Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome just shut down by itself?

virus google tabs

  • Please log in to reply

#1
animalloverabh

animalloverabh

    Member

  • Member
  • PipPip
  • 19 posts

All of the tabs just suddenly closed without me doing anything.

The computer was very slow for around 30 seconds after this when I tried to start google up again.

 

I also have avc constantly telling me my free trial is over????

 

Thanks in advance.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,027 posts
  • MVP
 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  •  
     
     
    Please download Farbar Recovery Scan Tool and save it to your Desktop. 
     
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. 
     
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #3
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts
    # AdwCleaner v5.118 - Logfile created 29/05/2016 at 21:50:36
    # Updated 23/05/2016 by Xplode
    # Database : 2016-05-29.1 [Server]
    # Operating system : Windows 8.1  (X64)
    # Username : Alanna - HEMPANATOR
    # Running from : C:\Users\Alanna\Downloads\AdwCleaner.exe
    # Option : Clean
     
    ***** [ Services ] *****
     
    [-] Service Deleted : APNMCP
    [-] Service Deleted : WtuSystemSupport
    [-] Service Deleted : vToolbarUpdater40.3.1
     
    ***** [ Folders ] *****
     
    [-] Folder Deleted : C:\ProgramData\apn
    [-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
    [-] Folder Deleted : C:\ProgramData\AVG Secure Search
    [-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
    [-] Folder Deleted : C:\ProgramData\avg web tuneup
    [-] Folder Deleted : C:\ProgramData\Avg_Update_0415av
    [#] Folder Deleted : C:\ProgramData\Application Data\apn
    [#] Folder Deleted : C:\ProgramData\Application Data\AskPartnerNetwork
    [#] Folder Deleted : C:\ProgramData\Application Data\AVG Secure Search
    [#] Folder Deleted : C:\ProgramData\Application Data\AVG Security Toolbar
    [#] Folder Deleted : C:\ProgramData\Application Data\avg web tuneup
    [#] Folder Deleted : C:\ProgramData\Application Data\Avg_Update_0415av
    [-] Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
    [-] Folder Deleted : C:\Program Files (x86)\avg web tuneup
    [-] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Temp\apn
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\AskPartnerNetwork
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\VNT
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\avg web tuneup
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjebaomffhbebmkanbennmagkdjkclo
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
    [-] Folder Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
    [-] Folder Deleted : C:\Program Files\avg web tuneup
    [-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
     
    ***** [ Files ] *****
     
    [-] File Deleted : C:\Users\Alanna\Favorites\eBay.lnk
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_cmaiofennmphjldldcpphcechfnnohja_0.localstorage-journal
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage
    [-] File Deleted : C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage-journal
     
    ***** [ DLLs ] *****
     
     
    ***** [ WMI ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Scheduled tasks ] *****
     
     
    ***** [ Registry ] *****
     
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.apn.native_messaging_host_aaaaahaeginbdcckocjkhbciadcafnep
    [-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    [-] Key Deleted : HKLM\SOFTWARE\Classes\s
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\opjebaomffhbebmkanbennmagkdjkclo
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\opjebaomffhbebmkanbennmagkdjkclo
    [-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
    [-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    [-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
    [-] Key Deleted : HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
    [-] Key Deleted : HKCU\Software\AskPartnerNetwork
    [-] Key Deleted : HKCU\Software\VNT
    [-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
    [-] Key Deleted : HKLM\SOFTWARE\AVG Tuneup
    [-] Key Deleted : [x64] HKLM\SOFTWARE\AVG Secure Search
    [-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
    [-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
    [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
    [-] Data Restored : HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
    [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTBMon]
    [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
    [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [VNT]
    [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [vProt]
     
    ***** [ Web browsers ] *****
     
    [-] [C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaaejaghnbcjilindpkgmcmdflpgjf
    [-] [C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaahaeginbdcckocjkhbciadcafnep
    [-] [C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : chfdnecihphmhljaaejmgoiahnihplgn
    [-] [C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fcfenmboojpjinhpgggodefccipikbpd
    [-] [C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : opjebaomffhbebmkanbennmagkdjkclo
    [-] [C:\Users\Alanna\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
     
    *************************
     
    :: "Tracing" keys deleted
    :: Winsock settings cleared
     
    *************************
     
    C:\AdwCleaner\AdwCleaner[C1].txt - [12150 bytes] - [29/05/2016 21:50:36]
    C:\AdwCleaner\AdwCleaner[S1].txt - [12097 bytes] - [29/05/2016 21:45:56]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12298 bytes] ##########

    • 0

    #4
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.6 (04.25.2016)
    Operating System: Windows 8.1 x64 
    Ran by Alanna (Administrator) on 29/05/2016 at 22:05:20.96
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    File System: 16 
     
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_adultcatfinder.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_adultcatfinder.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.metrolyrics.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oldielyrics.com_0.localstorage (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage-journal (File) 
    Successfully deleted: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.saveur.com_0.localstorage (File) 
    Successfully deleted: C:\windows\system32\Tasks\0415avUpdateInfo (Task)
    Successfully deleted: C:\windows\Tasks\0415avUpdateInfo.job (Task) 
     
     
     
    Registry: 2 
     
    Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 29/05/2016 at 22:10:57.72
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    • 0

