22:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 06:58 - 2014-11-05 21:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 06:58 - 2014-11-05 21:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 06:58 - 2014-11-05 21:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 06:58 - 2014-11-05 21:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 06:58 - 2014-11-05 21:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 06:58 - 2014-11-05 21:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 06:58 - 2014-11-05 21:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 06:58 - 2014-11-05 21:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 06:58 - 2014-11-05 21:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 06:58 - 2014-11-05 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 06:58 - 2014-11-05 21:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 06:58 - 2014-11-05 21:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 06:58 - 2014-11-05 21:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 06:58 - 2014-11-05 21:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 06:58 - 2014-11-05 21:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 06:58 - 2014-11-05 21:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 06:58 - 2014-11-05 21:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 06:58 - 2014-11-05 21:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 06:58 - 2014-11-05 21:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 06:58 - 2014-11-05 21:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 06:58 - 2014-11-05 20:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 06:58 - 2014-11-05 20:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 06:58 - 2014-11-05 20:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 06:58 - 2014-11-05 20:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 06:58 - 2014-11-05 12:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 06:58 - 2014-11-05 12:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 06:58 - 2014-11-05 12:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 06:58 - 2014-10-13 21:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 06:58 - 2014-10-13 21:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 06:58 - 2014-10-13 21:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 06:58 - 2014-10-13 21:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 06:58 - 2014-10-13 21:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 06:58 - 2014-10-13 20:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 06:58 - 2014-10-13 20:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 06:58 - 2014-10-13 20:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 06:58 - 2014-10-13 20:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 06:58 - 2014-10-02 21:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 06:58 - 2014-10-02 21:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 06:58 - 2014-10-02 21:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 06:58 - 2014-10-02 21:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 06:58 - 2014-10-02 21:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 06:58 - 2014-10-02 20:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 06:58 - 2014-10-02 20:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 06:58 - 2014-10-02 20:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 06:58 - 2014-09-19 04:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 06:58 - 2014-09-19 04:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 06:58 - 2014-08-21 01:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 06:58 - 2014-08-21 01:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 06:58 - 2014-08-21 01:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 06:58 - 2014-08-21 01:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 06:58 - 2014-08-11 21:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 06:58 - 2014-08-11 20:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 06:57 - 2014-10-24 20:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 06:57 - 2014-10-24 20:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 06:57 - 2014-10-17 21:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 06:57 - 2014-10-17 20:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 06:57 - 2014-10-13 21:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 06:57 - 2014-10-13 20:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 06:57 - 2014-10-09 19:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-05 21:01 - 2014-11-05 21:01 - 00190464 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014am.pub
2014-11-05 21:01 - 2014-11-05 21:01 - 00187392 _____ () C:\Users\Mia\Documents\Redeemerworshipguides2014pm.pub

