Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by Holly (administrator) on HOLLYS-LAPTOP (17-03-2017 09:19:33) Running from C:\Users\Holly\Downloads Loaded Profiles: Holly (Available Profiles: Holly) Platform: Windows 10 Home Version 1511 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Advent) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe (DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Wistron Corp.) C:\Program Files\Launch Manager\HotkeyApp.exe (DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADStatusMonitor.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\PickerHost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-26] (Intel Corporation) HKLM-x32\...\Run: [{CDF13D74-E6AA-4006-818A-B360D6A3573C}] => C:\Program Files\Launch Manager\HotkeyApp.exe [415272 2012-03-01] (Wistron Corp.) HKLM-x32\...\Run: [ADStatusMonitor] => C:\PROGRAM FILES (X86)\ADVENT\AIO\STATUSMONITOR\ADStatusMonitor.exe [2790816 2012-10-31] (DSGi) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [114480 2016-10-27] (Panda Security, S.L.) HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{8f060a73-d381-4daa-80ac-0643fe10e761}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{9836a2a1-04cc-4bdc-b6cb-25062c807e97}: [DhcpNameServer] 172.168.130.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3491399957-4132394281-3865697256-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7XXXX SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7XXXX BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-09-19] () BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-10-28] (Atheros Commnucations) BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-09-19] () Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll [2016-09-19] () Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll [2016-09-19] () FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2009-05-01] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-21] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-21] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxp://www.google.co.uk/" CHR Profile: C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default [2017-03-07] CHR Extension: (Google Drive) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google Search) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Google Docs Offline) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22] CHR Extension: (Gmail) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27] CHR Extension: (Chrome Media Router) - C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-01] CHR HKLM\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fagakgcelolinfnkfgekcnedpaklfcok] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Advent AiO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [395200 2012-10-31] (Advent) R2 ADVENT AIO Status Monitor Service; C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe [722336 2012-10-31] (DSGi) S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2011-12-16] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109816 2016-10-24] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-11-06] (Visicom Media Inc.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48584 2016-10-27] (Panda Security, S.L.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation) R2 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [119848 2011-12-21] (Wistron Corp.) R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2011-10-28] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-11] (AVG Technologies) S4 DamageGuard; C:\WINDOWS\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-11] (Lenovo) S4 dgFltr; C:\WINDOWS\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-06-20] (Malwarebytes Corporation) R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [106928 2016-07-05] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211376 2016-07-05] (Panda Security, S.L.) R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [119728 2016-07-05] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [125872 2016-07-05] (Panda Security, S.L.) R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [80152 2016-07-06] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [116656 2016-07-05] (Panda Security, S.L.) R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [90032 2016-07-05] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135088 2016-07-05] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [335792 2016-07-05] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [197040 2016-07-05] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123312 2016-07-05] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [278960 2016-07-05] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125360 2016-07-05] (Panda Security, S.L.) R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.) R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [179120 2016-10-24] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130992 2016-10-24] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207792 2016-10-24] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133552 2016-10-24] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [146864 2016-10-24] (Panda Security, S.L.) R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117168 2016-10-24] (Panda Security, S.L.) R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72112 2016-08-09] (Panda Security, S.L.) R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-17 08:04 - 2017-03-17 