    #5
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
    Ran by Alanna (administrator) on HEMPANATOR (29-05-2016 22:14:50)
    Running from C:\Users\Alanna\Downloads
    Loaded Profiles: Alanna (Available Profiles: Alanna)
    Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
    () C:\Program Files\Apoint2K\HidMonitorSvc.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
    (FUJITSU LIMITED) C:\Program Files\FUJITSU\FUJ02E3\FUJ02E3.exe
    (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
    (FUJITSU LIMITED) C:\Program Files\FUJITSU\Plugfree NETWORK\PFNService.exe
    (FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\PSUService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
    (Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
    (Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ===========================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
    HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
    HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-23] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
    HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [4883216 2016-05-19] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-22] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [349000 2016-02-02] (FUJITSU LIMITED)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Facebook Update] => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [f.lux] => C:\Users\Alanna\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [BingSvc] => C:\Users\Alanna\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {59557de8-0498-11e5-829c-681729d24acd} - "F:\Startme.exe" 
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {5bcd9483-d6fc-11e5-82b2-681729d24acd} - "D:\Startme.exe" 
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {989ccea9-b855-11e3-826f-681729d24acd} - "D:\Startme.exe" 
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
    Startup: C:\Users\Alanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-29]
    ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{7BA37EAC-A21F-42CA-9DDA-F3532474E1F2}: [DhcpNameServer] 192.168.1.254
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-gb
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com/?pc=FSJB
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> {95DB76ED-8DBB-4160-8973-D1EB4497AC13} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
    BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
    BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
    BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
    BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
    BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
    BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
    BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
    BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
    BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
    Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
    Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
    Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
    Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
     
    FireFox:
    ========
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
    FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
    FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
    FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
    FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
    FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
    FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alanna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
    FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-04-21] (Sony Network Entertainment International LLC)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
    FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
    FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2016-05-29]
     
    Chrome: 
    =======
    CHR HomePage: Default -> hxxp://www.google.com/
    CHR Session Restore: Default -> is enabled.
    CHR Profile: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Duolingo on the Web) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-08-31]
    CHR Extension: (Google Docs) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
    CHR Extension: (Google Drive) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
    CHR Extension: (YouTube) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
    CHR Extension: (Google Search) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
    CHR Extension: (Google Docs Offline) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
    CHR Extension: (AdBlock) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-29]
    CHR Extension: (Skype) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-29]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
    CHR Extension: (Norton Security Toolbar) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-08-07]
    CHR Extension: (Gmail) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
    CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
    CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
    CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
    CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
     
    ==================== Services (Whitelisted) ========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [86872 2013-08-02] ()
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638968 2016-05-19] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5155904 2016-05-19] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1078544 2016-04-22] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [710232 2016-05-19] (AVG Technologies CZ, s.r.o.)
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
    R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
    R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [74448 2013-07-18] (FUJITSU LIMITED)
    R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
    S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
    R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [262928 2015-03-07] (Symantec Corporation)
    R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
    R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2013-07-12] (FUJITSU LIMITED) [File not signed]
    R2 PowerSavingUtilityService; C:\Program Files\FUJITSU\PSUtility\PSUService.exe [51608 2013-08-19] (FUJITSU LIMITED)
    R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4584208 2016-03-29] (AVG Technologies CZ, s.r.o.)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-03-29] (AVG Technologies CZ, s.r.o.)
    R2 UxTuneUp; C:\windows\SysWOW64\uxtuneup.dll [49424 2016-03-29] (AVG Technologies CZ, s.r.o.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
     