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-03 09:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-03 09:57 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-03 09:53 - 2012-07-21 06:51 - 01838250 _____ () C:\Windows\WindowsUpdate.log
2014-12-03 09:50 - 2014-05-15 14:28 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-03 09:50 - 2012-07-10 16:36 - 00000000 ____D () C:\ProgramData\PDFC
2014-12-03 09:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-03 09:09 - 2012-07-23 07:37 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA.job
2014-12-03 08:35 - 2012-07-31 17:48 - 00000000 ____D () C:\Users\Mia\Documents\Outlook Files
2014-12-03 07:09 - 2012-07-23 07:37 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core.job
2014-12-02 13:41 - 2014-11-01 04:48 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-02 13:41 - 2014-05-15 14:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-02 13:41 - 2014-05-15 14:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-02 11:48 - 2012-07-21 06:56 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DEC8DDE2-D6A5-4709-85BE-DDD9E52AB5E9}
2014-12-01 07:20 - 2012-07-21 06:56 - 00003174 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMia
2014-12-01 07:20 - 2012-07-21 06:56 - 00000324 _____ () C:\Windows\Tasks\HPCeeScheduleForMia.job
2014-11-30 07:12 - 2012-07-29 07:29 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-30 07:12 - 2012-07-23 06:51 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-11-29 05:53 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 20:45 - 2014-08-04 16:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 20:45 - 2012-07-10 16:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 17:41 - 2012-07-23 06:49 - 00000000 ____D () C:\Users\Mia\AppData\Local\CrashDumps
2014-11-26 15:03 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-25 12:16 - 2012-07-10 16:33 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eReaders and Document Viewers
2014-11-25 11:51 - 2014-08-01 06:40 - 00000000 ____D () C:\ProgramData\Adobe
2014-11-25 11:51 - 2012-07-21 06:59 - 00000000 ____D () C:\Users\Mia\AppData\Roaming\Adobe
2014-11-25 11:50 - 2014-08-01 06:41 - 00000000 ____D () C:\Users\Mia\AppData\Local\Adobe
2014-11-22 19:14 - 2013-08-21 21:05 - 00000000 ____D () C:\Users\Mia\Documents\Recipes
2014-11-21 06:14 - 2014-05-15 14:28 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-05-15 14:28 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2013-05-31 07:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-20 18:15 - 2013-11-13 13:16 - 00000000 ____D () C:\Users\Mia\Documents\My Kindle Content
2014-11-20 18:07 - 2013-11-13 13:16 - 00002223 _____ () C:\Users\Mia\Desktop\Kindle.lnk
2014-11-20 18:06 - 2013-11-13 13:16 - 00000000 ____D () C:\Users\Mia\AppData\Local\Amazon
2014-11-20 08:03 - 2014-09-04 18:04 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-20 07:56 - 2012-09-03 14:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 07:20 - 2013-08-21 21:04 - 00000000 ____D () C:\Users\Mia\Documents\Homeschool PDFs
2014-11-18 08:00 - 2012-11-12 20:31 - 00003222 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForMIA-HPOMNI$
2014-11-18 08:00 - 2012-11-12 20:31 - 00000346 _____ () C:\Windows\Tasks\HPCeeScheduleForMIA-HPOMNI$.job
2014-11-15 07:04 - 2012-07-23 07:37 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA
2014-11-15 07:04 - 2012-07-23 07:37 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core
2014-11-13 16:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 19:40 - 2012-07-21 07:00 - 00109296 _____ () C:\Users\Mia\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 19:39 - 2009-07-13 23:45 - 00408136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 19:38 - 2014-05-06 13:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 17:44 - 2012-07-31 16:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 17:40 - 2013-08-14 07:44 - 00000000 ____D () C:\Windows\system32\MRT

Some content of TEMP:
====================
C:\Users\Mia\AppData\Local\Temp\a0736eee-1ad0-4707-858d-5ff68d1767b3.exe
C:\Users\Mia\AppData\Local\Temp\Quarantine.exe
C:\Users\Mia\AppData\Local\Temp\SpOrder.dll
C:\Users\Mia\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-25 06:50

