Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Michelle Jasmine (administrator) on MICHELLEJASMINE (17-06-2016 02:34:39)
Running from C:\Users\Michelle Jasmine\Downloads
Loaded Profiles: Michelle Jasmine (Available Profiles: Michelle Jasmine & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\loggingserver.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-06-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2662472 2016-06-12] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36151360 2014-02-23] (ooVoo LLC)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [Spotify] => C:\Users\Michelle Jasmine\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [Spotify Web Helper] => C:\Users\Michelle Jasmine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [uTorrent] => C:\Users\Michelle Jasmine\AppData\Roaming\uTorrent\uTorrent.exe [1413200 2014-07-31] (BitTorrent Inc.)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\RunOnce: [Uninstall C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.4604.0120] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.4604.0120"
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\RunOnce: [Uninstall C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk [2015-09-16]
ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_E7648186C0BE4AE6AF2E431C614DBB20.exe (Flexera Software LLC)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{7B95813A-D358-4920-A635-FAEA3E6238FD}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{A6382732-B88B-441C-A972-D674F999B6E3}: [DhcpNameServer] 192.168.24.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO: Oovoo Toolbar -> {4F564F32-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport_x64.dll" => No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Oovoo Toolbar -> {4F564F32-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport.dll" => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM - Oovoo Toolbar - {4F564F32-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport_x64.dll" No File
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-12] (AVG Secure Search)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Oovoo Toolbar - {4F564F32-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport.dll" No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-12] (AVG Secure Search)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2115966475-1567825624-3805393455-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-20] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?cid={4af1bdb7-a79b-4f27-a7ff-d6b6291a66cd}&mid=d72eb3010d9747d29d020919a0f965ea-dac13a77557ba83f1fc21bf6d30ac861e97881a8&lang=en&ds=avg&coid=avgtbavg&cmpid=1215tb&pr=pr&d=2014-08-05 00:57:42&v=19.4.0.518&pid=safeguard&sg=&sap=hp
FF Keyword.URL:
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-19] (Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2115966475-1567825624-3805393455-1001: gingersoftware.com/gingerPlugin -> C:\Program Files (x86)\Ginger\GingerServices\GingerServicesProxy.dll [2015-09-03] (Ginger Software)
FF SearchPlugin: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\searchplugins\avg-secure-search.xml [2016-06-12]
FF SearchPlugin: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\searchplugins\safesearch.xml [2015-06-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-06-12]
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2016-06-14] [not signed]
FF Extension: AVG SafeGuard toolbar - C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\Extensions\avg@safeguard.xpi [2016-06-12]
FF Extension: Ginger - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2015-09-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
FF Extension: Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com [2015-09-16] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (PriCEMinus) - C:\ProgramData\ippokghbfppgbblbmpgeedeciehmdkln\ []
CHR Profile: C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-17]
CHR Extension: (Google Docs) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-17]
CHR Extension: (Google Drive) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-17]
CHR Extension: (YouTube) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-06-17]
CHR Extension: (Google Sheets) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-17]
CHR Extension: (Norton Identity Safe) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-17]
CHR Extension: (Gmail) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx [2015-06-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx [2015-06-26]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
R2 GingerUpdateService; C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [527360 2015-09-03] (Ginger Software) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-21] (SurfRight B.V.)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe [282016 2015-06-17] (Symantec Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [File not signed]
R2 vToolbarUpdater18.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1842576 2015-08-01] (AVG Secure Search)