    ===================== Drivers (Whitelisted) ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-04-20] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [248576 2016-03-29] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-04-14] (AVG Technologies CZ, s.r.o.)
    R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-04] (AVG Technologies CZ, s.r.o.)
    R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
    R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
    R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
    R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
    R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-05] (Disc Soft Ltd)
    S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
    R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
    R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
    R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20176 2013-08-09] (FUJITSU LIMITED)
    R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [33096 2016-02-02] (FUJITSU LIMITED)
    R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [21200 2013-08-12] (FUJITSU LIMITED)
    R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140912.001\IDSvia64.sys [633560 2014-09-03] (Symantec Corporation)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
    S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140913.021\ENG64.SYS [129752 2014-09-05] (Symantec Corporation)
    S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140913.021\EX64.SYS [2137304 2014-09-05] (Symantec Corporation)
    R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
    S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
    R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1812760 2013-08-12] (Sonix Co. Ltd.)
    S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
    R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
    R0 SymDS; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
    R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
    S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1507000.00B\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
    R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-16] (Symantec Corporation)
    R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
    R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
    R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-05-29 22:14 - 2016-05-29 22:15 - 00029195 _____ C:\Users\Alanna\Downloads\FRST.txt
    2016-05-29 22:14 - 2016-05-29 22:14 - 02383872 _____ (Farbar) C:\Users\Alanna\Downloads\FRST64.exe
    2016-05-29 22:14 - 2016-05-29 22:14 - 00000000 ____D C:\FRST
    2016-05-29 22:12 - 2016-05-29 22:12 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (2).exe
    2016-05-29 22:10 - 2016-05-29 22:10 - 00003071 _____ C:\Users\Alanna\Desktop\JRT.txt
    2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Downloads\JRT.exe
    2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Desktop\JRT.exe
    2016-05-29 22:02 - 2016-05-29 22:03 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (1).exe
    2016-05-29 21:45 - 2016-05-29 21:50 - 00000000 ____D C:\AdwCleaner
    2016-05-29 19:41 - 2016-05-29 19:42 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner.exe
    2016-05-29 10:27 - 2016-05-29 10:27 - 00602112 _____ (OldTimer Tools) C:\Users\Alanna\Downloads\OTL.scr
    2016-05-28 09:00 - 2016-05-28 09:02 - 115953736 _____ C:\Users\Alanna\Downloads\AlejandroAravena_2014G-480p.mp4
    2016-05-26 20:07 - 2016-05-26 20:07 - 00688913 _____ C:\Users\Alanna\Downloads\james (@niandraIades) _ Twitter.html
    2016-05-23 08:04 - 2016-05-23 08:04 - 01311642 _____ C:\Users\Alanna\Downloads\ebook_the_monk_who_sold_his_ferrari_robin_s_sharma.pdf
    2016-05-23 07:51 - 2016-05-29 21:47 - 00004970 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for HEMPANATOR-Alanna hempanator
    2016-05-15 15:36 - 2016-05-15 15:36 - 20603894 _____ C:\Users\Alanna\Downloads\Results Day..mp4
    2016-05-15 12:00 - 2016-05-15 12:00 - 00551424 _____ C:\Users\Alanna\Downloads\8. Formation of a depression.ppt
    2016-05-15 01:00 - 2016-05-15 01:00 - 00157989 _____ C:\Users\Alanna\Downloads\property-33952917.html
    2016-05-10 22:37 - 2016-04-22 21:54 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2016-05-10 22:37 - 2016-04-22 21:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2016-05-10 22:37 - 2016-04-22 21:14 - 02893312 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2016-05-10 22:37 - 2016-04-22 21:08 - 06052864 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2016-05-10 22:37 - 2016-04-22 21:06 - 20349952 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2016-05-10 22:37 - 2016-04-22 21:00 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
    2016-05-10 22:37 - 2016-04-22 20:35 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2016-05-10 22:37 - 2016-04-22 20:29 - 02285568 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2016-05-10 22:37 - 2016-04-22 20:24 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
    2016-05-10 22:37 - 2016-04-22 20:23 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
    2016-05-10 22:37 - 2016-04-22 20:19 - 15414784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2016-05-10 22:37 - 2016-04-22 20:17 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
    2016-05-10 22:37 - 2016-04-22 20:14 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2016-05-10 22:37 - 2016-04-22 20:14 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2016-05-10 22:37 - 2016-04-22 20:14 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2016-05-10 22:37 - 2016-04-22 20:12 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2016-05-10 22:37 - 2016-04-22 19:58 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2016-05-10 22:37 - 2016-04-22 19:58 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
    2016-05-10 22:37 - 2016-04-22 19:54 - 13811200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2016-05-10 22:37 - 2016-04-22 19:53 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
    2016-05-10 22:37 - 2016-04-22 19:52 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2016-05-10 22:37 - 2016-04-22 19:52 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2016-05-10 22:37 - 2016-04-22 19:52 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2016-05-10 22:37 - 2016-04-22 19:51 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2016-05-10 22:37 - 2016-04-22 19:40 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2016-05-10 22:37 - 2016-04-22 19:29 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2016-05-10 22:37 - 2016-04-22 19:27 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2016-05-10 22:37 - 2016-04-22 19:24 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2016-05-10 22:37 - 2016-04-22 19:23 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2016-05-10 22:35 - 2016-04-06 22:13 - 00561960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
    2016-05-10 22:35 - 2016-04-06 22:13 - 00137976 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2016-05-10 22:35 - 2016-04-06 19:20 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
    2016-05-10 22:35 - 2016-04-06 19:19 - 00401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
