Hello,
I have been searching the internet for the last two days on how to fix my laptop. I've ran a virus and malware scan on it but nothing comes up. My internet says "limited connectivity" on my laptop but all my other devices connect fine to the same wifi. I'm quite certain it's some kind of virus.
I read a forum on here that said to do a FRST scan and paste the information. Please see below and thank you in advance for any help you can offer! I've tried everything and can't fix it
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Hilary (administrator) on POOPSICLE on 21-04-2015 16:30:57
Running from C:\Users\Hilary\Desktop
Loaded Profiles: Hilary (Available profiles: Hilary)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Hilary\AppData\Roaming\BitTorrent\BitTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-03-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-03-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3033112 2015-03-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [AVG-Secure-Search-Update_1214av] => C:\Users\Hilary\AppData\Roaming\Avg_Update_1214av\AVG-Secure-Search-Update_1214av.exe /PROMPT /mid=90197547430747d2a1d9f9aa01619aed-4be8c4e3f9385b165c290377163382e216e028bb /CMPID=1214av
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [BitTorrent] => C:\Users\Hilary\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\RunOnce: [Application Restart #5] => C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe [7851848 2015-04-13] (Pokki)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\RunOnce: [Application Restart #4] => C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe [7851848 2015-04-13] (Pokki)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [589312 2014-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-05-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-02-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D939...coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-16 10:10:20&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {17309874-2744-4C75-B1FF-5B3139506B34} URL =
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid...coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-16 10:10:20&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {AF83B129-ACE3-11E4-8277-28E34785731E} URL = http://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-16] (AVG)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-28] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-16] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-28] (Oracle Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 64.59.135.143 64.59.128.110
Tcpip\..\Interfaces\{14B786D7-48FF-461A-9F58-33B21704EBC7}: [NameServer] 10.14.0.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=lenovo&m=home
CHR StartupUrls: Default -> "hxxp://homepage-web.com/?s=lenovo&m=start"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-28] (ELAN Microelectronics Corp.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-03-19] ()
R2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-03-16] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-16] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-03-19] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-20] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 16:30 - 2015-04-21 16:31 - 00023586 _____ () C:\Users\Hilary\Desktop\FRST.txt
2015-04-21 16:30 - 2015-04-21 16:31 - 00000000 ____D () C:\FRST
2015-04-21 16:30 - 2015-04-21 16:26 - 02099712 _____ (Farbar) C:\Users\Hilary\Desktop\FRST64.exe
2015-04-20 22:19 - 2015-04-20 22:19 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 22:19 - 2015-04-20 22:19 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 22:19 - 2015-04-20 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 22:19 - 2015-04-20 22:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-20 22:19 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-20 22:19 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-20 22:19 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-20 22:18 - 2015-04-16 14:22 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hilary\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-20 09:27 - 2015-04-20 09:27 - 00000000 ____D () C:\windows\pss
2015-04-16 17:10 - 2015-04-17 09:55 - 00000000 ____D () C:\Users\Hilary\Desktop\Photos
2015-04-15 00:01 - 2015-03-23 15:59 - 07476032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 00:01 - 2015-03-23 15:59 - 01733952 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 00:01 - 2015-03-23 15:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-04-15 00:01 - 2015-03-23 15:58 - 01498872 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 00:01 - 2015-03-23 15:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-04-15 00:01 - 2015-03-19 22:12 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2015-04-15 00:01 - 2015-03-19 22:10 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 00:01 - 2015-03-19 22:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 00:01 - 2015-03-19 21:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-04-15 00:01 - 2015-03-19 20:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-04-15 00:01 - 2015-03-19 20:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-04-15 00:01 - 2015-03-19 20:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-04-15 00:01 - 2015-03-14 02:20 - 01385256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-04-15 