Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
Ran by Alanna (administrator) on HEMPANATOR (29-05-2016 22:14:50)
Running from C:\Users\Alanna\Downloads
Loaded Profiles: Alanna (Available Profiles: Alanna)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\FUJ02E3\FUJ02E3.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\PSUService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\nav.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [4883216 2016-05-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [349000 2016-02-02] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Facebook Update] => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [f.lux] => C:\Users\Alanna\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [BingSvc] => C:\Users\Alanna\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {59557de8-0498-11e5-829c-681729d24acd} - "F:\Startme.exe"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {5bcd9483-d6fc-11e5-82b2-681729d24acd} - "D:\Startme.exe"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {989ccea9-b855-11e3-826f-681729d24acd} - "D:\Startme.exe"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
Startup: C:\Users\Alanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7BA37EAC-A21F-42CA-9DDA-F3532474E1F2}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-gb
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com/?pc=FSJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> {95DB76ED-8DBB-4160-8973-D1EB4497AC13} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alanna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-04-21] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2016-05-29]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (AdBlock) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-29]
CHR Extension: (Skype) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-08-07]
CHR Extension: (Gmail) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [86872 2013-08-02] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [638968 2016-05-19] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5155904 2016-05-19] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1078544 2016-04-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [710232 2016-05-19] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [74448 2013-07-18] (FUJITSU LIMITED)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [262928 2015-03-07] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2013-07-12] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\FUJITSU\PSUtility\PSUService.exe [51608 2013-08-19] (FUJITSU LIMITED)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4584208 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-03-29] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\windows\SysWOW64\uxtuneup.dll [49424 2016-03-29] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-04-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [248576 2016-03-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-04-14] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-04] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140912.003\BHDrvx64.sys [1586904 2014-09-12] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-05] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20176 2013-08-09] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [33096 2016-02-02] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [21200 2013-08-12] (FUJITSU LIMITED)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140912.001\IDSvia64.sys [633560 2014-09-03] (Symantec Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140913.021\ENG64.SYS [129752 2014-09-05] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140913.021\EX64.SYS [2137304 2014-09-05] (Symantec Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1812760 2013-08-12] (Sonix Co. Ltd.)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1507000.00B\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NAVx64\1507000.00B\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-16] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1507000.00B\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-29 22:14 - 2016-05-29 22:15 - 00029195 _____ C:\Users\Alanna\Downloads\FRST.txt
2016-05-29 22:14 - 2016-05-29 22:14 - 02383872 _____ (Farbar) C:\Users\Alanna\Downloads\FRST64.exe
2016-05-29 22:14 - 2016-05-29 22:14 - 00000000 ____D C:\FRST
2016-05-29 22:12 - 2016-05-29 22:12 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (2).exe
2016-05-29 22:10 - 2016-05-29 22:10 - 00003071 _____ C:\Users\Alanna\Desktop\JRT.txt
2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Downloads\JRT.exe
2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Desktop\JRT.exe
2016-05-29 22:02 - 2016-05-29 22:03 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (1).exe
2016-05-29 21:45 - 2016-05-29 21:50 - 00000000 ____D C:\AdwCleaner
2016-05-29 19:41 - 2016-05-29 19:42 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner.exe
2016-05-29 10:27 - 2016-05-29 10:27 - 00602112 _____ (OldTimer Tools) C:\Users\Alanna\Downloads\OTL.scr
2016-05-28 09:00 - 2016-05-28 09:02 - 115953736 _____ C:\Users\Alanna\Downloads\AlejandroAravena_2014G-480p.mp4
2016-05-26 20:07 - 2016-05-26 20:07 - 00688913 _____ C:\Users\Alanna\Downloads\james (@niandraIades) _ Twitter.html