R2 vToolbarUpdater19.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe [1888328 2016-04-20] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [67864 2013-04-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150521.001\BHDrvx64.sys [1640152 2015-06-03] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605000.07C\ccSetx64.sys [165080 2015-06-03] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150716.001\IDSvia64.sys [692984 2015-07-16] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150603.019\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150603.019\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33744 2013-04-16] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSP64.SYS [917720 2015-06-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSPX64.SYS [42200 2015-06-03] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605000.07C\SYMEFASI64.SYS [1611992 2015-06-03] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NSx64\1605000.07C\SymELAM.sys [23568 2015-06-03] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102616 2015-06-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605000.07C\Ironx64.SYS [288984 2015-06-03] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMNETS.SYS [567512 2015-06-03] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 02:34 - 2016-06-17 02:34 - 00028128 _____ C:\Users\Michelle Jasmine\Downloads\FRST.txt
2016-06-17 02:34 - 2016-06-17 02:34 - 00000000 ____D C:\FRST
2016-06-17 02:33 - 2016-06-17 02:33 - 02386944 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST64.exe
2016-06-17 02:32 - 2016-06-17 02:32 - 01737216 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST (1).exe
2016-06-17 02:31 - 2016-06-17 02:31 - 01737216 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST.exe
2016-06-17 02:09 - 2016-06-17 02:09 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\AvgSetupLog
2016-06-17 02:08 - 2016-06-17 02:09 - 03136872 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Michelle Jasmine\Downloads\AVG_Ultimate_825.exe
2016-06-17 02:02 - 2016-06-17 02:02 - 00579584 _____ C:\Users\Michelle Jasmine\Downloads\(Working updated)instagram followers hack tool.iso
2016-06-13 20:16 - 2016-06-13 20:16 - 00679262 _____ C:\Users\Michelle Jasmine\Downloads\Downloadable Copy of Soc 1 Syllabus.pdf
2016-06-12 15:31 - 2016-06-12 15:31 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2016-06-05 04:33 - 2016-06-05 04:33 - 00000943 _____ C:\Users\Michelle Jasmine\Downloads\generaldata_FL.csv
2016-06-05 04:32 - 2016-06-05 04:32 - 00000956 _____ C:\Users\Michelle Jasmine\Downloads\generaldata_NY.csv
2016-06-02 20:14 - 2016-06-02 20:14 - 05939501 _____ C:\Users\Guest\Downloads\misc folder.zip
2016-05-24 01:34 - 2016-05-24 01:34 - 00010984 _____ C:\Users\Michelle Jasmine\Downloads\[kat.cr]the.struggle.for.democracy.2012.election.edition.pdf.stormrg.torrent
2016-05-24 01:23 - 2016-05-24 01:23 - 04403200 _____ C:\Users\Guest\Downloads\The_Struggle_for_Democracy_2012_Election_Edition_PDF_StormRG.iso
2016-05-24 01:23 - 2016-05-24 01:23 - 04403200 _____ C:\Users\Guest\Downloads\The_Struggle_for_Democracy_2012_Election_Edition_PDF_StormRG (1).iso
2016-05-21 03:23 - 2016-05-21 03:24 - 03191488 _____ (Microsoft Corporation) C:\Users\Guest\Downloads\Setup.X86.en-US_O365HomePremRetail_596c95ae-2f89-4d56-87ec-38e43f295a1e_TX_PR_(1).exe
2016-05-21 03:21 - 2016-05-21 03:22 - 03191488 _____ (Microsoft Corporation) C:\Users\Guest\Downloads\Setup.X86.en-US_O365HomePremRetail_596c95ae-2f89-4d56-87ec-38e43f295a1e_TX_PR_.exe
2016-05-18 12:13 - 2016-05-18 12:13 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 02:27 - 2013-12-25 11:34 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 02:21 - 2014-09-03 00:25 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Avg
2016-06-17 02:09 - 2014-01-02 03:47 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Adobe
2016-06-17 01:17 - 2014-08-03 19:39 - 00003998 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{733CBE54-6582-4F99-B07C-1744514C1DA5}
2016-06-17 00:35 - 2015-05-20 00:35 - 00000414 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job
2016-06-16 19:07 - 2015-05-20 00:38 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-06-16 19:07 - 2015-05-20 00:38 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-06-16 19:05 - 2014-08-03 21:04 - 00000000 ____D C:\ProgramData\MFAData
2016-06-16 02:48 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 02:42 - 2013-12-26 14:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-16 02:30 - 2013-12-26 14:56 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 02:05 - 2013-12-25 03:19 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2115966475-1567825624-3805393455-1001
2016-06-15 01:47 - 2013-08-22 08:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-15 01:47 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-15 00:38 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-14 15:20 - 2014-08-03 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-14 01:35 - 2013-12-25 02:54 - 00000074 _____ C:\Users\Michelle Jasmine\AppData\Roaming\sp_data.sys