09:17 - 00048042 _____ C:\Users\Holly\Downloads\Fixlog.txt 2017-03-16 21:41 - 2017-03-16 21:46 - 00051387 _____ C:\Users\Holly\Downloads\Shortcut.txt 2017-03-16 21:31 - 2017-03-17 08:16 - 00028376 _____ C:\Users\Holly\Downloads\Addition.txt 2017-03-16 21:29 - 2017-03-17 09:19 - 00016968 _____ C:\Users\Holly\Downloads\FRST.txt 2017-03-16 21:28 - 2017-03-17 09:19 - 00000000 ____D C:\FRST 2017-03-16 21:28 - 2017-03-16 21:28 - 02424832 _____ (Farbar) C:\Users\Holly\Downloads\FRST64.exe 2017-03-16 21:25 - 2017-03-16 21:25 - 01766912 _____ (Farbar) C:\Users\Holly\Downloads\FRST.exe 2017-03-15 23:17 - 2017-03-15 23:17 - 00028012 _____ C:\Users\Holly\Downloads\Contract Note (3).pdf 2017-03-15 23:17 - 2017-03-15 23:17 - 00027928 _____ C:\Users\Holly\Downloads\Contract Note (2).pdf 2017-03-15 23:16 - 2017-03-15 23:16 - 00027936 _____ C:\Users\Holly\Downloads\Contract Note (1).pdf 2017-03-15 22:59 - 2017-03-15 22:59 - 00027929 _____ C:\Users\Holly\Downloads\Contract Note.pdf 2017-03-08 23:13 - 2017-03-08 23:13 - 00602112 _____ (OldTimer Tools) C:\Users\Holly\Downloads\OTL (1).exe 2017-03-08 23:10 - 2017-03-17 07:43 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C03AE0F5-EF8F-44BD-8AB1-34DAC66F4A94} 2017-03-08 23:02 - 2017-03-08 23:02 - 00000000 ____D C:\_OTL 2017-03-08 22:42 - 2017-03-08 22:42 - 00003286 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 2017-03-08 22:38 - 2017-03-08 23:18 - 00003988 _____ C:\Users\Holly\Downloads\OTL.Txt 2017-03-08 22:28 - 2017-03-08 22:28 - 00602112 _____ (OldTimer Tools) C:\Users\Holly\Downloads\OTL.exe 2017-03-08 02:33 - 2017-03-08 02:33 - 01101824 _____ C:\Users\Holly\Downloads\v3.3.90_Dll_Files_Fixer_License_Key_Crack_Free_Download (1).iso 2017-03-08 02:31 - 2017-03-08 02:31 - 01101824 _____ C:\Users\Holly\Downloads\v3.3.90_Dll_Files_Fixer_License_Key_Crack_Free_Download.iso 2017-03-08 02:31 - 2017-03-08 02:31 - 00000000 ____D C:\Users\Public\CyberLink 2017-03-08 02:31 - 2017-03-08 02:31 - 00000000 ____D C:\Users\Holly\AppData\Roaming\CyberLink 2017-03-08 00:29 - 2017-03-08 00:35 - 00000000 ____D C:\Program Files (x86)\Safer Technologies 2017-03-07 23:51 - 2017-03-08 00:00 - 00000000 ____D C:\Users\Holly\Documents\depends22_x86 2017-03-01 21:26 - 2017-03-01 21:26 - 00000000 ____D C:\Users\Holly\AppData\Roaming\pandasecuritytb ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-03-17 09:01 - 2017-01-21 12:29 - 00000000 ____D C:\Users\Holly\AppData\LocalLow\pandasecuritytb 2017-03-17 08:53 - 2015-10-30 07:21 - 00000000 ____D C:\WINDOWS\INF 2017-03-17 08:14 - 2016-06-19 18:19 - 01013760 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-03-17 08:11 - 2012-10-10 20:52 - 00000000 ____D C:\Users\Holly\AppData\Local\Adobe 2017-03-17 08:09 - 2012-07-06 08:45 - 01179915 _____ C:\WINDOWS\system32\fastboot.set 2017-03-17 08:07 - 2016-06-19 18:15 - 00000000 ____D C:\ProgramData\Advent 2017-03-17 08:06 - 2017-01-21 12:30 - 00000000 ____D C:\ProgramData\panda_url_filtering 2017-03-17 08:06 - 2016-04-27 06:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-03-17 08:06 - 2015-10-30 06:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2017-03-17 08:04 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2017-03-17 08:04 - 2009-07-14 03:20 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2017-03-17 07:42 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2017-03-15 23:07 - 2015-10-30 07:24 - 00000000 ___HD C:\Program Files\WindowsApps 2017-03-08 22:42 - 2016-06-19 18:58 - 00002422 _____ C:\Users\Holly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2017-03-08 22:42 - 2016-06-19 18:58 - 00000000 ___RD C:\Users\Holly\OneDrive 2017-03-08 21:50 - 2015-10-30 07:24 - 00000000 ____D C:\WINDOWS\rescache 2017-03-08 21:16 - 2013-11-20 22:24 - 00002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-08 02:36 - 2016-04-27 06:29 - 00395936 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-03-08 02:36 - 2013-04-19 00:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2017-03-08 02:36 - 2013-04-19 00:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2017-03-08 02:36 - 2012-07-06 08:38 - 00000000 ____D C:\Program Files\Google 2017-03-08 02:36 - 2012-07-06 08:37 - 00000000 ____D C:\Program Files (x86)\Google 2017-03-08 01:41 - 2013-07-18 22:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2017-03-08 00:37 - 2012-10-10 21:01 - 00000000 ____D C:\Users\Holly\AppData\Local\Google 2017-03-07 23:54 - 2012-10-10 03:44 - 00000000 ____D C:\Users\Holly\AppData\Local\VirtualStore 2017-03-07 22:45 - 2016-10-29 14:32 - 00000000 ____D C:\Users\Holly\AppData\Local\Avg 2017-03-07 22:45 - 2014-12-11 15:26 - 00000000 ____D C:\ProgramData\MFAData 2017-03-07 22:44 - 2016-10-29 14:32 - 00000000 ____D C:\Users\Holly\AppData\Local\AvgSetupLog 2017-03-07 22:44 - 2016-10-29 14:32 - 00000000 ____D C:\ProgramData\Avg 2017-03-07 22:43 - 2015-10-30 07:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2017-03-07 22:27 - 2015-10-30 06:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM ==================== Files in the root of some directories ======= 2014-12-20 00:20 - 2014-12-20 00:20 - 0000034 _____ () C:\Users\Holly\AppData\Roaming\AdobeWLCMCache.dat Some files in TEMP: ==================== 2017-01-21 12:25 - 2017-01-21 12:27 - 57780944 _____ (Panda Security, S.L.) C:\Users\Holly\AppData\Local\Temp\{D7A1FC18-FD86-4A01-970B-8EF0F3FF24D9}.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-15 22:20 ==================== End of FRST.txt ============================