==================== End Of Log ============================

Link to post
Share on other sites

And lastly:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-12-2014
Ran by Mia at 2014-12-03 10:00:45
Running from C:\Users\Mia\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.02.03.0 - Ralink)
Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
Ad-Aware Web Companion (x32 Version: 1.0.813.1538 - Lavasoft) Hidden
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Amazon Kindle) (Version:  - Amazon)
AmazonSmile 1Button App (HKLM-x32\...\{D775E291-9D15-4AAE-B75C-ECBD32B82B86}) (Version: 1.0.0 - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4235 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.98.0 - Microsoft Corporation)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bubble Wrap (HKLM-x32\...\{5BFFDDEB-AFD7-499F-BB13-7A6EAD927CDA}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Catalina Savings Printer (HKLM-x32\...\{37331C16-3E97-4A20-80D8-BFB43AB0E2FB}) (Version: 1.0.0 - Catalina Marketing Corp)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4417 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Evernote v. 4.5.8 (HKLM-x32\...\{DED01768-E634-11E1-AEB0-984BE15F174E}) (Version: 4.5.8.7356 - Evernote Corp.)
Facebook (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fitbit Connect (HKLM-x32\...\{D3CD091B-296B-48E9-9F0F-E9FE53E02E41}) (Version: 1.0.3.5511 - Fitbit Inc.)
Google Chrome (HKU\S-1-5-21-1925866461-1870387054-773485301-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{B34A07DD-C6F7-414A-AE63-01019482EAF0}) (Version: 1.0.393.3870 - Hewlett-Packard)
HP Calendar (HKLM-x32\...\{2B38E0FA-D8A5-4EBF-A018-E3C1C8E7A2E2}) (Version: 5.1.4245.23508 - Hewlett-Packard)
HP Clock (HKLM-x32\...\{0EEC4E49-D4C2-4E23-87F2-B5641F1A09E4}) (Version: 5.1.4244.16367 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP LinkUp (HKLM-x32\...\{7E750542-55BC-4300-8B7B-AC2A762FB435}) (Version: 2.01.029 - Hewlett-Packard)
HP Magic Canvas (HKLM-x32\...\{DDFDC9D6-4220-41F8-BF9A-8E7512C4EF52}) (Version: 5.1.15.0 - Hewlett-Packard)
HP Magic Canvas Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 5.0.0.3 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP Notes (HKLM-x32\...\{86BAB08A-5E66-4C53-82E3-C1E91673C7CA}) (Version: 5.1.4274.30382 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP RSS (HKLM-x32\...\{A35E58D6-2A0F-4051-983B-79342081338E}) (Version: 5.1.4301.21494 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15130.3904 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.15145.3905 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 11.00.0001 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.12.1.0 - Hewlett-Packard)
HP Weather (HKLM-x32\...\{8364E531-493B-4B05-8041-09D5CE38B975}) (Version: 5.1.4295.16450 - Hewlett-Packard)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2430 - Intel Corporation)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version:  - )
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 2.0.3 - Kobo Inc.)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.4507 - CyberLink Corp.) Hidden
LavasoftTcpService (x32 Version: 2.2.9.5 - Lavasoft) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Luxor HD (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Metric Converter (HKLM-x32\...\{D0661463-50F7-4A1E-83CB-37CC590589AE}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.65 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5706 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5706 - CyberLink Corp.) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.11.0721.0 -  NewspaperDirect Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28099 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4424 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spot (HKLM-x32\...\{3D171340-B528-42E0-92E4-BDA7AEEF6F32}_is1) (Version: 1.0.0.0 - XM Asia Pacific Pte Ltd)
The Treasures of Mystery Island: The Ghost Ship (x32 Version: 2.2.0.98 - WildTangent) Hidden
TheSkyX First Light Edition (HKLM-x32\...\{ECE3188A-3B11-4332-B1B9-43FAA9A02626}) (Version: 10.0.2 - Software Bisque, Inc.)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
TSHostedAppLauncher (x32 Version: 5.1.15.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Web Companion (HKLM-x32\...\{89C9F6E5-50D4-400C-AB96-5A947584D4D6}_WebCompanion) (Version: 1.0.813.1538 - Lavasoft)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.32 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1925866461-1870387054-773485301-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Mia\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