2016-06-14 01:34 - 2013-10-06 21:03 - 00003056 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2016-06-14 01:34 - 2013-10-06 21:03 - 00003028 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-06-14 01:34 - 2013-10-06 21:03 - 00003004 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2016-06-14 01:34 - 2013-10-06 21:03 - 00002988 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-06-14 01:34 - 2013-10-06 21:02 - 00002990 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2016-06-14 01:34 - 2013-10-06 20:56 - 00003542 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2016-06-14 01:25 - 2014-08-03 19:38 - 00000000 __RDO C:\Users\Michelle Jasmine\OneDrive
2016-06-14 01:24 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 20:58 - 2013-12-25 02:50 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Packages
2016-06-13 20:55 - 2015-05-30 00:38 - 00000000 ____D C:\Users\Michelle Jasmine\Documents\SCHOOL WORK
2016-06-12 16:32 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-12 15:39 - 2015-06-05 11:39 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Microsoft Help
2016-06-12 15:34 - 2013-08-22 08:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-12 15:31 - 2014-08-05 00:56 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
2016-06-12 15:29 - 2013-05-01 02:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-12 15:21 - 2014-08-03 18:59 - 00000000 ____D C:\Users\Michelle Jasmine
2016-06-09 06:12 - 2013-12-25 02:50 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\VirtualStore
2016-06-09 02:30 - 2013-12-25 11:35 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 02:30 - 2013-12-25 11:35 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-09 02:25 - 2015-06-26 18:29 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\CrashDumps
2016-06-04 14:54 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-04 13:11 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-02 20:48 - 2014-06-12 21:15 - 00000000 ____D C:\Users\Guest\AppData\Local\Packages
2016-06-02 20:47 - 2014-06-12 21:15 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2016-06-02 20:16 - 2014-07-30 11:28 - 00000062 _____ C:\Users\Guest\AppData\Roaming\sp_data.sys
2016-05-27 00:57 - 2015-04-04 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-27 00:57 - 2015-04-04 04:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-26 17:28 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-26 17:21 - 2014-08-03 19:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-24 21:44 - 2016-02-13 07:21 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 01:40 - 2014-07-30 22:06 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Roaming\uTorrent
2016-05-24 01:24 - 2016-04-27 13:30 - 00002384 _____ C:\Users\Michelle Jasmine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-24 01:24 - 2015-06-02 14:13 - 00003216 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2115966475-1567825624-3805393455-1001
2016-05-21 05:54 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-21 05:46 - 2014-03-18 03:03 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-21 05:41 - 2013-08-22 07:44 - 05142256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-21 05:36 - 2014-12-11 23:01 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-21 05:36 - 2014-03-18 02:45 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2014-04-15 21:52 - 2014-04-15 21:52 - 0000021 _____ () C:\Users\Michelle Jasmine\AppData\Roaming\my_intel.sys
2013-12-25 02:54 - 2016-06-14 01:35 - 0000074 _____ () C:\Users\Michelle Jasmine\AppData\Roaming\sp_data.sys
2013-05-01 02:34 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 02:34 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 02:34 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-07-30 22:34 - 2012-10-24 12:44 - 0656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2041816.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2041816.exe
Some files in TEMP:
====================
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_081342043625.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_081924337804.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_08553894185.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-15 01:46
==================== End of FRST.txt ============================
Ran by Michelle Jasmine (administrator) on MICHELLEJASMINE (17-06-2016 02:34:39)
Running from C:\Users\Michelle Jasmine\Downloads
Loaded Profiles: Michelle Jasmine (Available Profiles: Michelle Jasmine & Guest)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\loggingserver.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coNatHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-06-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6570256 2016-06-09] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2662472 2016-06-12] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-05-18] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [36151360 2014-02-23] (ooVoo LLC)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [Spotify] => C:\Users\Michelle Jasmine\AppData\Roaming\Spotify\Spotify.exe [6162488 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [Spotify Web Helper] => C:\Users\Michelle Jasmine\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-10] (Spotify Ltd)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\Run: [uTorrent] => C:\Users\Michelle Jasmine\AppData\Roaming\uTorrent\uTorrent.exe [1413200 2014-07-31] (BitTorrent Inc.)