    2016-05-10 22:35 - 2016-04-06 19:19 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
    2016-05-10 22:35 - 2016-04-06 18:49 - 00120384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2016-05-10 22:35 - 2016-04-06 18:40 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2016-05-10 22:35 - 2016-04-06 17:57 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2016-05-10 22:35 - 2016-04-06 17:52 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2016-05-10 22:35 - 2016-04-06 17:20 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2016-05-10 22:35 - 2016-04-06 16:48 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2016-05-10 22:35 - 2016-03-31 07:50 - 01307328 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2016-05-10 22:35 - 2016-03-31 04:40 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2016-05-10 22:34 - 2016-04-10 08:48 - 00738096 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
    2016-05-10 22:34 - 2016-04-10 08:48 - 00613624 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
    2016-05-10 22:34 - 2016-04-10 05:21 - 01763376 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2016-05-10 22:34 - 2016-04-10 05:21 - 01489088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2016-05-10 22:34 - 2016-04-10 05:14 - 01380600 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2016-05-10 22:34 - 2016-04-09 23:07 - 01097728 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2016-05-10 22:34 - 2016-04-09 22:58 - 00534016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
    2016-05-10 22:34 - 2016-04-09 22:50 - 00375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
    2016-05-10 22:34 - 2016-03-29 02:42 - 07446368 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
    2016-05-10 22:34 - 2016-02-11 21:17 - 01737088 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
    2016-05-10 22:34 - 2016-02-11 21:17 - 01663184 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
    2016-05-10 22:34 - 2016-02-11 21:17 - 01523208 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
    2016-05-10 22:34 - 2016-02-11 21:17 - 01490120 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
    2016-05-10 22:34 - 2016-02-11 21:17 - 01358952 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
    2016-05-10 22:34 - 2016-02-11 21:16 - 01501488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
    2016-05-10 22:34 - 2016-02-09 19:07 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
    2016-05-10 22:33 - 2016-04-11 07:21 - 00074584 ____C (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
    2016-05-10 22:33 - 2016-04-10 06:37 - 01549144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
    2016-05-10 22:33 - 2016-04-10 00:29 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2016-05-08 10:51 - 2016-05-08 10:51 - 00025768 _____ C:\Users\Alanna\Downloads\Ch62nUBWwAsSCBE.jpg-large
    2016-05-04 16:58 - 2016-05-04 16:58 - 00071936 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avguniva.sys
    2016-05-02 01:25 - 2016-05-02 01:25 - 01505408 _____ (Skype Technologies S.A.) C:\Users\Alanna\Downloads\SkypeSetup (1).exe
    2016-05-01 09:51 - 2016-05-01 09:51 - 00048521 _____ C:\Users\Alanna\Downloads\ChWbarjW0AExh4y.jpg-large
    2016-05-01 09:43 - 2016-05-01 09:43 - 00159986 _____ C:\Users\Alanna\Downloads\ChWb9F_WgAAGq_w.jpg-large
    2016-05-01 09:36 - 2016-05-01 09:36 - 00231793 _____ C:\Users\Alanna\Downloads\ChWnpxAXEAAmHJ3.jpg-large
    2016-05-01 09:35 - 2016-05-01 09:35 - 00210309 _____ C:\Users\Alanna\Downloads\ChW1Sf3WgAAt_cI.jpg-large
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2016-05-29 22:07 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
    2016-05-29 22:06 - 2015-06-16 17:12 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\Skype
    2016-05-29 22:04 - 2015-08-07 15:55 - 00000000 ____D C:\windows\System32\Tasks\Remediation
    2016-05-29 22:02 - 2013-12-22 22:33 - 00000000 ___DO C:\Users\Alanna\SkyDrive
    2016-05-29 22:00 - 2013-12-22 22:33 - 00000000 ____D C:\Users\Alanna\Documents\Youcam
    2016-05-29 21:59 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
    2016-05-29 21:58 - 2013-12-23 01:05 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2016-05-29 21:55 - 2014-06-02 21:18 - 00000000 ____D C:\ProgramData\MFAData
    2016-05-29 21:55 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
    2016-05-29 21:54 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI
    2016-05-29 21:50 - 2013-12-22 22:41 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D5FDDAAA-1C49-44B1-B641-7EF4732B44A2}
    2016-05-29 16:55 - 2013-12-23 01:05 - 00000928 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2016-05-29 16:18 - 2014-05-03 19:13 - 00000954 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job
    2016-05-28 19:18 - 2014-05-03 19:13 - 00000932 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job
    2016-05-28 02:53 - 2015-06-16 17:12 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-05-27 20:40 - 2013-12-22 22:30 - 00000000 ____D C:\Users\Alanna\AppData\Local\Packages
    2016-05-26 20:15 - 2014-03-21 18:16 - 00305767 _____ C:\Users\Alanna\Downloads\lol.jpeg
    2016-05-25 21:07 - 2014-09-02 09:25 - 00000000 ____D C:\Users\Alanna\AppData\Local\CrashDumps
    2016-05-25 20:40 - 2013-09-02 08:32 - 00338280 _____ C:\windows\system32\PerfStringBackup.INI
    2016-05-25 20:40 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
    2016-05-24 07:54 - 2013-12-22 22:36 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2581172181-3245553297-1029845820-1001
    2016-05-24 01:58 - 2016-02-18 15:27 - 00000959 _____ C:\Users\Public\Desktop\AVG Protection.lnk
    2016-05-24 01:58 - 2015-02-09 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2016-05-22 10:35 - 2014-08-16 17:17 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
    2016-05-22 01:30 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\Norton
    2016-05-14 09:30 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
    2016-05-14 05:10 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
    2016-05-14 00:16 - 2013-08-22 15:44 - 05101432 _____ C:\windows\system32\FNTCACHE.DAT
    2016-05-12 23:57 - 2015-12-13 17:26 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-05-12 23:57 - 2013-12-23 01:07 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-05-11 21:08 - 2014-09-15 18:00 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2016-05-11 21:08 - 2014-09-15 18:00 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-05-11 01:50 - 2013-12-23 01:05 - 00003900 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2016-05-11 01:50 - 2013-12-23 01:05 - 00003664 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2016-05-10 23:35 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
    2016-05-10 23:34 - 2013-12-27 17:50 - 00000000 ____D C:\windows\system32\MRT
    2016-05-10 23:04 - 2013-12-27 17:50 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\en-GB
    2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\en-GB
    2016-05-02 01:28 - 2015-06-16 17:12 - 00000000 ____D C:\ProgramData\Skype
    2016-04-29 19:26 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
     