2016-05-23 08:04 - 2016-05-23 08:04 - 01311642 _____ C:\Users\Alanna\Downloads\ebook_the_monk_who_sold_his_ferrari_robin_s_sharma.pdf
2016-05-23 07:51 - 2016-05-29 21:47 - 00004970 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for HEMPANATOR-Alanna hempanator
2016-05-15 15:36 - 2016-05-15 15:36 - 20603894 _____ C:\Users\Alanna\Downloads\Results Day..mp4
2016-05-15 12:00 - 2016-05-15 12:00 - 00551424 _____ C:\Users\Alanna\Downloads\8. Formation of a depression.ppt
2016-05-15 01:00 - 2016-05-15 01:00 - 00157989 _____ C:\Users\Alanna\Downloads\property-33952917.html
2016-05-10 22:37 - 2016-04-22 21:54 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-10 22:37 - 2016-04-22 21:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-10 22:37 - 2016-04-22 21:14 - 02893312 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-10 22:37 - 2016-04-22 21:08 - 06052864 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-10 22:37 - 2016-04-22 21:06 - 20349952 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-05-10 22:37 - 2016-04-22 21:00 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-10 22:37 - 2016-04-22 20:35 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-05-10 22:37 - 2016-04-22 20:29 - 02285568 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-05-10 22:37 - 2016-04-22 20:24 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-05-10 22:37 - 2016-04-22 20:23 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-05-10 22:37 - 2016-04-22 20:19 - 15414784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-10 22:37 - 2016-04-22 20:17 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-10 22:37 - 2016-04-22 20:14 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-10 22:37 - 2016-04-22 20:14 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-10 22:37 - 2016-04-22 20:14 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-10 22:37 - 2016-04-22 20:12 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-10 22:37 - 2016-04-22 19:58 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-05-10 22:37 - 2016-04-22 19:58 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-05-10 22:37 - 2016-04-22 19:54 - 13811200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-05-10 22:37 - 2016-04-22 19:53 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-05-10 22:37 - 2016-04-22 19:51 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-05-10 22:37 - 2016-04-22 19:40 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-10 22:37 - 2016-04-22 19:29 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-10 22:37 - 2016-04-22 19:27 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-05-10 22:37 - 2016-04-22 19:24 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-05-10 22:37 - 2016-04-22 19:23 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-05-10 22:35 - 2016-04-06 22:13 - 00561960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-05-10 22:35 - 2016-04-06 22:13 - 00137976 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-10 22:35 - 2016-04-06 19:20 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-10 22:35 - 2016-04-06 19:19 - 00401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-10 22:35 - 2016-04-06 19:19 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-10 22:35 - 2016-04-06 18:49 - 00120384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-10 22:35 - 2016-04-06 18:40 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-10 22:35 - 2016-04-06 17:57 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-10 22:35 - 2016-04-06 17:52 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-10 22:35 - 2016-04-06 17:20 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-10 22:35 - 2016-04-06 16:48 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-10 22:35 - 2016-03-31 07:50 - 01307328 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-10 22:35 - 2016-03-31 04:40 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-10 22:34 - 2016-04-10 08:48 - 00738096 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-10 22:34 - 2016-04-10 08:48 - 00613624 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-10 22:34 - 2016-04-10 05:21 - 01763376 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 22:34 - 2016-04-10 05:21 - 01489088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-10 22:34 - 2016-04-10 05:14 - 01380600 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-10 22:34 - 2016-04-09 23:07 - 01097728 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-10 22:34 - 2016-04-09 22:58 - 00534016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2016-05-10 22:34 - 2016-04-09 22:50 - 00375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2016-05-10 22:34 - 2016-03-29 02:42 - 07446368 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-10 22:34 - 2016-02-11 21:17 - 01737088 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-10 22:34 - 2016-02-11 21:17 - 01663184 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-10 22:34 - 2016-02-11 21:17 - 01523208 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-05-10 22:34 - 2016-02-11 21:17 - 01490120 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-10 22:34 - 2016-02-11 21:17 - 01358952 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-05-10 22:34 - 2016-02-11 21:16 - 01501488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-10 22:34 - 2016-02-09 19:07 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-05-10 22:33 - 2016-04-11 07:21 - 00074584 ____C (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