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\RunOnce: [Uninstall C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.4604.0120] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.4604.0120"
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\...\RunOnce: [Uninstall C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.6301.0127] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michelle Jasmine\AppData\Local\Microsoft\OneDrive\17.3.6301.0127"
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk [2015-09-16]
ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_E7648186C0BE4AE6AF2E431C614DBB20.exe (Flexera Software LLC)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{7B95813A-D358-4920-A635-FAEA3E6238FD}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{A6382732-B88B-441C-A972-D674F999B6E3}: [DhcpNameServer] 192.168.24.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2115966475-1567825624-3805393455-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-26] (Microsoft Corporation)
BHO: Oovoo Toolbar -> {4F564F32-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport_x64.dll" => No File
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-26] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: Oovoo Toolbar -> {4F564F32-5637-4300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport.dll" => No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM - Oovoo Toolbar - {4F564F32-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport_x64.dll" No File
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-12] (AVG Secure Search)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Oovoo Toolbar - {4F564F32-5637-4300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\OVO2V7C\Passport.dll" No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\19.4.0.518\AVG SafeGuard toolbar_toolbar.dll [2016-06-12] (AVG Secure Search)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-2115966475-1567825624-3805393455-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-26] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\19.4.0\ViProtocol.dll [2016-04-20] (AVG Secure Search)
FireFox:
========
FF ProfilePath: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxps://mysearch.avg.com?cid={4af1bdb7-a79b-4f27-a7ff-d6b6291a66cd}&mid=d72eb3010d9747d29d020919a0f965ea-dac13a77557ba83f1fc21bf6d30ac861e97881a8&lang=en&ds=avg&coid=avgtbavg&cmpid=1215tb&pr=pr&d=2014-08-05 00:57:42&v=19.4.0.518&pid=safeguard&sg=&sap=hp
FF Keyword.URL:
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-06-19] (Adobe Systems)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\19.4.0\\npsitesafety.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-06-19] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2115966475-1567825624-3805393455-1001: gingersoftware.com/gingerPlugin -> C:\Program Files (x86)\Ginger\GingerServices\GingerServicesProxy.dll [2015-09-03] (Ginger Software)
FF SearchPlugin: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\searchplugins\avg-secure-search.xml [2016-06-12]
FF SearchPlugin: C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\searchplugins\safesearch.xml [2015-06-26]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2016-06-12]
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2016-06-14] [not signed]
FF Extension: AVG SafeGuard toolbar - C:\Users\Michelle Jasmine\AppData\Roaming\Mozilla\Firefox\Profiles\6y5zl40d.default\Extensions\avg@safeguard.xpi [2016-06-12]
FF Extension: Ginger - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2015-09-16] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
FF Extension: Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com [2015-09-16] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (PriCEMinus) - C:\ProgramData\ippokghbfppgbblbmpgeedeciehmdkln\ []
CHR Profile: C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-17]
CHR Extension: (Google Docs) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-17]
CHR Extension: (Google Drive) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-17]
CHR Extension: (YouTube) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-17]
CHR Extension: (Norton Security Toolbar) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-06-17]
CHR Extension: (Google Sheets) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-17]
CHR Extension: (Google Docs Offline) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-17]
CHR Extension: (Norton Identity Safe) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-06-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-17]
CHR Extension: (Gmail) - C:\Users\Michelle Jasmine\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-17]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx [2015-06-26]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\Exts\Chrome.crx [2015-06-26]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-18] () [File not signed]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [636312 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5165824 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080592 2016-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [705528 2016-06-09] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2945792 2016-05-26] (Microsoft Corporation)