    ==================== Files in the root of some directories =======
     
    2013-09-07 18:56 - 2013-09-07 18:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
     
    Some files in TEMP:
    ====================
    C:\Users\Alanna\AppData\Local\Temp\avguirn_081703364145.exe
    C:\Users\Alanna\AppData\Local\Temp\avguirn_0858788724.exe
    C:\Users\Alanna\AppData\Local\Temp\avguirn_08909684095.exe
    C:\Users\Alanna\AppData\Local\Temp\BSvcProcessor.exe
    C:\Users\Alanna\AppData\Local\Temp\BSvcUpdater.exe
    C:\Users\Alanna\AppData\Local\Temp\libeay32.dll
    C:\Users\Alanna\AppData\Local\Temp\msvcr120.dll
    C:\Users\Alanna\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Alanna\AppData\Local\Temp\sqlite3.dll
     
     
    ==================== Bamital & volsnap =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\windows\system32\winlogon.exe => File is digitally signed
    C:\windows\system32\wininit.exe => File is digitally signed
    C:\windows\explorer.exe => File is digitally signed
    C:\windows\SysWOW64\explorer.exe => File is digitally signed
    C:\windows\system32\svchost.exe => File is digitally signed
    C:\windows\SysWOW64\svchost.exe => File is digitally signed
    C:\windows\system32\services.exe => File is digitally signed
    C:\windows\system32\User32.dll => File is digitally signed
    C:\windows\SysWOW64\User32.dll => File is digitally signed
    C:\windows\system32\userinit.exe => File is digitally signed
    C:\windows\SysWOW64\userinit.exe => File is digitally signed
    C:\windows\system32\rpcss.dll => File is digitally signed
    C:\windows\system32\dnsapi.dll => File is digitally signed
    C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2016-05-24 00:52
     
    ==================== End of FRST.txt ============================

    • 0

    #6
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
    Ran by Alanna (2016-05-29 22:16:56)
    Running from C:\Users\Alanna\Downloads
    Windows 8.1 (Update) (X64) (2013-12-22 21:29:44)
    Boot Mode: Normal
    ==========================================================
     
     
    ==================== Accounts: =============================
     
    Administrator (S-1-5-21-2581172181-3245553297-1029845820-500 - Administrator - Disabled)
    Alanna (S-1-5-21-2581172181-3245553297-1029845820-1001 - Administrator - Enabled) => C:\Users\Alanna
    Guest (S-1-5-21-2581172181-3245553297-1029845820-501 - Limited - Disabled)
     
    ==================== Security Center ========================
     
    (If an entry is included in the fixlist, it will be removed.)
     
    AV: Norton AntiVirus (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
    AS: Norton AntiVirus (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
     
    ==================== Installed Programs ======================
     
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
     
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
    Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
    Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
    Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
    ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.411.108 - ALPS ELECTRIC CO., LTD.)
    Anytime USB Charge Utility (HKLM-x32\...\InstallShield_{A794229E-401E-44D4-A8B5-B21E975676DE}) (Version: 3.0.0.0 - FUJITSU LIMITED)
    Anytime USB Charge Utility (Version: 3.0.0.0 - FUJITSU LIMITED) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
    AVG (Version: 16.71.7598 - AVG Technologies) Hidden
    AVG 2016 (Version: 16.0.4568 - AVG Technologies) Hidden
    AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.32.2.3320 - AVG Technologies)
    AVG PC TuneUp (x32 Version: 16.32.5 - AVG Technologies) Hidden
    AVG Protection (HKLM\...\AVG) (Version: 2016.71.7598 - AVG Technologies)
    AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
    Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
    Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
    Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
    Canon MG5300 series User Registration (HKLM-x32\...\Canon MG5300 series User Registration) (Version:  - )
    Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
    Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
    Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
    Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5505.02 - CyberLink Corp.)
    CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3223.0 - CyberLink Corp.)
    DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
    DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.14.0123 - Fujitsu Technology Solutions)
    Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
    f.lux (HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Flux) (Version:  - )
    Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
    FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1221.6 - Sonix)
    FMW 1 (Version: 1.82.3 - AVG Technologies) Hidden
    Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.1.0 - FUJITSU LIMITED)
    Fujitsu BIOS Driver (Version: 1.1.1.0 - FUJITSU LIMITED) Hidden
    Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
    Fujitsu MobilityCenter Extension Utility (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
    Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.6.0.0 - FUJITSU LIMITED)
    Fujitsu System Extension Utility (Version: 3.6.0.0 - FUJITSU LIMITED) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
    Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
    LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.5.3.0 - FUJITSU LIMITED)
    LIFEBOOK Application Panel (Version: 8.5.3.0 - FUJITSU LIMITED) Hidden
    Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia)
    Media Go (HKLM-x32\...\{70DB09B8-1BA5-410A-992F-1C1CE288229E}) (Version: 2.9.316 - Sony)
    Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
    Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
    Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.7.0.11 - Symantec Corporation)
    Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
    OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
    ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
    Oovoo Toolbar (HKLM-x32\...\{4F564F32-5637-4300-76A7-A758B70C2600}) (Version: 12.38.0.3342 - APN, LLC)
    Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
    Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
    Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 7.1.0.1 - FUJITSU LIMITED)
    Plugfree NETWORK (Version: 7.1.001 - FUJITSU LIMITED) Hidden
    Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.1.0.0 - FUJITSU LIMITED)
    Pointing Device Utility (Version: 2.1.0.0 - FUJITSU LIMITED) Hidden
    Power Saving Utility (HKLM-x32\...\InstallShield_{CB0EA768-62F2-450E-88BC-74182237F564}) (Version: 43.0.0.0 (00.002) - FUJITSU LIMITED)
    Power Saving Utility (Version: 43.0.0.0 - FUJITSU LIMITED) Hidden
    QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
    Shopping App by Ask (HKLM-x32\...\{4F564F32-5350-2D53-4154-A758B70C2804}) (Version: 12.40.4.174 - APN, LLC)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
    Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
    Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
    SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
    The Sims 2 Glamour Life Stuff (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
    The Sims 2 Pets (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
    The Sims 2 University (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
    The Sims™ 2 Double Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
    The Sims™ 2 Seasons (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System  (06/26/2013 1.23) (HKLM\...\068FEFD9ECB0E04D17792AACEDA1D0A43CD7F82C) (Version: 06/26/2013 1.23 - FUJITSU LIMITED)
    Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System  (07/02/2013 1.30.1.0) (HKLM\...\39B67640DB636F6D78D660BE574C0C5DC39D08CF) (Version: 07/02/2013 1.30.1.0 - FUJITSU LIMITED)
    Windows Phone Recovery Tool 2.1.1 (HKLM-x32\...\{461efced-58d4-4470-9b4b-5f2fc83704d4}) (Version: 2.1.1 - Microsoft)
    WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
    WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
    WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
    WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
    Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.1.0.0 - FUJITSU LIMITED)
    Wireless Radio Switch Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
     