2016-05-10 22:33 - 2016-04-10 06:37 - 01549144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-10 22:33 - 2016-04-10 00:29 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-08 10:51 - 2016-05-08 10:51 - 00025768 _____ C:\Users\Alanna\Downloads\Ch62nUBWwAsSCBE.jpg-large
2016-05-04 16:58 - 2016-05-04 16:58 - 00071936 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avguniva.sys
2016-05-02 01:25 - 2016-05-02 01:25 - 01505408 _____ (Skype Technologies S.A.) C:\Users\Alanna\Downloads\SkypeSetup (1).exe
2016-05-01 09:51 - 2016-05-01 09:51 - 00048521 _____ C:\Users\Alanna\Downloads\ChWbarjW0AExh4y.jpg-large
2016-05-01 09:43 - 2016-05-01 09:43 - 00159986 _____ C:\Users\Alanna\Downloads\ChWb9F_WgAAGq_w.jpg-large
2016-05-01 09:36 - 2016-05-01 09:36 - 00231793 _____ C:\Users\Alanna\Downloads\ChWnpxAXEAAmHJ3.jpg-large
2016-05-01 09:35 - 2016-05-01 09:35 - 00210309 _____ C:\Users\Alanna\Downloads\ChW1Sf3WgAAt_cI.jpg-large
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-29 22:07 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-05-29 22:06 - 2015-06-16 17:12 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\Skype
2016-05-29 22:04 - 2015-08-07 15:55 - 00000000 ____D C:\windows\System32\Tasks\Remediation
2016-05-29 22:02 - 2013-12-22 22:33 - 00000000 ___DO C:\Users\Alanna\SkyDrive
2016-05-29 22:00 - 2013-12-22 22:33 - 00000000 ____D C:\Users\Alanna\Documents\Youcam
2016-05-29 21:59 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-05-29 21:58 - 2013-12-23 01:05 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-29 21:55 - 2014-06-02 21:18 - 00000000 ____D C:\ProgramData\MFAData
2016-05-29 21:55 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-29 21:54 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI
2016-05-29 21:50 - 2013-12-22 22:41 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D5FDDAAA-1C49-44B1-B641-7EF4732B44A2}
2016-05-29 16:55 - 2013-12-23 01:05 - 00000928 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-29 16:18 - 2014-05-03 19:13 - 00000954 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job
2016-05-28 19:18 - 2014-05-03 19:13 - 00000932 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job
2016-05-28 02:53 - 2015-06-16 17:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-27 20:40 - 2013-12-22 22:30 - 00000000 ____D C:\Users\Alanna\AppData\Local\Packages
2016-05-26 20:15 - 2014-03-21 18:16 - 00305767 _____ C:\Users\Alanna\Downloads\lol.jpeg
2016-05-25 21:07 - 2014-09-02 09:25 - 00000000 ____D C:\Users\Alanna\AppData\Local\CrashDumps
2016-05-25 20:40 - 2013-09-02 08:32 - 00338280 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-25 20:40 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-05-24 07:54 - 2013-12-22 22:36 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2581172181-3245553297-1029845820-1001
2016-05-24 01:58 - 2016-02-18 15:27 - 00000959 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-05-24 01:58 - 2015-02-09 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-05-22 10:35 - 2014-08-16 17:17 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-05-22 01:30 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\Norton
2016-05-14 09:30 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-05-14 05:10 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-05-14 00:16 - 2013-08-22 15:44 - 05101432 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-12 23:57 - 2015-12-13 17:26 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-12 23:57 - 2013-12-23 01:07 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 21:08 - 2014-09-15 18:00 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:08 - 2014-09-15 18:00 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 01:50 - 2013-12-23 01:05 - 00003900 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 01:50 - 2013-12-23 01:05 - 00003664 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:35 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 23:34 - 2013-12-27 17:50 - 00000000 ____D C:\windows\system32\MRT
2016-05-10 23:04 - 2013-12-27 17:50 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\en-GB
2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\en-GB
2016-05-02 01:28 - 2015-06-16 17:12 - 00000000 ____D C:\ProgramData\Skype
2016-04-29 19:26 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
==================== Files in the root of some directories =======
2013-09-07 18:56 - 2013-09-07 18:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Alanna\AppData\Local\Temp\avguirn_081703364145.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_0858788724.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_08909684095.exe
C:\Users\Alanna\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Alanna\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Alanna\AppData\Local\Temp\libeay32.dll
C:\Users\Alanna\AppData\Local\Temp\msvcr120.dll
C:\Users\Alanna\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alanna\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-24 00:52
==================== End of FRST.txt ============================