R2 GingerUpdateService; C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [527360 2015-09-03] (Ginger Software) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-05-21] (SurfRight B.V.)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.0.124\NS.exe [282016 2015-06-17] (Symantec Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [200240 2016-05-25] (Microsoft Corporation) [File not signed]
R2 vToolbarUpdater18.7.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.7.0\ToolbarUpdater.exe [1842576 2015-08-01] (AVG Secure Search)
R2 vToolbarUpdater19.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\19.4.0\ToolbarUpdater.exe [1888328 2016-04-20] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [67864 2013-04-16] (ASUS Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162592 2016-02-16] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [307456 2016-05-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [247040 2016-05-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [51968 2016-05-02] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [71936 2016-05-05] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150521.001\BHDrvx64.sys [1640152 2015-06-03] (Symantec Corporation)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605000.07C\ccSetx64.sys [165080 2015-06-03] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150716.001\IDSvia64.sys [692984 2015-07-16] (Symantec Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-01] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-15] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150603.019\ENG64.SYS [129752 2014-11-15] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150603.019\EX64.SYS [2137304 2014-11-15] (Symantec Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33744 2013-04-16] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSP64.SYS [917720 2015-06-03] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605000.07C\SRTSPX64.SYS [42200 2015-06-03] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605000.07C\SYMEFASI64.SYS [1611992 2015-06-03] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NSx64\1605000.07C\SymELAM.sys [23568 2015-06-03] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102616 2015-06-26] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605000.07C\Ironx64.SYS [288984 2015-06-03] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NSx64\1605000.07C\SYMNETS.SYS [567512 2015-06-03] (Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 02:34 - 2016-06-17 02:34 - 00028128 _____ C:\Users\Michelle Jasmine\Downloads\FRST.txt
2016-06-17 02:34 - 2016-06-17 02:34 - 00000000 ____D C:\FRST
2016-06-17 02:33 - 2016-06-17 02:33 - 02386944 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST64.exe
2016-06-17 02:32 - 2016-06-17 02:32 - 01737216 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST (1).exe
2016-06-17 02:31 - 2016-06-17 02:31 - 01737216 _____ (Farbar) C:\Users\Michelle Jasmine\Downloads\FRST.exe
2016-06-17 02:09 - 2016-06-17 02:09 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\AvgSetupLog
2016-06-17 02:08 - 2016-06-17 02:09 - 03136872 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Michelle Jasmine\Downloads\AVG_Ultimate_825.exe
2016-06-17 02:02 - 2016-06-17 02:02 - 00579584 _____ C:\Users\Michelle Jasmine\Downloads\(Working updated)instagram followers hack tool.iso
2016-06-13 20:16 - 2016-06-13 20:16 - 00679262 _____ C:\Users\Michelle Jasmine\Downloads\Downloadable Copy of Soc 1 Syllabus.pdf
2016-06-12 15:31 - 2016-06-12 15:31 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
2016-06-05 04:33 - 2016-06-05 04:33 - 00000943 _____ C:\Users\Michelle Jasmine\Downloads\generaldata_FL.csv
2016-06-05 04:32 - 2016-06-05 04:32 - 00000956 _____ C:\Users\Michelle Jasmine\Downloads\generaldata_NY.csv
2016-06-02 20:14 - 2016-06-02 20:14 - 05939501 _____ C:\Users\Guest\Downloads\misc folder.zip
2016-05-24 01:34 - 2016-05-24 01:34 - 00010984 _____ C:\Users\Michelle Jasmine\Downloads\[kat.cr]the.struggle.for.democracy.2012.election.edition.pdf.stormrg.torrent
2016-05-24 01:23 - 2016-05-24 01:23 - 04403200 _____ C:\Users\Guest\Downloads\The_Struggle_for_Democracy_2012_Election_Edition_PDF_StormRG.iso
2016-05-24 01:23 - 2016-05-24 01:23 - 04403200 _____ C:\Users\Guest\Downloads\The_Struggle_for_Democracy_2012_Election_Edition_PDF_StormRG (1).iso
2016-05-21 03:23 - 2016-05-21 03:24 - 03191488 _____ (Microsoft Corporation) C:\Users\Guest\Downloads\Setup.X86.en-US_O365HomePremRetail_596c95ae-2f89-4d56-87ec-38e43f295a1e_TX_PR_(1).exe
2016-05-21 03:21 - 2016-05-21 03:22 - 03191488 _____ (Microsoft Corporation) C:\Users\Guest\Downloads\Setup.X86.en-US_O365HomePremRetail_596c95ae-2f89-4d56-87ec-38e43f295a1e_TX_PR_.exe
2016-05-18 12:13 - 2016-05-18 12:13 - 00307456 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-06-17 02:27 - 2013-12-25 11:34 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 02:21 - 2014-09-03 00:25 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Avg
2016-06-17 02:09 - 2014-01-02 03:47 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Adobe
2016-06-17 01:17 - 2014-08-03 19:39 - 00003998 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{733CBE54-6582-4F99-B07C-1744514C1DA5}
2016-06-17 00:35 - 2015-05-20 00:35 - 00000414 _____ C:\WINDOWS\Tasks\Bidaily Synchronize Task[pr].job
2016-06-16 19:07 - 2015-05-20 00:38 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-06-16 19:07 - 2015-05-20 00:38 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-06-16 19:05 - 2014-08-03 21:04 - 00000000 ____D C:\ProgramData\MFAData