    ==================== Custom CLSID (Whitelisted): ==========================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== Scheduled Tasks (Whitelisted) =============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    Task: {06679362-3319-4285-A48F-BE6869C87050} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2013-08-19] (FUJITSU LIMITED)
    Task: {0F24E6F6-DBB4-4373-A2CD-EF8C6655D4D4} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {12B5D8F8-33B7-4DFC-B74C-431F558E8D82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {1A9106AE-63E3-4B7A-BA4D-69F00DC43FCE} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {1C298604-2BF7-4180-BE61-63374EBBF19F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
    Task: {271A7278-F96F-4AF7-A961-63DCD604F1A9} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {2992C8A1-2151-452A-A483-3BF175E7F1E6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {2E322890-68B5-4887-9B46-39C581A3186A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {2E9829CF-F7CD-4D5B-BA6B-2DE00817224B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2581172181-3245553297-1029845820-1001
    Task: {3526E9DD-3519-4E8B-844E-DD967CF33B9A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {35B57FA8-1D9B-4094-9DBA-7D240FDE05AE} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-03-29] (AVG Technologies CZ, s.r.o.)
    Task: {41B8531B-2064-4F65-9C60-92924249527E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
    Task: {41CA72A4-0270-4692-87D5-571873AA61F6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {4FBB71F7-ED46-4778-973A-B7AC68BAA958} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {5679FD67-586B-4F0F-84A4-F0D40E5D87C9} - System32\Tasks\Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {5809F215-AEA1-4D73-A36B-2BC010D04EA8} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {59F49AC5-E36F-48EB-A2D3-1FBFDF1A4147} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {6349569C-9D87-44E6-9AD2-024C62E37D11} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {6697FAD2-9920-4793-A57E-5222C0F2E4FF} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
    Task: {66B55D72-4384-49B5-9597-22F2E9917EA8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
    Task: {681034D0-FFDB-4421-B9D8-56F97201033B} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {71F840B4-B630-4E34-8ADA-BFBAE4F7D3C9} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
    Task: {7FF08932-1874-44CC-899E-E5C8DC115761} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {8019DEFA-030D-4336-A447-CA2A0D87097A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-03] (Facebook Inc.)
    Task: {8264B660-1B79-4515-AFF9-B93354206365} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {82B929E4-A212-4509-9457-5E3F85DD64C6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {861BEA58-73C9-40DE-86EE-59376286E42A} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOff => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
    Task: {95A515DD-E9A0-4D97-AC8B-36C0B47108F4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\WSCStub.exe [2015-07-27] (Symantec Corporation)
    Task: {AE286F8B-2DC1-4CD8-ACFA-B8D26CE634E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {AE9946BB-4472-4C15-BD4C-4E907145247A} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOn => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
    Task: {B06FCB42-E4E9-4117-AE8F-E705AD725A3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {B1084C08-0AAE-4652-8BD2-7A31A271F451} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
    Task: {BC761DA6-8D6A-4D3C-AF89-FBB923231171} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {C959F692-D38C-4EB7-8C1D-186F78BBA2B5} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {D2E06237-757B-4E5A-8860-A1D4606F6DA6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HEMPANATOR-Alanna hempanator => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
    Task: {DB1742CD-37E2-45F6-96FA-BC9F5CF1E409} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {DE444558-BA06-454E-8A2B-53C12B43E688} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-03] (Facebook Inc.)
    Task: {E16C2DB5-9C96-4572-AA7A-B728427725E0} - System32\Tasks\{506166C2-25BD-4DC6-A586-4FD1EBC14569} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?page=tsProgressBar
    Task: {E28646E0-165E-4F82-AC75-80EA017CDC28} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftA[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe <==== ATTENTION
    Task: {EED88C77-BDE9-4EBD-BA64-7CD60BB58D18} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {F2C7465F-E637-4F2C-9C51-4A44E768C0CF} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {F40B65F6-77C0-4785-98D3-4210B9924EA7} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
    Task: {FA6D9436-FE60-4E65-80EF-30F287D3411D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
    Task: {FADC7239-F6E2-4AF5-9B72-21E337E71750} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
     
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
     
    Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Shortcuts =============================
     
    (The entries could be listed to be restored or removed.)
     