00:01 - 2015-03-14 02:13 - 01124352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-04-15 00:01 - 2015-03-12 22:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 00:01 - 2015-03-12 21:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 00:01 - 2015-03-12 20:58 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-04-15 00:01 - 2015-03-12 20:37 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-04-15 00:01 - 2015-02-20 17:49 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2015-04-15 00:00 - 2015-03-22 16:45 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00769024 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 00:00 - 2015-03-14 02:54 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 00:00 - 2015-03-13 19:56 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 00:00 - 2015-03-13 19:56 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 00:00 - 2015-03-13 19:51 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 00:00 - 2015-03-13 19:37 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 00:00 - 2015-03-13 19:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 00:00 - 2015-03-13 18:22 - 03678720 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 00:00 - 2015-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 00:00 - 2015-03-13 18:12 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 00:00 - 2015-03-13 18:09 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2015-04-15 00:00 - 2015-03-13 18:08 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-04-15 00:00 - 2015-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 00:00 - 2015-03-13 18:06 - 02373632 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 00:00 - 2015-03-13 18:06 - 00891392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 00:00 - 2015-03-13 18:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 00:00 - 2015-03-13 18:02 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 00:00 - 2015-03-13 17:59 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 00:00 - 2015-03-13 17:59 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 00:00 - 2015-03-12 22:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 00:00 - 2015-03-12 22:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 00:00 - 2015-03-12 21:53 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-04-15 00:00 - 2015-03-12 21:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 00:00 - 2015-03-12 21:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 00:00 - 2015-03-12 21:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 00:00 - 2015-03-12 21:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 00:00 - 2015-03-12 21:17 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-04-15 00:00 - 2015-03-12 21:16 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-04-15 00:00 - 2015-03-12 21:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 00:00 - 2015-03-12 21:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 00:00 - 2015-03-12 21:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 00:00 - 2015-03-12 20:50 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-04-15 00:00 - 2015-03-12 20:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 00:00 - 2015-03-12 20:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 00:00 - 2015-03-12 20:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 00:00 - 2015-03-12 20:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 00:00 - 2015-03-12 20:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 00:00 - 2015-03-12 20:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 00:00 - 2015-03-12 20:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 00:00 - 2015-03-12 20:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 00:00 - 2015-03-12 20:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 00:00 - 2015-03-04 04:25 - 00377152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2015-04-15 00:00 - 2015-03-03 21:04 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 00:00 - 2015-03-03 20:19 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-15 00:00 - 2015-02-24 02:32 - 00991552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-09 09:45 - 2015-04-14 19:45 - 00000000 ____D () C:\Users\Hilary\Desktop\BABY EINSTEIN
2015-04-04 08:08 - 2015-04-04 08:12 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-04 08:08 - 2015-04-04 08:08 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-03-31 12:15 - 2015-03-31 12:16 - 03246669 _____ () C:\Users\Hilary\Downloads\IMG_5698.MOV
2015-03-27 15:26 - 2015-03-27 15:26 - 00002112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-bit.lnk
2015-03-27 15:26 - 2015-03-27 15:26 - 00002092 _____ () C:\Users\Public\Desktop\Lightroom 5.7.1 64-bit.lnk
2015-03-27 13:22 - 2015-03-27 13:22 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-27 13:22 - 2015-03-27 13:22 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-03-26 15:14 - 2015-03-26 15:30 - 00000000 ____D () C:\Users\Hilary\Desktop\Develop pic
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 16:31 - 2015-01-06 19:22 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\BitTorrent
2015-04-21 16:23 - 2014-06-30 11:00 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf9484db10ee9c.job
2015-04-21 16:15 - 2014-03-19 21:02 - 01051986 _____ () C:\windows\WindowsUpdate.log
2015-04-21 16:10 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru
2015-04-21 16:10 - 2013-08-22 08:46 - 00092849 _____ () C:\windows\setupact.log
2015-04-21 16:09 - 2014-11-16 14:44 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Skype
2015-04-21 16:02 - 2014-05-16 10:55 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-21 16:01 - 2014-05-25 09:28 - 00000000 ____D () C:\Users\Hilary\AppData\Local\Adobe
2015-04-21 16:01 - 2014-05-14 16:27 - 00000000 ____D () C:\Users\Hilary\AppData\Local\Pokki
2015-04-21 16:00 - 2014-05-14 16:33 - 00000000 __RDO () C:\Users\Hilary\SkyDrive
2015-04-21 16:00 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-21 15:59 - 2014-05-17 13:56 - 08067512 _____ () C:\Users\Public\CAFADEBUG.log
2015-04-21 15:59 - 2014-03-19 22:16 - 00006656 _____ () C:\windows\system32\VfService.trf
2015-04-21 15:59 - 2013-08-22 07:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2015-04-21 15:57 - 2014-05-30 10:20 - 00000000 ____D () C:\Users\Hilary\AppData\Local\CrashDumps
2015-04-21 15:57 - 2013-10-07 12:27 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-21 13:27 - 2014-10-05 19:58 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-21 11:03 - 2014-05-15 20:07 - 00003934 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0D923CEF-7F9B-4BEA-AB6B-09AC8B551D3F}
2015-04-21 07:18 - 2013-10-07 12:23 - 00029488 _____ () C:\windows\PFRO.log
2015-04-20 22:53 - 2014-05-14 16:36 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-427269326-3713369890-2418317862-1002
2015-04-20 11:16 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\NDF
2015-04-19 23:07 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness
2015-04-19 09:24 - 2014-11-01 19:16 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\ExpressVPN
2015-04-18 18:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache
2015-04-18 16:05 - 2013-08-22 07:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-04-17 15:27 - 2014-05-16 10:56 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-17 10:09 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppCompat
2015-04-16 17:22 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp
2015-04-16 17:11 - 2014-05-14 16:34 - 00002342 _____ () C:\Users\Hilary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-04-16 16:21 - 2014-12-11 00:34 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-16 16:21 - 2014-07-10 20:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 14:39 - 2014-05-26 10:18 - 00836608 ___SH () C:\Users\Hilary\Desktop\Thumbs.db
2015-04-15 02:24 - 2014-05-17 14:41 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 02:14 - 2014-05-17 14:40 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-14 23:59 - 2014-11-12 18:11 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2015-04-14 19:44 - 2015-01-11 11:06 - 00000000 ____D () C:\Users\Hilary\Downloads\Miriam Makeba [1972] Pata Pata (Remastered LP-rip)
2015-04-13 17:24 - 2015-03-16 09:55 - 00792056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-13 17:24 - 2015-03-16 09:55 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-09 18:31 - 2014-05-19 10:45 - 00296960 ___SH () C:\Users\Hilary\Downloads\Thumbs.db
2015-04-09 18:29 - 2015-01-28 17:09 - 00000000 ____D () C:\Users\Hilary\Downloads\Baby.Einstein[Baby Mozart]DVDRip[Eng]Xvid-10vol
2015-04-08 12:44 - 2014-09-09 18:39 - 00002246 ____H () C:\Users\Hilary\Documents\Default.rdp
2015-04-08 11:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-04-08 11:16 - 2014-05-25 09:28 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Nitro PDF
2015-04-02 21:31 - 2014-05-14 16:27 - 00000000 ____D () C:\Users\Hilary
2015-03-31 08:33 - 2014-10-05 20:02 - 00000992 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-31 08:33 - 2014-10-05 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-27 15:23 - 2014-05-26 09:23 - 00000000 ____D () C:\Program Files\Adobe
2015-03-27 13:22 - 2014-05-14 16:29 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Adobe
2015-03-27 13:22 - 2014-03-19 21:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-27 13:19 - 2014-03-19 22:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
==================== Files in the root of some directories =======
2015-01-10 12:44 - 2015-01-10 12:49 - 0000854 _____ () C:\Users\Hilary\AppData\Local\7396d5af-93b3-4d36-bfec-04bbd1449761.dat
2014-03-19 21:30 - 2014-03-19 21:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Hilary\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Hilary\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Hilary\AppData\Local\Temp\oct1ADC.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct274A.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct4237.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct84A4.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octBE63.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octD43D.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octD557.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octDD9A.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hilary\AppData\Local\Temp\uttE34D.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-15 02:06
==================== End Of Log ============================
I have been searching the internet for the last two days on how to fix my laptop. I've ran a virus and malware scan on it but nothing comes up. My internet says "limited connectivity" on my laptop but all my other devices connect fine to the same wifi. I'm quite certain it's some kind of virus.
I read a forum on here that said to do a FRST scan and paste the information. Please see below and thank you in advance for any help you can offer! I've tried everything and can't fix it
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Hilary (administrator) on POOPSICLE on 21-04-2015 16:30:57
Running from C:\Users\Hilary\Desktop
Loaded Profiles: Hilary (Available profiles: Hilary)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\loggingserver.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\Hilary\AppData\Roaming\BitTorrent\BitTorrent.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe
(AVG Secure Search) C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe
(Pokki) C:\Users\Hilary\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [903384 2013-07-24] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-12] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894664 2013-08-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-07-19] (Realtek semiconductor)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-03-19] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-03-19] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3033112 2015-03-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-25] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [AVG-Secure-Search-Update_1214av] => C:\Users\Hilary\AppData\Roaming\Avg_Update_1214av\AVG-Secure-Search-Update_1214av.exe /PROMPT /mid=90197547430747d2a1d9f9aa01619aed-4be8c4e3f9385b165c290377163382e216e028bb /CMPID=1214av
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\Run: [BitTorrent] => C:\Users\Hilary\AppData\Roaming\BitTorrent\BitTorrent.exe [1744472 2015-03-03] (BitTorrent Inc.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\RunOnce: [Application Restart #5] => C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe [7851848 2015-04-13] (Pokki)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\...\RunOnce: [Application Restart #4] => C:\Users\Hilary\AppData\Local\Pokki\Engine\HostAppService.exe [7851848 2015-04-13] (Pokki)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\PhotoScreensaver.scr [589312 2014-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2014-05-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-02-08]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-427269326-3713369890-2418317862-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D939...coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-16 10:10:20&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {17309874-2744-4C75-B1FF-5B3139506B34} URL =
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid...coid=avgtbavg&cmpid=0215av&pr=fr&d=2015-03-16 10:10:20&v=4.1.0.411&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-427269326-3713369890-2418317862-1002 -> {AF83B129-ACE3-11E4-8277-28E34785731E} URL = http://search.homepage-web.com/?src=omnibox&partner=lenovo&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-16] (AVG)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09] (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-28] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.1.0.411\AVG Web TuneUp.dll [2015-03-16] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-28] (Oracle Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 64.59.135.143 64.59.128.110
Tcpip\..\Interfaces\{14B786D7-48FF-461A-9F58-33B21704EBC7}: [NameServer] 10.14.0.1
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.4.0\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll [2014-12-11] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-08-17] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
Chrome:
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=lenovo&m=home
CHR StartupUrls: Default -> "hxxp://homepage-web.com/?s=lenovo&m=start"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{googleageClassification}{google:searchVersion}{google:sessionToken}{googlerefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-16]
CHR Extension: (Google Drive) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-16]
CHR Extension: (YouTube) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-16]
CHR Extension: (Google Search) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Google Wallet) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-16]
CHR Extension: (Gmail) - C:\Users\Hilary\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-16]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-14] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [92160 2013-07-28] (ELAN Microelectronics Corp.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-08-17] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-03-19] ()
R2 vToolbarUpdater18.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.4.0\ToolbarUpdater.exe [1875480 2015-03-16] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-03-16] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [289248 2015-03-19] (AVG Technologies CZ, s.r.o.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-20] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8247640 2013-07-19] (Realtek Semiconductor Corp.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 16:30 - 2015-04-21 16:31 - 00023586 _____ () C:\Users\Hilary\Desktop\FRST.txt
2015-04-21 16:30 - 2015-04-21 16:31 - 00000000 ____D () C:\FRST
2015-04-21 16:30 - 2015-04-21 16:26 - 02099712 _____ (Farbar) C:\Users\Hilary\Desktop\FRST64.exe
2015-04-20 22:19 - 2015-04-20 22:19 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 22:19 - 2015-04-20 22:19 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 22:19 - 2015-04-20 22:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 22:19 - 2015-04-20 22:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-20 22:19 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-20 22:19 - 2015-03-17 06:15 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-20 22:19 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-20 22:18 - 2015-04-16 14:22 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Hilary\Desktop\mbam-setup-2.1.4.1018.exe
2015-04-20 09:27 - 2015-04-20 09:27 - 00000000 ____D () C:\windows\pss
2015-04-16 17:10 - 2015-04-17 09:55 - 00000000 ____D () C:\Users\Hilary\Desktop\Photos
2015-04-15 00:01 - 2015-03-23 15:59 - 07476032 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 00:01 - 2015-03-23 15:59 - 01733952 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 00:01 - 2015-03-23 15:59 - 00360480 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-04-15 00:01 - 2015-03-23 15:58 - 01498872 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 00:01 - 2015-03-23 15:45 - 00257216 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-04-15 00:01 - 2015-03-19 22:12 - 00246272 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2015-04-15 00:01 - 2015-03-19 22:10 - 00285184 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 00:01 - 2015-03-19 22:10 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 00:01 - 2015-03-19 21:17 - 00411648 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-04-15 00:01 - 2015-03-19 20:41 - 00369152 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-04-15 00:01 - 2015-03-19 20:40 - 00950784 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-04-15 00:01 - 2015-03-19 20:16 - 00749568 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-04-15 00:01 - 2015-03-14 02:20 - 01385256 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-04-15 00:01 - 2015-03-14 02:13 - 01124352 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-04-15 00:01 - 2015-03-12 22:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 00:01 - 2015-03-12 21:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 00:01 - 2015-03-12 20:58 - 00259072 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
2015-04-15 00:01 - 2015-03-12 20:37 - 00208896 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
2015-04-15 00:01 - 2015-02-20 17:49 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2015-04-15 00:00 - 2015-03-22 16:45 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00769024 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00419328 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 00:00 - 2015-03-22 16:09 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 00:00 - 2015-03-14 02:54 - 00133256 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 00:00 - 2015-03-13 19:56 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 00:00 - 2015-03-13 19:56 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 00:00 - 2015-03-13 19:51 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 00:00 - 2015-03-13 19:37 - 00267264 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 00:00 - 2015-03-13 19:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 00:00 - 2015-03-13 18:22 - 03678720 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 00:00 - 2015-03-13 18:12 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 00:00 - 2015-03-13 18:12 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 00:00 - 2015-03-13 18:09 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\storewuauth.dll
2015-04-15 00:00 - 2015-03-13 18:08 - 00408064 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2015-04-15 00:00 - 2015-03-13 18:08 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 00:00 - 2015-03-13 18:06 - 02373632 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 00:00 - 2015-03-13 18:06 - 00891392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 00:00 - 2015-03-13 18:02 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 00:00 - 2015-03-13 18:02 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 00:00 - 2015-03-13 17:59 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 00:00 - 2015-03-13 17:59 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 00:00 - 2015-03-12 22:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 00:00 - 2015-03-12 22:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 00:00 - 2015-03-12 21:53 - 00816128 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-04-15 00:00 - 2015-03-12 21:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 00:00 - 2015-03-12 21:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 00:00 - 2015-03-12 21:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 00:00 - 2015-03-12 21:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 00:00 - 2015-03-12 21:17 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-04-15 00:00 - 2015-03-12 21:16 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-04-15 00:00 - 2015-03-12 21:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 00:00 - 2015-03-12 21:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 00:00 - 2015-03-12 21:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 00:00 - 2015-03-12 20:50 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-04-15 00:00 - 2015-03-12 20:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 00:00 - 2015-03-12 20:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 00:00 - 2015-03-12 20:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 00:00 - 2015-03-12 20:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 00:00 - 2015-03-12 20:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 00:00 - 2015-03-12 20:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 00:00 - 2015-03-12 20:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 00:00 - 2015-03-12 20:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 00:00 - 2015-03-12 20:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 00:00 - 2015-03-04 04:25 - 00377152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2015-04-15 00:00 - 2015-03-03 21:04 - 00075264 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 00:00 - 2015-03-03 20:19 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-15 00:00 - 2015-02-24 02:32 - 00991552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-09 09:45 - 2015-04-14 19:45 - 00000000 ____D () C:\Users\Hilary\Desktop\BABY EINSTEIN
2015-04-04 08:08 - 2015-04-04 08:12 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-04 08:08 - 2015-04-04 08:08 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-03-31 12:15 - 2015-03-31 12:16 - 03246669 _____ () C:\Users\Hilary\Downloads\IMG_5698.MOV
2015-03-27 15:26 - 2015-03-27 15:26 - 00002112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7.1 64-bit.lnk
2015-03-27 15:26 - 2015-03-27 15:26 - 00002092 _____ () C:\Users\Public\Desktop\Lightroom 5.7.1 64-bit.lnk
2015-03-27 13:22 - 2015-03-27 13:22 - 00001340 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-03-27 13:22 - 2015-03-27 13:22 - 00001328 _____ () C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-03-26 15:14 - 2015-03-26 15:30 - 00000000 ____D () C:\Users\Hilary\Desktop\Develop pic
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-21 16:31 - 2015-01-06 19:22 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\BitTorrent
2015-04-21 16:23 - 2014-06-30 11:00 - 00000926 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA1cf9484db10ee9c.job
2015-04-21 16:15 - 2014-03-19 21:02 - 01051986 _____ () C:\windows\WindowsUpdate.log
2015-04-21 16:10 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\sru
2015-04-21 16:10 - 2013-08-22 08:46 - 00092849 _____ () C:\windows\setupact.log
2015-04-21 16:09 - 2014-11-16 14:44 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Skype
2015-04-21 16:02 - 2014-05-16 10:55 - 00000922 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-21 16:01 - 2014-05-25 09:28 - 00000000 ____D () C:\Users\Hilary\AppData\Local\Adobe
2015-04-21 16:01 - 2014-05-14 16:27 - 00000000 ____D () C:\Users\Hilary\AppData\Local\Pokki
2015-04-21 16:00 - 2014-05-14 16:33 - 00000000 __RDO () C:\Users\Hilary\SkyDrive
2015-04-21 16:00 - 2013-08-22 08:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-21 15:59 - 2014-05-17 13:56 - 08067512 _____ () C:\Users\Public\CAFADEBUG.log
2015-04-21 15:59 - 2014-03-19 22:16 - 00006656 _____ () C:\windows\system32\VfService.trf
2015-04-21 15:59 - 2013-08-22 07:25 - 00524288 ___SH () C:\windows\system32\config\BBI
2015-04-21 15:57 - 2014-05-30 10:20 - 00000000 ____D () C:\Users\Hilary\AppData\Local\CrashDumps
2015-04-21 15:57 - 2013-10-07 12:27 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-21 13:27 - 2014-10-05 19:58 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-21 11:03 - 2014-05-15 20:07 - 00003934 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0D923CEF-7F9B-4BEA-AB6B-09AC8B551D3F}
2015-04-21 07:18 - 2013-10-07 12:23 - 00029488 _____ () C:\windows\PFRO.log
2015-04-20 22:53 - 2014-05-14 16:36 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-427269326-3713369890-2418317862-1002
2015-04-20 11:16 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\NDF
2015-04-19 23:07 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppReadiness
2015-04-19 09:24 - 2014-11-01 19:16 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\ExpressVPN
2015-04-18 18:32 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\rescache
2015-04-18 16:05 - 2013-08-22 07:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2015-04-17 15:27 - 2014-05-16 10:56 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-17 10:09 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\AppCompat
2015-04-16 17:22 - 2013-08-22 09:20 - 00000000 ____D () C:\windows\CbsTemp
2015-04-16 17:11 - 2014-05-14 16:34 - 00002342 _____ () C:\Users\Hilary\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-04-16 16:21 - 2014-12-11 00:34 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-16 16:21 - 2014-07-10 20:42 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 14:39 - 2014-05-26 10:18 - 00836608 ___SH () C:\Users\Hilary\Desktop\Thumbs.db
2015-04-15 02:24 - 2014-05-17 14:41 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 02:14 - 2014-05-17 14:40 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-14 23:59 - 2014-11-12 18:11 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\wuaext.dll
2015-04-14 19:44 - 2015-01-11 11:06 - 00000000 ____D () C:\Users\Hilary\Downloads\Miriam Makeba [1972] Pata Pata (Remastered LP-rip)
2015-04-13 17:24 - 2015-03-16 09:55 - 00792056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-13 17:24 - 2015-03-16 09:55 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-09 18:31 - 2014-05-19 10:45 - 00296960 ___SH () C:\Users\Hilary\Downloads\Thumbs.db
2015-04-09 18:29 - 2015-01-28 17:09 - 00000000 ____D () C:\Users\Hilary\Downloads\Baby.Einstein[Baby Mozart]DVDRip[Eng]Xvid-10vol
2015-04-08 12:44 - 2014-09-09 18:39 - 00002246 ____H () C:\Users\Hilary\Documents\Default.rdp
2015-04-08 11:33 - 2013-08-22 09:36 - 00000000 ____D () C:\windows\system32\FxsTmp
2015-04-08 11:16 - 2014-05-25 09:28 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Nitro PDF
2015-04-02 21:31 - 2014-05-14 16:27 - 00000000 ____D () C:\Users\Hilary
2015-03-31 08:33 - 2014-10-05 20:02 - 00000992 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-03-31 08:33 - 2014-10-05 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-27 15:23 - 2014-05-26 09:23 - 00000000 ____D () C:\Program Files\Adobe
2015-03-27 13:22 - 2014-05-14 16:29 - 00000000 ____D () C:\Users\Hilary\AppData\Roaming\Adobe
2015-03-27 13:22 - 2014-03-19 21:21 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-27 13:19 - 2014-03-19 22:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
==================== Files in the root of some directories =======
2015-01-10 12:44 - 2015-01-10 12:49 - 0000854 _____ () C:\Users\Hilary\AppData\Local\7396d5af-93b3-4d36-bfec-04bbd1449761.dat
2014-03-19 21:30 - 2014-03-19 21:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some content of TEMP:
====================
C:\Users\Hilary\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Hilary\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Hilary\AppData\Local\Temp\oct1ADC.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct274A.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct4237.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\oct84A4.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octBE63.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octD43D.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octD557.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\octDD9A.tmp.exe
C:\Users\Hilary\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hilary\AppData\Local\Temp\uttE34D.tmp.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-15 02:06
==================== End Of Log ============================