2016-06-16 02:48 - 2012-07-26 00:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 02:42 - 2013-12-26 14:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-16 02:30 - 2013-12-26 14:56 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-15 02:05 - 2013-12-25 03:19 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2115966475-1567825624-3805393455-1001
2016-06-15 01:47 - 2013-08-22 08:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-15 01:47 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-15 00:38 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-14 15:20 - 2014-08-03 21:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-06-14 01:35 - 2013-12-25 02:54 - 00000074 _____ C:\Users\Michelle Jasmine\AppData\Roaming\sp_data.sys
2016-06-14 01:34 - 2013-10-06 21:03 - 00003056 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2016-06-14 01:34 - 2013-10-06 21:03 - 00003028 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2016-06-14 01:34 - 2013-10-06 21:03 - 00003004 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2016-06-14 01:34 - 2013-10-06 21:03 - 00002988 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2016-06-14 01:34 - 2013-10-06 21:02 - 00002990 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2016-06-14 01:34 - 2013-10-06 20:56 - 00003542 _____ C:\WINDOWS\System32\Tasks\ASUS Touchpad Launcher (x64)
2016-06-14 01:25 - 2014-08-03 19:38 - 00000000 __RDO C:\Users\Michelle Jasmine\OneDrive
2016-06-14 01:24 - 2013-08-22 07:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-13 20:58 - 2013-12-25 02:50 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Packages
2016-06-13 20:55 - 2015-05-30 00:38 - 00000000 ____D C:\Users\Michelle Jasmine\Documents\SCHOOL WORK
2016-06-12 16:32 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-12 15:39 - 2015-06-05 11:39 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\Microsoft Help
2016-06-12 15:34 - 2013-08-22 08:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-12 15:31 - 2014-08-05 00:56 - 00000000 ____D C:\Program Files\AVG SafeGuard toolbar
2016-06-12 15:29 - 2013-05-01 02:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-12 15:21 - 2014-08-03 18:59 - 00000000 ____D C:\Users\Michelle Jasmine
2016-06-09 06:12 - 2013-12-25 02:50 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\VirtualStore
2016-06-09 02:30 - 2013-12-25 11:35 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-09 02:30 - 2013-12-25 11:35 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-09 02:25 - 2015-06-26 18:29 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Local\CrashDumps
2016-06-04 14:54 - 2013-08-22 06:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-04 13:11 - 2012-07-26 01:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-02 20:48 - 2014-06-12 21:15 - 00000000 ____D C:\Users\Guest\AppData\Local\Packages
2016-06-02 20:47 - 2014-06-12 21:15 - 00000000 ____D C:\Users\Guest\AppData\Roaming\Adobe
2016-06-02 20:16 - 2014-07-30 11:28 - 00000062 _____ C:\Users\Guest\AppData\Roaming\sp_data.sys
2016-05-27 00:57 - 2015-04-04 04:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-27 00:57 - 2015-04-04 04:47 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-26 17:28 - 2013-08-22 06:36 - 00000000 ____D C:\WINDOWS\Inf
2016-05-26 17:21 - 2014-08-03 19:46 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-24 21:44 - 2016-02-13 07:21 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-24 01:40 - 2014-07-30 22:06 - 00000000 ____D C:\Users\Michelle Jasmine\AppData\Roaming\uTorrent
2016-05-24 01:24 - 2016-04-27 13:30 - 00002384 _____ C:\Users\Michelle Jasmine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-24 01:24 - 2015-06-02 14:13 - 00003216 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2115966475-1567825624-3805393455-1001
2016-05-21 05:54 - 2013-08-22 08:36 - 00000000 ____D C:\WINDOWS\rescache
2016-05-21 05:46 - 2014-03-18 03:03 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-21 05:41 - 2013-08-22 07:44 - 05142256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-21 05:36 - 2014-12-11 23:01 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-21 05:36 - 2014-03-18 02:45 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2014-04-15 21:52 - 2014-04-15 21:52 - 0000021 _____ () C:\Users\Michelle Jasmine\AppData\Roaming\my_intel.sys
2013-12-25 02:54 - 2016-06-14 01:35 - 0000074 _____ () C:\Users\Michelle Jasmine\AppData\Roaming\sp_data.sys
2013-05-01 02:34 - 2012-09-07 04:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 02:34 - 2009-07-22 03:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 02:34 - 2012-09-07 04:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
2014-07-30 22:34 - 2012-10-24 12:44 - 0656048 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2041816.exe
Files to move or delete:
====================
C:\ProgramData\uninstall2041816.exe
Some files in TEMP:
====================
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_081342043625.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_081924337804.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\avguirn_08553894185.exe
C:\Users\Michelle Jasmine\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-15 01:46
==================== End of FRST.txt ============================