    ==================== Loaded Modules (Whitelisted) ==============
     
    2013-08-26 07:34 - 2013-08-02 11:47 - 00086872 _____ () C:\Program Files\Apoint2K\HidMonitorSvc.exe
    2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
    2012-10-01 21:36 - 2012-10-01 21:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
    2013-09-07 18:48 - 2013-08-08 05:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
    2016-05-12 23:57 - 2016-05-11 12:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
    2016-05-12 23:57 - 2016-05-11 12:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll
     
    ==================== Alternate Data Streams (Whitelisted) =========
     
    (If an entry is included in the fixlist, only the ADS will be removed.)
     
     
    ==================== Safe Mode (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
     
    ==================== Association (Whitelisted) ===============
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
     
     
    ==================== Internet Explorer trusted/restricted ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry.)
     
     
    ==================== Hosts content: ===============================
     
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
     
    2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
     
     
    ==================== Other Areas ============================
     
    (Currently there is no automatic fix for this section.)
     
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alanna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.254
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
     
    ==================== MSCONFIG/TASK MANAGER disabled items ==
     
    (Currently there is no automatic fix for this section.)
     
    HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
    HKLM\...\StartupApproved\Run: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "iTunesHelper"
    HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "ooVoo.exe"
    HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "AdobeBridge"
     
    ==================== FirewallRules (Whitelisted) ===============
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{E9DC418A-0BF9-4034-9CB3-381C5853166B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{3F2F2B32-9503-4D21-9454-455E261F576B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
    FirewallRules: [{4F76C034-1E61-4A94-BC6C-F512D5713509}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{1F15A123-A35A-4057-8D66-425E2ED9C281}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{06300B16-432E-4E5C-9913-C1E13B0C85A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{5E12CA7E-AADD-4A14-B835-0EF219CC3752}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
    FirewallRules: [{9BA1BE93-561E-4E2C-A2BC-9D2843719827}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{1BD6C073-3335-46F4-9877-F9EA6AF464D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
    FirewallRules: [{B6AF2902-6C35-4720-BCC7-1FD3815264E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{C0F85A32-61A9-4E6F-ACA5-ABEFF55B3A61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{97CF830B-B537-4DE3-AEB1-330DB30DEA02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{369CAAB3-FFFA-4193-A4A2-B7FB61FC81FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{A17B9E1F-4D91-4153-8BE0-A39DA6215077}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
    FirewallRules: [{8AECF3CB-0FAA-47F6-B0CF-7459F7D45AEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
    FirewallRules: [{14BBA612-B47A-4FA1-87EE-ACA818D7B152}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [{485DC8F9-8B1D-492A-9CD7-D413700E9C97}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
    FirewallRules: [{3E9893F4-BABA-4225-9746-A997B2C9B1BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
    FirewallRules: [{04F2E74C-1CA2-40DC-B081-677837112F7A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
    FirewallRules: [{5D8F48B0-0C2B-43B8-847B-D3A832C9AF67}] => (Allow) C:\Users\Alanna\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
    FirewallRules: [TCP Query User{AEE1740C-4017-489D-BBA3-E4BBCAF0D08C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [UDP Query User{8C25989F-A0BE-4A24-BB45-F2BF696223A2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
    FirewallRules: [{A2975FF5-0F5D-431E-B942-D2C8A9F670EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{E0E6E158-6E96-4C7D-9358-94CD1E72D2FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{27D12D7D-F346-4CBD-8E68-BC3FCC0C31F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{55A52BF9-051A-484F-98B9-308319A2AFE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{D4489D7A-04B4-4628-B58A-C4176AC00E4F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{723E8C9B-89C3-4C47-8E21-5D718B83253B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{CA06E220-9AB8-4879-BE62-F8B00FDF5E05}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{0ED4E1F6-C56C-48F0-BF54-93DE881F3106}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    FirewallRules: [{92FF583F-2154-4DD9-B0BB-296A7465639F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{B0887944-C790-41C5-99F5-7B38FB650DF3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
    FirewallRules: [{4140F3BB-600D-476F-B84F-C605F8A3D68D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
    FirewallRules: [{D9BC4E09-CA67-489A-BBB4-F6EEDE00201C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
     
    ==================== Restore Points =========================
     
    14-05-2016 09:29:16 Windows Update
    23-05-2016 18:47:07 Scheduled Checkpoint
    29-05-2016 22:05:36 JRT Pre-Junkware Removal
     
    ==================== Faulty Device Manager Devices =============
     
     
    ==================== Event log errors: =========================
     
    Application errors:
    ==================
    Error: (05/29/2016 10:05:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
     