26-11-2014 17:36:13 AA11
26-11-2014 17:38:49 LavasoftWeCompanion
26-11-2014 22:32:45 Windows Update
27-11-2014 17:37:06 LavasoftWeCompanion
28-11-2014 21:37:34 avast! antivirus system restore point
30-11-2014 11:11:51 Windows Update
03-12-2014 14:36:29 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {42BA4E00-E586-4454-928B-A3D161407949} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23] (Google Inc.)
Task: {43938DA9-C510-461A-956C-A0A31ACAFA03} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {48D5F14E-69FF-415D-BBAA-1A0CAEAE64BE} - System32\Tasks\HPCeeScheduleForMIA-HPOMNI$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6CD66EB6-909F-4CCF-861A-34AFDF518286} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {7DE08EE3-1183-461E-8729-04C979AED4CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {7F1C9BD5-E92F-43CF-94AF-281C0F924957} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {8764E9F0-7423-48E8-9897-4EFA995BA301} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)
Task: {8AE5D8BD-8307-4649-9B31-C794C87301D5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9789B0C9-EC3F-4DC1-8D5C-CF8892D86E16} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {9BE612B3-0BF0-4087-B86B-27DD68D299A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-10-21] (Hewlett-Packard)
Task: {9E4DC027-32B7-493C-BE19-ECFC487FBD2A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-08-17] (CyberLink)
Task: {A9092FE4-3CBB-42DE-939B-006E7F44480E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-23] (Google Inc.)
Task: {AFDC88B3-38F0-4064-A989-644E4D716A69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F144E27C-9917-499F-9927-09776057BF95} - System32\Tasks\HPCeeScheduleForMia => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000Core.job => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1925866461-1870387054-773485301-1000UA.job => C:\Users\Mia\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMIA-HPOMNI$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForMia.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-07-12 08:09 - 2012-09-29 12:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2012-08-28 16:42 - 2012-09-29 12:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2012-08-28 16:42 - 2012-09-29 12:26 - 03120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2012-08-28 16:42 - 2012-09-29 12:53 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02753360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00015208 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2014-11-27 10:42 - 2014-11-27 10:42 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00029032 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2012-08-28 16:40 - 2010-04-28 10:49 - 00222720 _____ () C:\Windows\system32\m1210nwia.dll
2012-07-10 16:08 - 2011-06-26 21:16 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00067392 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00169320 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00088392 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00033136 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Repositories.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2014-11-27 10:43 - 2014-11-27 10:43 - 00041304 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00235336 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Filtering.dll
2014-11-27 10:42 - 2014-11-27 10:42 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2014-09-25 06:17 - 2014-09-05 10:55 - 00132808 _____ () C:\Users\Mia\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll
2014-07-14 12:07 - 2013-11-18 01:56 - 01042432 _____ () C:\Users\Mia\AppData\Local\Microsoft\BingBar\Apps\Translator_f5cbd3ef4c144434b17913278004e270\7.3.132\Blingext.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: GamesAppService => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-1925866461-1870387054-773485301-500 - Administrator - Disabled)
Guest (S-1-5-21-1925866461-1870387054-773485301-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1925866461-1870387054-773485301-1002 - Limited - Enabled)
Mia (S-1-5-21-1925866461-1870387054-773485301-1000 - Administrator - Enabled) => C:\Users\Mia

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2014 09:38:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 5ec

Start Time: 01d00f066f5ad70c

Termination Time: 31

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:37:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1570

Start Time: 01d00f059b8fd132

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:35:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1b2c

Start Time: 01d00f057b755ef3

Termination Time: 16

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:31:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19e0

Start Time: 01d00f05cee50407

Termination Time: 13

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:31:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 878

Start Time: 01d00f05b768cc1e

Termination Time: 16

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:30:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1468

Start Time: 01d00f05a4270a46

Termination Time: 15

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:11:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3244

Start Time: 01d00f02e6ccb29e

Termination Time: 23

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:10:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3334

Start Time: 01d00f02a3574ad4

Termination Time: 32

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:08:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2e44

Start Time: 01d00f02483c5e25

Termination Time: 16

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (12/03/2014 09:06:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 33b4

Start Time: 01d00f023786556b

Termination Time: 25

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

System errors:
=============
Error: (12/03/2014 10:00:31 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer KEVIN-TABLET
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E046142F-A624-42AE-9DD2-359FE094CA9A}.
The master browser is stopping or an election is being forced.

Error: (12/03/2014 09:22:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Assistant Service service failed to start due to the following error:
%%109

Error: (12/03/2014 09:22:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LavasoftTcpService service failed to start due to the following error:
%%109

Error: (12/03/2014 09:22:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Print Spooler service failed to start due to the following error:
%%1069

Error: (12/03/2014 09:22:44 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/03/2014 09:22:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Apple Mobile Device service failed to start due to the following error:
%%109

Error: (12/03/2014 09:21:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (12/03/2014 09:21:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Ad-Aware Service 11 service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/03/2014 09:21:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The IE Search Set service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (12/03/2014 09:21:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HP Support Assistant Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (12/03/2014 09:38:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174205ec01d00f066f5ad70c31C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:37:38 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420157001d00f059b8fd13215C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:35:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174201b2c01d00f057b755ef316C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:31:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1742019e001d00f05cee5040713C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:31:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1742087801d00f05b768cc1e16C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:30:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420146801d00f05a4270a4615C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:11:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420324401d00f02e6ccb29e23C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:10:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17420333401d00f02a3574ad432C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:08:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174202e4401d00f02483c5e2516C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (12/03/2014 09:06:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1742033b401d00f023786556b25C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==================== Memory info ===========================

Processor: Intel® Pentium® CPU G620 @ 2.60GHz
Percentage of memory in use: 58%
Total physical RAM: 4008.47 MB
Available physical RAM: 1647.16 MB
Total Pagefile: 8015.13 MB
Available Pagefile: 4796.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:448.6 GB) (Free:342.08 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:17.06 GB) (Free:2.1 GB) NTFS ==>[system with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 64E4B27F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

  • Staff

warning.gif Multiple Resident Protection warning!
 
Always have one (and no more than one!) AntiVirus program! In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. Please choose only one from the listed below to stay with and uninstall the others:

  • Microsoft Security Essentials
  • AVG AntiVirus Free Edition 2015
  • Ad-Aware Antivirus

Uninstallation procedure:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for each uninstalled entry, right-click it and select Uninstall.

This should be done until any other steps will be taken.
 
 
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

fixlist.txt

Link to post
Share on other sites

Thanks for the info on the multiple protection! Here is the fixlog as requested:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-12-2014
Ran by Mia at 2014-12-03 14:17:50 Run:1
Running from C:\Users\Mia\Desktop
Loaded Profile: Mia (Available profiles: Mia)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
closeprocesses:
emptytemp:
HKU\S-1-5-18\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...kw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia....ch={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...kw={searchTerms}
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.amazon.co...ds={searchTerms}
SearchScopes: HKU\S-1-5-21-1925866461-1870387054-773485301-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...kw={searchTerms}
CHR HomePage: Default ->
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN36691910022864413&UM=2&UP=SP9E0A9363-F919-4716-9367-3099497EC4FC&SSPV=", "hxxp://www.bing.com/?pc=U217", "hxxp://g.msn.com/1ewenusDefaultPack/U217_DefaultPack_DHP2"

*****************

Processes closed successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key deleted successfully.
"HKCR\CLSID\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d43b3890-80c7-4010-a95d-1e77b5924dc3}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
HKU\S-1-5-21-1925866461-1870387054-773485301-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-1925866461-1870387054-773485301-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKU\S-1-5-21-1925866461-1870387054-773485301-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key deleted successfully.
"HKCR\CLSID\{439B6DE6-6AB4-44C9-9483-1F17686A9D4B}" => Key not found.
"HKU\S-1-5-21-1925866461-1870387054-773485301-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
EmptyTemp: => Removed 1.2 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

Link to post
Share on other sites

  • Staff

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifFiheHippo.com Update Checker - to keep your programs up-to-date.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: xbtn_donate_SM.gif.pagespeed.ic.MMi5tqVp

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.