    Process ID: 123c
     
    Start Time: 01d1b9ece9ca34e3
     
    Termination Time: 4294967295
     
    Application Path: C:\windows\syswow64\wwahost.exe
     
    Report Id: df2b8571-25e0-11e6-82b8-681729d24acd
     
    Faulting package full name: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
     
    Faulting package-relative application ID: App
     
    Error: (05/29/2016 10:05:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
     
    Process ID: 1244
     
    Start Time: 01d1b9ece9d15c09
     
    Termination Time: 4294967295
     
    Application Path: C:\windows\system32\backgroundTaskHost.exe
     
    Report Id: dcfe8276-25e0-11e6-82b8-681729d24acd
     
    Faulting package full name: Facebook.Facebook_1.4.0.9_x64__8xx8rvfyw5nnt
     
    Faulting package-relative application ID: App
     
    Error: (05/29/2016 09:50:45 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: AUDIODG.EXE, version: 6.3.9600.17415, time stamp: 0x54503ea8
    Faulting module name: ntdll.dll, version: 6.3.9600.18233, time stamp: 0x56bb4ebb
    Exception code: 0xc0000005
    Fault offset: 0x000000000003dd8e
    Faulting process ID: 0x55fdc
    Faulting application start time: 0xAUDIODG.EXE0
    Faulting application path: AUDIODG.EXE1
    Faulting module path: AUDIODG.EXE2
    Report ID: AUDIODG.EXE3
    Faulting package full name: AUDIODG.EXE4
    Faulting package-relative application ID: AUDIODG.EXE5
     
    Error: (05/29/2016 07:53:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 1203
     
    Error: (05/29/2016 07:53:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 1203
     
    Error: (05/29/2016 07:53:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (05/29/2016 07:37:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 9647734
     
    Error: (05/29/2016 07:37:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 9647734
     
    Error: (05/29/2016 07:37:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second
     
    Error: (05/29/2016 04:56:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 3625
     
     
    System errors:
    =============
    Error: (05/29/2016 10:18:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:18:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:14:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:14:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:07:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Norton Identity Safe service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
     
    Error: (05/29/2016 10:04:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:04:29 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 10:03:01 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
    Description: The Intel® Management and Security Application Local Management Service service did not respond on starting.
     
    Error: (05/29/2016 09:59:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
    Error: (05/29/2016 09:59:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-05-29 22:14:48.789
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:14:48.241
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:14:42.010
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:14:41.461
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:10:09.875
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:10:09.428
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:07:49.275
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:07:48.527
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:07:47.386
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-05-29 22:07:46.714
      Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
     
    ==================== Memory info =========================== 
     
    Processor: Intel® Celeron® CPU 1000M @ 1.80GHz
    Percentage of memory in use: 48%
    Total physical RAM: 8082.06 MB
    Available physical RAM: 4152.06 MB
    Total Virtual: 14738.06 MB
    Available Virtual: 10215.27 MB
     
    ==================== Drives ================================
     
    Drive c: (Windows) (Fixed) (Total:681.51 GB) (Free:451.01 GB) NTFS
     
    ==================== MBR & Partition Table ==================
     
    ========================================================
    Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
     
    Partition: GPT.
     
    ==================== End of Addition.txt ============================

    • 0

    #7
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    also, thank you for the detailed response, have i done this right?


    • 0

    #8
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 21,027 posts
    • MVP

    Perfectly.

     

    Since AVG has expired let's get rid of it and your out of date & disabled Norton and install the free Avast.

     

    Click on Download then choose the free version.
     
     
    Download, Save but don't install yet.
     
    Download and save the norton removal tool
    Uninstall Norton AntiVirus 
    Run the Norton Removal tool.
     
    Download and save the AVG removal tool
     
    Uninstall AVG
     
    Run the Avg Remover
     
     
    Reboot.  Right click on the Avast installer you downloaded and Run As Administrator.
     
     
     

    • 0

    #9
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

     It said that a programme has caused norton remover to stop working? 


    • 0

    #10
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    I fixed that problem - new problem now is that the avg remover gets past the 'allow avg remover to change settings etc' I click yes then a black window appears for a few seconds but closes on itself?


    • 0

    Advertisements


    #11
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 21,027 posts
    • MVP

    I think that's normal for AVG remover.  Go ahead and right click on the AVAST installer  and Run as Administrator

     

    Once it installs

     

    Run FRST, check Addition.txt, then SCAN.  Post both logs.


    • 0

    #12
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

    AVG is still here, when I try to delete it manually it says it's denied. That i need permission from SYSTEM to do such thing. ??


    • 0

    #13
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 21,027 posts
    • MVP

    Get Process Explorer:

     

    Save it to your desktop then right click and Run As Administrator  
     
    See if you can right click on each process that starts with AVG and Kill Process.  Then try to uninstall AVG.
    Run the AVG removal tools by right clicking and Run As Admin.
     
    If it still won't go away then run FRST again, check the Addition.txt box and then SCAN and post both logs.  We will let FRST remove AVG with a FIxlist after I see the logs.

    • 0

    #14
    animalloverabh

    animalloverabh

      Member

    • Topic Starter
    • Member
    • PipPip
    • 19 posts

           The set up looks different; how do i run those scans?


    • 0

    #15
    RKinner

    RKinner

      Malware Expert

    • Expert
    • 21,027 posts
    • MVP

    I may have given you the 32 bit version of the AVG remover.  Try this one:

     

    http://download.avg....AVG_Remover.exe

     

    Save it and right click and Run As Admin.

     

    Reboot when done.

     

    Right click on FRST64.exe and Run As Admin.

     

    Check the box in front of Addition.txt

     

    Click on Scan.

     

    You should get two logs.  Copy and paste them into a Reply.


    • 0






    Similar Topics


    Also tagged with one or more of these keywords: virus, google, tabs

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP