Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Probably infected laptop, gets slower the longer it's running [Sol


  • This topic is locked This topic is locked

#1
arigatou

arigatou

    New Member

  • Member
  • Pip
  • 9 posts

Hello,

 

since this weekend my laptop has been acting weird, supposedly since I updated the Flash player (when attempting to watch a video I was told I should update).

 

The night after the download I noticed that shutting down the computer took more time than usual.

Next day after booting, laptop seemed the usual, it was fast, not a problem at all. But the longer my laptop was running, the slower it got, especially while browsing the internet with Firefox. For example when using the integrated scroll wheel on my Fujitsu the scrolling lagged, but not when I used the arrow keys. That was the time I thought about having been infected with malware, so I ran a scan with Hitman Pro (the free-trial of which is already expired). No results. I ran another scan with Avast, during which my computer froze up completely: Black screen, only the Avast window was showing, but it was glitchy and flashed. I had to manually shut down the computer. After booting up, it was normal again.

 

Today the same [bleep] happened. In addition to that above, light documents like a pdf took a long long time to open up. I should have enough RAM for easy tasks like that....

 

Now that I'm writing this, I thought maybe I should have tried deleting and re-install Flash on my own... but well, I hope you can help me. Thanks in advance.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by user (administrator) on PC on 06-07-2015 19:46:42
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Softex\OmniPass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Softex\OmniPass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DEUService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe
Failed to access process -> LogonUI.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\updnavi\updnvsrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\32\WacomDesktopCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Softex Inc.) C:\Program Files\Softex\OmniPass\scureapp.exe
() C:\Program Files\Softex\OmniPass\Hook\OpHook32BitProcess.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\updnavi\updatenv.exe
(Dropbox, Inc.) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files (x86)\FJ Camera\Monitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13192848 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1215632 2012-08-17] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [OmniPass] => C:\Program Files\Softex\OmniPass\scureapp.exe [4563968 2012-08-21] (Softex Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [FJUPDNV_Chitose] => C:\Program Files\Fujitsu\updnavi\updatenv.exe [159744 2012-08-16] (FUJITSU LIMITED)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [FJ Camera_Monitor] => C:\Program Files (x86)\FJ Camera\monitor.exe [303480 2012-08-16] ()
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-06-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167024 2012-06-27] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-07-02] (Avast Software s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [HTC Sync Loader] => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [659456 2013-09-03] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\Run: [Dropbox Update] => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-22] (Dropbox, Inc.)
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\MountPoints2: {06c8776b-78c9-11e4-beaf-0c84dce655d4} - "G:\LaunchU3.exe" -a
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File not found
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs: , C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-09]
ShortcutTarget: Dropbox.lnk -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll [2013-12-13] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-02] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1013127233-584665721-2545326128-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fujitsu13.msn.com
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://hk.fujitsu.com/pc
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://hk.fujitsu.com/pc
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1013127233-584665721-2545326128-1002 -> URL http://www.trovigo.c...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1013127233-584665721-2545326128-1002 -> SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{B0BB7374-E9D5-4345-94B3-6F22B6C11099}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E8FFF434-C67F-4DB5-A044-7DA788B80475}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-07-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2013-12-19] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-03] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-03-04] (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2013-12-19] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-1013127233-584665721-2545326128-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\searchplugins\duckduckgo.xml [2014-03-17]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\[email protected] [2015-01-25]
FF Extension: Lavasoft Search Plugin - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\[email protected] [2014-01-11]
FF Extension: Rikaichan Japanese-English Dictionary File - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\[email protected] [2015-05-29]
FF Extension: XHTML Ruby Support - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{0620B69D-7B58-416d-A92A-0198860C2757} [2014-01-11]
FF Extension: Rikaichan - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2015-05-29]
FF Extension: Delicious Bookmarks - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9} [2014-01-11]
FF Extension: Gmail Notifier - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e} [2014-01-11]
FF Extension: Names Dictionary for rikaichan - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{566D6332-1439-43bf-857E-7AD5F137AD0C} [2014-01-11]
FF Extension: Fancy Numbered Tabs - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{602E0D2D-7710-4d47-A32C-998398DB993D} [2014-01-11]
FF Extension: Japanese-English Dictionary for rikaichan - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{6D898772-AD34-4c16-86BB-9DE787A5DEA0} [2014-01-11]
FF Extension: ProxTube - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\[email protected] [2014-09-12]
FF Extension: Session Manager - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2014-01-11]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-07-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-07-02] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-07-02] (Avast Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Cachedrv server; C:\Program Files\Softex\OmniPass\cachesrvr.exe [114688 2012-08-21] () [File not signed]
R2 DataExchangeUtilityService; C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DEUService.exe [253232 2012-08-10] (FUJITSU LIMITED)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
S3 FJQuickPowerOn; C:\Program Files\Fujitsu\QuickPowerOn\QuickPowerOn.exe [165784 2012-08-14] (FUJITSU LIMITED)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [80752 2012-07-19] (FUJITSU LIMITED)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-06-16] (SurfRight B.V.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Softex\OmniPass\OmniServ.exe [83456 2012-08-21] (Softex Inc.) [File not signed]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; c:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608 2012-08-07] (FUJITSU LIMITED)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 UpdateNaviInstallService; C:\Program Files\Fujitsu\updnavi\updnvsrv.exe [14336 2011-06-28] (FUJITSU LIMITED) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [635160 2014-04-22] (Wacom Technology, Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-07-02] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-07-02] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-02] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-07-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-07-02] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-07-02] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-07-02] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-07-02] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-17] (Disc Soft Ltd)
R0 FJGSDis2; C:\Windows\System32\DRIVERS\FJGSDis2.sys [17816 2012-09-23] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [16368 2012-08-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [17264 2012-08-01] (FUJITSU LIMITED)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [43664 2015-07-06] ()
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3346912 2013-10-31] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [1058296 2012-08-14] (Sunplus)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-02] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 19:46 - 2015-07-06 19:48 - 00026825 _____ C:\Users\user\Desktop\FRST.txt
2015-07-06 19:46 - 2015-07-06 19:46 - 00043664 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2015-07-06 19:46 - 2015-07-06 19:46 - 00000000 ____D C:\FRST
2015-07-06 19:32 - 2015-07-06 19:32 - 02112512 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-07-03 15:26 - 2015-07-03 23:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-02 23:04 - 2015-07-02 23:05 - 13027840 _____ C:\Users\user\Downloads\LH772_Manual_Win8.exe
2015-07-02 22:57 - 2015-07-02 22:57 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-07-02 22:57 - 2015-07-02 22:57 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-07-02 22:33 - 2015-07-02 22:33 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-07-02 22:33 - 2015-07-02 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP170
2015-07-02 22:32 - 2015-07-02 22:32 - 15893832 _____ C:\Users\user\Downloads\mp170win64111ea13.exe
2015-07-02 22:32 - 2008-04-03 05:00 - 00235520 _____ (CANON INC.) C:\WINDOWS\system32\CNMLM7J.DLL
2015-07-02 22:32 - 2008-02-07 16:00 - 00270848 _____ (CANON INC.) C:\WINDOWS\system32\CNCC170.DLL
2015-07-02 22:32 - 2008-02-07 15:59 - 00049664 _____ (CANON INC.) C:\WINDOWS\system32\CNCI170.DLL
2015-07-02 22:32 - 2006-06-29 14:30 - 00017408 _____ (Canon Inc.) C:\WINDOWS\system32\cncisco.x64.dll
2015-07-02 22:32 - 2005-10-11 18:15 - 00109568 _____ (Canon Inc.) C:\WINDOWS\system32\CNCL170.DLL
2015-07-02 22:18 - 2015-07-02 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-07-02 22:18 - 2015-07-02 22:18 - 00000000 ____D C:\Program Files\Canon
2015-07-02 22:18 - 2015-07-02 22:18 - 00000000 ____D C:\Program Files (x86)\Canon
2015-07-02 21:50 - 2015-07-02 21:50 - 05541448 _____ C:\Users\user\Downloads\mypr-win-3_2_1-ea11_2.exe
2015-07-02 12:10 - 2015-07-02 12:10 - 00001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-02 12:10 - 2015-07-02 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-02 12:08 - 2015-07-02 12:08 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-07-02 12:07 - 2015-07-02 12:07 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-27 12:12 - 2015-06-27 12:12 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-22 02:26 - 2015-06-22 02:26 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-22 02:25 - 2015-07-06 19:30 - 00000920 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002UA.job
2015-06-22 02:25 - 2015-07-06 02:30 - 00000868 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002Core.job
2015-06-22 02:25 - 2015-06-22 02:25 - 00003864 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002UA
2015-06-22 02:25 - 2015-06-22 02:25 - 00003484 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002Core
2015-06-22 02:25 - 2015-06-22 02:25 - 00000000 ____D C:\Users\user\AppData\Local\Dropbox
2015-06-22 02:25 - 2015-06-22 02:25 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-15 15:00 - 2015-06-15 15:00 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-06-15 14:59 - 2015-06-15 14:59 - 00000000 ____D C:\Users\Public\Documents\Hewlett-Packard
2015-06-12 16:18 - 2015-06-12 16:18 - 00000000 ____D C:\Users\user\AppData\Local\GWX
2015-06-10 15:28 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 15:28 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 15:28 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 15:28 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 15:28 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 15:28 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 15:28 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 15:28 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 15:28 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 15:28 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 15:28 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 15:28 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 15:28 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 15:28 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 15:28 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 15:28 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 15:28 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 15:28 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 15:28 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 15:28 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 15:28 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 15:28 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 15:28 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 15:28 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 15:28 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 15:28 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 15:28 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 15:28 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 15:28 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 15:28 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 15:28 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 15:28 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 15:28 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 15:28 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 15:28 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 15:28 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 15:28 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 15:28 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 15:28 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 15:28 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 15:28 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 15:28 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 15:28 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 15:28 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 15:28 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 15:28 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 15:28 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 15:28 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 15:28 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 15:28 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 15:28 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 15:28 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 15:28 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 15:28 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 15:28 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 15:28 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 15:28 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 15:28 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 15:28 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 15:28 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 15:28 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 15:28 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 15:28 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 15:28 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 15:28 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 15:28 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 15:28 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 15:28 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 15:28 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 15:28 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 15:28 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 15:28 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 15:27 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 19:43 - 2014-01-11 00:27 - 00000000 ___RD C:\Users\user\Dropbox
2015-07-06 19:43 - 2014-01-11 00:16 - 00000000 ____D C:\Users\user\AppData\Roaming\Dropbox
2015-07-06 19:41 - 2014-10-28 14:12 - 00203264 ___SH C:\Users\user\Desktop\Thumbs.db
2015-07-06 19:41 - 2014-10-23 18:20 - 01378680 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-06 19:40 - 2013-08-22 16:46 - 00328551 _____ C:\WINDOWS\setupact.log
2015-07-06 19:40 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-06 19:39 - 2014-10-23 18:20 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-06 19:33 - 2014-01-17 10:08 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-06 19:03 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-06 18:41 - 2014-01-07 18:57 - 00000000 ____D C:\Users\user\AppData\Roaming\ClassicShell
2015-07-06 18:28 - 2014-11-13 20:58 - 00003898 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C89F2144-D747-4F7C-A985-2AE4E7FFC688}
2015-07-06 17:13 - 2014-11-13 20:58 - 00000000 __SHD C:\Users\user\AppData\Local\EmieUserList
2015-07-06 17:13 - 2014-11-13 20:58 - 00000000 __SHD C:\Users\user\AppData\Local\EmieSiteList
2015-07-06 17:13 - 2014-11-13 20:58 - 00000000 __SHD C:\Users\user\AppData\Local\EmieBrowserModeList
2015-07-06 02:01 - 2014-01-08 20:10 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-07-05 18:18 - 2014-04-27 12:54 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-07-05 17:51 - 2014-10-26 15:07 - 00007598 _____ C:\Users\user\AppData\Local\resmon.resmoncfg
2015-07-04 14:56 - 2013-08-22 16:44 - 06022648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-07-03 23:10 - 2014-09-24 09:03 - 00036508 _____ C:\WINDOWS\PFRO.log
2015-07-03 23:10 - 2014-01-08 20:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-03 17:38 - 2014-01-17 10:08 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-07-02 23:34 - 2014-01-07 18:38 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1013127233-584665721-2545326128-1002
2015-07-02 22:47 - 2015-05-07 00:07 - 04265472 ___SH C:\Users\user\Documents\Thumbs.db
2015-07-02 22:33 - 2014-01-13 03:07 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-07-02 22:33 - 2013-08-22 17:36 - 00000000 __RSD C:\WINDOWS\Media
2015-07-02 22:28 - 2014-09-24 09:15 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-02 22:25 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-07-02 21:58 - 2014-04-27 12:54 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-07-02 21:57 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-02 12:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-02 12:08 - 2014-08-15 22:23 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-02 12:08 - 2014-04-27 12:54 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-02 12:08 - 2014-04-27 12:54 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-02 12:08 - 2014-04-27 12:54 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-02 12:08 - 2014-04-27 12:54 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-02 12:08 - 2014-04-27 12:54 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-02 12:07 - 2014-04-27 12:54 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-01 16:29 - 2015-03-31 11:51 - 00001456 _____ C:\Users\user\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-06-27 02:10 - 2014-05-01 12:08 - 00000000 ____D C:\Users\user\AppData\Roaming\MusicBee
2015-06-24 16:58 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-22 04:13 - 2014-06-12 09:35 - 00000132 _____ C:\Users\user\AppData\Roaming\Adobe PNG Format CC Prefs
2015-06-20 05:02 - 2015-05-14 22:49 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2015-05-14 22:49 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-15 11:16 - 2015-01-04 19:19 - 00000000 ____D C:\Users\user\AppData\Local\Htc
2015-06-12 17:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-11 00:55 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-11 00:55 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 18:39 - 2014-01-14 12:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 18:31 - 2014-01-14 12:15 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 01:38 - 2014-12-13 03:25 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 01:38 - 2014-09-24 11:50 - 00000000 ___SD C:\WINDOWS\system32\CompatTel

==================== Files in the root of some directories =======

2014-12-10 10:48 - 2015-01-26 06:26 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe GIF Format CC Prefs
2014-06-12 09:35 - 2015-06-22 04:13 - 0000132 _____ () C:\Users\user\AppData\Roaming\Adobe PNG Format CC Prefs
2015-03-31 11:51 - 2015-07-01 16:29 - 0001456 _____ () C:\Users\user\AppData\Local\Adobe Save for Web 13.0 Prefs
2014-12-09 16:37 - 2015-04-30 09:09 - 0006144 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-26 15:07 - 2015-07-05 17:51 - 0007598 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf1wanr.dll
C:\Users\user\AppData\Local\Temp\HitmanPro.exe
C:\Users\user\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-05 19:50

==================== End of log ============================

 

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by user at 2015-07-06 19:49:39
Running from C:\Users\user\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1013127233-584665721-2545326128-500 - Administrator - Disabled)
Guest (S-1-5-21-1013127233-584665721-2545326128-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1013127233-584665721-2545326128-1004 - Limited - Enabled)
user (S-1-5-21-1013127233-584665721-2545326128-1002 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1210 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.0 - Adobe Systems Incorporated)
Anytime USB Charge Utility (HKLM-x32\...\InstallShield_{A794229E-401E-44D4-A8B5-B21E975676DE}) (Version: 2.01.00.001 - FUJITSU LIMITED)
Anytime USB Charge Utility (Version: 2.01.00.001 - FUJITSU LIMITED) Hidden
AuthenTec WinBio FingerPrint Software 64-bit (HKLM\...\{F888B1E9-64E3-479D-91DB-2D9193C39535}) (Version: 3.4.1.1013 - AuthenTec, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.3.0-3 - Wacom Technology Corp.)
Battery Utility (HKLM-x32\...\InstallShield_{BCC8CBC4-0F36-4F2A-B9C6-717FDF266C90}) (Version: 4.01.00.001 - FUJITSU LIMITED)
Battery Utility (Version: 4.01.00.001 - FUJITSU LIMITED) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bullzip PDF Printer 10.2.0.2141 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.2.0.2141 - Bullzip)
Canon iX4000 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX4000) (Version:  - )
Canon MP170 (HKLM\...\{91175441-4E5D-4e13-B116-828FD352CDB2}) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.5413 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4302.02 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3026 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Data Exchange Utility (HKLM-x32\...\InstallShield_{A6D7AC7D-BE4B-43FF-A887-5372F37B413C}) (Version: 2.2.0.0 - FUJITSU LIMITED)
Data Exchange Utility (x32 Version: 2.2.0.0 - FUJITSU LIMITED) Hidden
Disc Burning Utility (HKLM-x32\...\{C5DEA189-ADE3-477C-85AC-9A3F1637394A}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Dropbox (HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Face Sense Utility Settings (HKLM-x32\...\FaceSave) (Version: 3.0.0.1 - FUJITSU LIMITED)
FJ Camera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.4.9.7 - SunplusIT)
Fontlab TypeTool 3 (HKLM-x32\...\TypeTool 3.1_is1) (Version: 3.1 - FontLab)
Fujistu Screen Saver (HKLM-x32\...\{C5955D8A-8913-48B2-A77B-4D4F8B9EB0D6}) (Version: 2.2.0.1 - FUJITSU LIMITED)
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.0.0 - FUJITSU LIMITED)
Fujitsu BIOS Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.5.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.5.0.0 - FUJITSU LIMITED) Hidden
FujitsuShockSensorUtility (HKLM-x32\...\InstallShield_{EAD3A239-5029-4067-9071-47763DC249DD}) (Version: V7.01.00.001 - FUJITSU LIMITED)
FujitsuShockSensorUtility (Version: 7.01.00.001 - FUJITSU LIMITED) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.5.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
Inst5676 (Version: 8.00.09 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E750D823-ACEF-4404-9B9B-C4CD67CD7498}) (Version: 15.05.3000.1493 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.5.0.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.5.0.0 - FUJITSU LIMITED) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.0.2.0 - Lightworks)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 CHS (HKLM-x32\...\{F545A42B-9A13-4DAC-B814-68AE8FBB88EE}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 CHT (HKLM-x32\...\{BA8A4455-A3F7-4D0F-B9B0-5F74CB97EA58}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 CHS (HKLM\...\{1BD5AD20-B984-4698-9CA8-D33B2EE5A219}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 CHT (HKLM\...\{41C7D282-B92B-4190-8B40-EC9EDEBCC9EC}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
MyRecovery (HKLM-x32\...\InstallShield_{70140D68-13DF-427D-8FD8-F8C8EEF8A641}) (Version: 2.1.0.0 - FUJITSU LIMITED)
MyRecovery (x32 Version: 2.1.0.0 - FUJITSU LIMITED) Hidden
NSIS Birdfont (HKLM-x32\...\Birdfont) (Version:  - )
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OmniPass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.09(x64) - Softex Inc.)
OmniPass (Version: 8.00.09(x64) - Softex Inc.) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
Power Button Setting (HKLM-x32\...\InstallShield_{43C6E7CB-FEC0-4F0D-B164-410E8A728CF4}) (Version: 2.0.0.0 - FUJITSU LIMITED)
Power Button Setting (Version: 2.0.0.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{E50AF275-8A41-4FCF-847B-D6E60018F388}) (Version: 33.01.00.000 - FUJITSU LIMITED)
Power Saving Utility (Version: 33.01.00.000 - FUJITSU LIMITED) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6714 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roxio Creator LJ (HKLM-x32\...\{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}) (Version: 12.2.33.1 - Roxio)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shock Sensor Driver (HKLM-x32\...\InstallShield_{7ABCD56B-9C61-40FA-AB93-A8C3E2812074}) (Version: 2.01.00.000 - FUJITSU LIMITED)
Shock Sensor Driver (Version: 2.01.00.000 - FUJITSU LIMITED) Hidden
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1520.1 - Microsoft Corporation) Hidden
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{15015752-9990-4516-A2B1-93823281FB8E}) (Version: 15.0.1759 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
Update Navi (HKLM\...\{47BC37A3-35C8-484A-8CBD-851914EB095E}) (Version: 1.3.0019 - FUJITSU LIMITED)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-4 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.2100 - Broadcom Corporation)
Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System  (06/09/2012 1.23) (HKLM\...\7D737DCFBBA92B6A4335FA93E0B846D9D2DE908E) (Version: 06/09/2012 1.23 - FUJITSU LIMITED)
Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System  (06/22/2012 1.30.0.0) (HKLM\...\3DCA6835C7741E181396F76FD94C05C19F4124A9) (Version: 06/22/2012 1.30.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.0.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (Version: 1.0.0.0 - FUJITSU LIMITED) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1013127233-584665721-2545326128-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)

==================== Restore Points =========================

10-06-2015 18:30:00 Windows Update
22-06-2015 21:51:08 Scheduled Checkpoint
02-07-2015 12:06:13 avast! antivirus system restore point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0626E921-2D88-4746-A7FF-3BE57573FE6A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {0901DE56-A7D8-4067-9E88-88E7E11DC66E} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => c:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2012-08-07] (FUJITSU LIMITED)
Task: {12E243BF-1FB1-4173-993E-D9426F8E9928} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-05] (FUJITSU LIMITED)
Task: {17617188-AC53-4A9C-85EB-827E6C322219} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {2B72D61A-208E-4EA5-9B49-1721B6228E40} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {2E5E1C87-AAB7-46BF-BCC2-7921F87C5712} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002Core => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {2FF54E68-4334-400B-A114-922A91873DA9} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {35A4AD58-573C-44BA-9D94-E9A56A6B16C3} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2012-08-05] (FUJITSU LIMITED)
Task: {4547D5E6-3782-449C-A270-415409D38BBE} - System32\Tasks\Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {481E55B8-93DE-48D7-9522-2E74E17F9BD5} - System32\Tasks\Fujitsu\QuickPowerOn\StartService => C:\Program Files\Fujitsu\QuickPowerOn\QuickPowerOn.exe [2012-08-14] (FUJITSU LIMITED)
Task: {4DB4AD4B-385B-461A-802C-74B4B3B6D39F} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {529F5245-C635-4772-80C6-F8C3B92C328F} - System32\Tasks\Fujitsu\SSUTY\FJSSDaemon => C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [2012-09-06] (FUJITSU LIMITED)
Task: {626ADFE3-5BC7-4C4A-8C14-B45FD61FB7A2} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {658F3A70-3CBA-4539-8052-6D0FCC532C04} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {79FEDDF0-DACD-4BC1-B63E-03DD1065DEAF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-03] (Adobe Systems Incorporated)
Task: {7E8A91AD-B0CD-49F3-A312-3E95343E1BA3} - System32\Tasks\{ED1A467D-B6F0-41A6-9B88-E08C3B528F3E} => Firefox.exe http://www.skype.com...8;LastError=404
Task: {8400509E-0F1A-4BD3-B95F-7C7C2CD7EEEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {8433F905-F0D1-449E-BF28-ECB6A3D88678} - System32\Tasks\Fujitsu\Battery Utility\Fujitsu Battery Utility => c:\Program Files\Fujitsu\BatteryAid2\BatteryDaemon.exe [2012-08-10] (FUJITSU LIMITED)
Task: {86431070-0F21-408B-A77F-1BCB57BDAD12} - System32\Tasks\{64026608-F2E8-4C9C-8C09-C2ED700F66C4} => pcalua.exe -a G:\autorun.exe -d G:\
Task: {8CD54CB9-53F4-4236-BFB9-8885C3C96EFF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002UA => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {93B271E0-2895-499F-AD12-36F4AF4FB9CC} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {94D53B6E-8C12-4538-8F3F-8446E9933FE7} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {998E50A9-6CB2-4E8E-A907-B1E37B2091E9} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {9EE9B3FC-9958-439C-9335-F7B188E21E92} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {A6C802DC-2281-4F1D-B9FB-EDC4B723142A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {A75662CA-CAE9-43BB-8BC3-12422959D615} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {AC012F04-BB2F-4EF3-83AA-0A69D5C4DDDD} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {AC0E1146-4130-4572-BF5C-BA74734CCD54} - System32\Tasks\AdobeAAMUpdater-1.0-pc-user => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {C469FD65-90E7-4438-A929-C529600702A4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {C610F6A2-BFFD-4180-A436-644D5F88962F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-02] (Avast Software s.r.o.)
Task: {D12904A8-78E1-49AB-ACD5-679ECFFF9D8B} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {DC82980A-A29A-4A42-9D87-5FF7E22FA764} - System32\Tasks\Fujitsu\QuickPowerOn\Execute => C:\Program Files\Fujitsu\QuickPowerOn\QuickPowerOn.exe [2012-08-14] (FUJITSU LIMITED)
Task: {E9F0AA72-CBCF-460D-97AB-342134B86C61} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {F4C6537C-F9E8-425C-B8CE-5E7A8E147B3A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {F7D088D6-9A0A-4FA8-BD85-463573D6EC15} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: {FA1A82B3-E5F5-40B9-AAF5-596C4EF49A82} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2012-08-21] (FUJITSU LIMITED)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002Core.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1013127233-584665721-2545326128-1002UA.job => C:\Users\user\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-05-13 10:52 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-23 18:20 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-21 05:25 - 2012-08-21 05:25 - 00114688 _____ () C:\Program Files\Softex\OmniPass\cachesrvr.exe
2012-08-21 05:32 - 2012-08-21 05:32 - 00644608 _____ () C:\Program Files\Softex\OmniPass\cachedrv.dll
2012-08-21 05:23 - 2012-08-21 05:23 - 00039936 _____ () C:\Program Files\Softex\OmniPass\ssplogon.dll
2012-08-21 05:23 - 2012-08-21 05:23 - 00052736 _____ () C:\Program Files\Softex\OmniPass\RandomPass.dll
2012-08-21 05:23 - 2012-08-21 05:23 - 00021504 _____ () C:\Program Files\Softex\OmniPass\cryptodll.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-08-21 05:25 - 2012-08-21 05:25 - 00065024 _____ () C:\Program Files\Softex\OmniPass\SCUREDLL.dll
2012-08-21 05:24 - 2012-08-21 05:24 - 00070656 _____ () C:\Program Files\Softex\OmniPass\opfsdll.dll
2012-09-04 22:31 - 2012-09-04 22:31 - 00047480 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\BtwLeAPI.dll
2015-01-04 19:15 - 2012-12-07 18:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2012-09-23 06:32 - 2009-04-17 11:01 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-01-17 11:33 - 2012-11-14 15:45 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-04-24 22:22 - 2014-04-22 00:30 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-08-21 05:28 - 2012-08-21 05:28 - 00065536 _____ () C:\Program Files\Softex\OmniPass\hook\OpHook32BitProcess.exe
2012-08-16 10:20 - 2012-08-16 10:20 - 00303480 _____ () C:\Program Files (x86)\FJ Camera\Monitor.exe
2015-07-02 12:07 - 2015-07-02 12:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-02 12:07 - 2015-07-02 12:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-06 12:56 - 2015-07-06 12:56 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070601\algo.dll
2012-08-21 03:52 - 2012-08-21 03:52 - 00061440 _____ () C:\Program Files\Softex\OmniPass\hook\SCUREDLL.dll
2014-05-13 10:52 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-07-06 19:43 - 2015-07-06 19:43 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpf1wanr.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00750080 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00047616 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00865280 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00200704 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00726016 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-03-04 23:45 - 2015-03-19 09:15 - 00010240 _____ () C:\Users\user\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-07-02 12:08 - 2015-07-02 12:08 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-23 02:40 - 2012-06-25 03:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\user\AppData\Local\bKybmSZ6y4dm:vrambPYR6mj1ta6MJ8fYSH4lS

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1013127233-584665721-2545326128-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\user\Desktop\mad-men-1920x1080-wallpaper-1637623.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "HTC Sync Loader"
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{293F16F7-BB6E-4FF7-8821-D08FE31B9892}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A2E7CF4E-6619-49A3-9E95-1630FAA6D7B8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C615EEBD-FC26-4314-B729-BF9AE87DAB87}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{963A987E-2C0E-4A50-AD54-12F842D860AE}C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\user\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{DF987D4B-4C7C-4AAF-9437-65DFD8DC094F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E975F613-BED7-4EB9-A76B-C306D2B636AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3E28D82F-E8A2-4CAB-86C9-95E9AF192FF6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F11BBC90-BB56-402E-8A55-F2A137590A9C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5C456860-E1B3-48A5-8094-2DC49AE83A64}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C3ED5A2E-C118-4652-8069-E56AC7DE06C7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8B685BE6-2666-421C-8F94-4EBAD3C1CE75}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F62E59A5-FA81-420D-B1AE-4990EF955DEC}] => (Allow) C:\Users\user\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{831FA4E1-7E8F-43C6-83C7-C8C62F2AA8F2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A7A621F4-DFB8-4C9D-8562-6E7B0CAFBF9A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{9FAB70D9-E91A-4785-BAAB-3C8688EA2F7C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{50ED4FAD-F619-4862-ABF3-E1D50B84B62E}] => (Allow) C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DEUService.exe
FirewallRules: [{219B33C3-2391-465A-947A-E1CCC0B7BD0F}] => (Allow) C:\Program Files (x86)\Fujitsu\DataExchangeUtility\DataExchangeUtility.exe
FirewallRules: [{F20B0A3F-6989-49FD-9013-4B36F1983593}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{19581DDF-4669-4BE0-ABE7-B79BE31149F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9E3A1647-88DF-41AC-B655-F79D1006FA8F}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [UDP Query User{FBAB9114-30EB-4CA5-A35B-B3577B4CA025}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [{C98426DF-7D5A-4DFA-8E8C-2523BD527C9E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{65680A50-A987-4BC9-B620-18EB85ACF5FF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{710334B0-03DE-43C9-9E30-E656D0BC46FF}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{32DA3C64-CF2D-4179-AC1A-2CD99C5CBD8B}] => (Allow) C:\Program Files\Lightworks\Lightworks.exe
FirewallRules: [{8C40C892-F359-4137-86CF-E2595E831E42}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F89365F0-6923-4C81-A195-4BEDAB686636}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{F9BBBEE2-E5B2-408B-9890-A29E4037FB53}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{3CCB7C46-E88C-423B-B7E3-915FC7F1C781}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{B424D2A3-E559-4FC5-94E3-04DD5422BB6B}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{7F3F244E-759F-4EB6-8675-6AEDD490D38B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4BA69A4A-2DAF-4649-9B31-913BE45292F3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6A62A106-A795-4F5B-8419-668DACC48171}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{711863F4-7940-4316-8A2C-3A9551E71199}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2015 07:40:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: LogonUI.exe, version: 6.3.9600.17415, time stamp: 0x5450541b
Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000374
Fault offset: 0x00000000000f0f20
Faulting process id: 0x3d0
Faulting application start time: 0xLogonUI.exe0
Faulting application path: LogonUI.exe1
Faulting module path: LogonUI.exe2
Report Id: LogonUI.exe3
Faulting package full name: LogonUI.exe4
Faulting package-relative application ID: LogonUI.exe5

Error: (07/06/2015 07:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:34 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:02 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:37:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]


System errors:
=============
Error: (07/06/2015 07:41:03 PM) (Source: DCOM) (EventID: 10016) (User: pc)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcuserS-1-5-21-1013127233-584665721-2545326128-1002LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/06/2015 07:41:03 PM) (Source: DCOM) (EventID: 10016) (User: pc)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcuserS-1-5-21-1013127233-584665721-2545326128-1002LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/06/2015 07:41:03 PM) (Source: DCOM) (EventID: 10016) (User: pc)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcuserS-1-5-21-1013127233-584665721-2545326128-1002LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/06/2015 07:41:02 PM) (Source: DCOM) (EventID: 10016) (User: pc)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}pcuserS-1-5-21-1013127233-584665721-2545326128-1002LocalHost (Using LRPC)UnavailableUnavailable

Error: (07/06/2015 07:40:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® PROSet/Wireless Zero Configuration Service service terminated with the following error:
%%2147770990

Error: (07/06/2015 07:39:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:35:01 PM on ‎7/‎6/‎2015 was unexpected.

Error: (07/06/2015 07:20:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (07/06/2015 02:31:34 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 172.20.29.6.
The computer with the IP address 172.20.29.164 did not allow the name to be claimed by
this computer.

Error: (07/06/2015 02:06:35 PM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/06/2015 02:06:03 PM) (Source: DCOM) (EventID: 10010) (User: pc)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office:
=========================
Error: (07/06/2015 07:40:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LogonUI.exe6.3.9600.174155450541bntdll.dll6.3.9600.17736550f4336c000037400000000000f0f203d001d0b812c361015fC:\WINDOWS\system32\LogonUI.exeC:\WINDOWS\SYSTEM32\ntdll.dll1db103fc-2406-11e5-bed5-e018770f2bc0

Error: (07/06/2015 07:38:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:34 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:29 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:18 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:13 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:07 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:38:02 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (07/06/2015 07:37:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]


CodeIntegrity Errors:
===================================
  Date: 2015-07-02 19:26:43.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:42.478
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:41.803
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:41.284
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:40.691
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:39.975
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:39.289
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:38.815
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:38.297
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-07-02 19:26:37.764
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel® Core™ i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 27%
Total physical RAM: 8052.47 MB
Available physical RAM: 5838.18 MB
Total Virtual: 10868.47 MB
Available Virtual: 8537.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.38 GB) (Free:370.68 GB) NTFS
Drive d: () (Fixed) (Total:454.82 GB) (Free:297.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B2A4D5E9)

Partition: GPT Partition Type.

==================== End of log ============================

 


  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

I'm reviewing your logs now.


  • 0

#3
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Hello Brian, thank you for helping me.

I'm backing up my personal files, that I have on another partition away from the system files.

Glad to follow your next instructions.


  • 0

#4
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Go ahead and uninstall Hitman Pro (It can render your machine unbootable if you don't know what you are doing with this tool) and then please do the following.

 

Step#1 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Cleaning"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

Step#2 - JRT
1. Download Junkware Removal Tool to your desktop.
1. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
2. The tool will open and start scanning your system.
3. Please be patient as this can take a while to complete depending on your system's specifications.
4. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
5. Close the text file and reboot your machine.
6. Post the contents of JRT.txt into your next message.

 

Step#3 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   474bytes   70 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

 

Items for your next post

1. Adwcleaner log

2. Junkware log

3. Fixlog

 

 


  • 0

#5
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Ran the ADW Cleaner and while scanning, it now says: "Waiting for action. Please uncheck the elements you want to keep."

Shuffling through the results I see there are 3 documents:

In the tab "registry" there are two keys -- HKCU/Software/Squeaky -- and -- HKCU64/Software/Squeaky

In the tab "files" there is the one that has the path C:/users/user/AppData/Roaming/Mozilla/Firefox/Profiles/niy22z4p.default/foxydeal.sqlite

All above / are supposed to be backslashes of course.

 

Is this supposed to happen and should I go on to Cleaning, deleting above files?


  • 0

#6
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Yes go ahead and clean. If you see an item that you know is good and don't want to remove then you can uncheck it.


  • 0

#7
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

1___

 

 

# AdwCleaner v4.207 - Logfile created 07/07/2015 at 17:53:35
# Updated 21/06/2015 by Xplode
# Database : 2015-07-05.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : user - PC
# Running from : C:\Users\user\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\niy22z4p.default\foxydeal.sqlite

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Squeaky

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 de)


*************************

AdwCleaner[R0].txt - [2284 bytes] - [19/05/2014 18:37:21]
AdwCleaner[R1].txt - [1011 bytes] - [07/07/2015 17:41:42]
AdwCleaner[S0].txt - [2192 bytes] - [19/05/2014 18:43:59]
AdwCleaner[S1].txt - [901 bytes] - [07/07/2015 17:53:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [959  bytes] ##########

 

 

2___

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.5 (07.07.2015:2)
OS: Windows 8.1 x64
Ran by user on Tue 07/07/2015 at 18:02:42.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\user\appdata\local\crashrpt



~~~ FireFox

Successfully deleted: [Folder] C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\niy22z4p.default\extensions\{0aa9101c-d3c1-4129-a9b7-d778c6a17f82}
Emptied folder: C:\Users\user\AppData\Roaming\mozilla\firefox\profiles\niy22z4p.default\minidumps [4 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/07/2015 at 18:07:32.57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

3___

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by user at 2015-07-07 18:11:55 Run:1
Running from C:\Users\user\Desktop
Loaded Profiles: user (Available Profiles: user)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File not found
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1013127233-584665721-2545326128-1002 -> URL http://www.trovigo.c...rchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1013127233-584665721-2545326128-1002 -> SuggestionsURL_JSON http://suggest.searc...x={searchTerms}
EmptyTemp:
*****************

Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => value data removed successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\URL => value removed successfully
HKU\S-1-5-21-1013127233-584665721-2545326128-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\SuggestionsURL_JSON => value removed successfully
EmptyTemp: => 9.3 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 18:17:30 ====
 


  • 0

#8
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thank you. Please uninstall Malwarebytes Anti-Malware Version 2.0.1.1004 as we are going to be installing a new version (2.1.8.1057). Then please follow the instructions below.

 

Step#1 - Malwarebytes Scan


  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator. Answer Yes when asked to Allow.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#2 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 


  • 0

#9
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/7/2015
Scan Time: 8:33 PM
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.07.07.05
Rootkit Database: v2015.07.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: user

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 367466
Time Elapsed: 41 min, 29 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)


  • 0

#10
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Excellent. How is your machine running now?


  • 0

#11
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

So far no problems at all! I'll try leave my laptop running a few days and see how it works out for me. But I got a good feeling on that.

Thank you so much for the help, I appreciate it!

 

Do you know of any good up-to-date information on malware that is easy to understand for not too tech-savvy persons like me? I'd love to read up on that.

And which program should I use to protect my machine? Is it necessary to buy expensive protection or is, lets say the Windows Defender or so good enough?


Edited by arigatou, 07 July 2015 - 04:21 PM.

  • 0

#12
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I'll provide you some information below. Malware is a massive topic so to point you to some resources I would really need to know specifically what you are interested in. If you are simply interested in staying safe online you will find that below. Also, Windows Defender is good enough. If it were my machine I would uninstall Avast Free Antivirus and just keep Windows Defender enabled but that's your choice. There is no need to purchase antivirus.

 

 

OK! Well done, your computer is clean again! :thumbsup: Part of our jobs here is to help you clean your computer. But beyond that and just as important is to provide you with some information to keep you safe and secure on the net as well as to share knowledge. Following is that information.
 
1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.
Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
Note: Delete any  other .bat, .log, .reg, .txt,  and any other files created during this process, and left on the desktop and empty the Recycle Bin.
 
2. Windows Updates
Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
1. Click the Start Orb in the lower left corner of the screen.
2. Type Windows Update in the search box that appears
3. Click on the Windows Update program that appears in the search results.
Windows%20Update.JPG
4. Click on Change Settings.
CheckForUpdates.JPG
5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
WUChangeSettings.JPG
6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
7. Ensure that all of the other check boxes are checked.
8. Click OK.
 
3. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.
 
4. Antimalware- Preventative
Note: Let's keep Malwarebytes installed as it's a fantastic piece of software. Malwarebytes is an anti-malware software and not an antivirus software so it won't conflict with the Antivirus that you are running. I would recommend that you open up this program, allow it to update and scan your machine at least quarterly...monthly if you can.
 
5. Crypto Warning!!!! - Complete Data Loss can occur!
There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here.
 


  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.

Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
 
UpdatesV7.4.11.JPG
 

 
For more information about computer security and how to protect yourself when on the internet, please read this guide Best Practices for Safe Computing
 
OK, all the best, and stay safe!
 
Items for your next post
1. Contents of the delfix log

 


  • 0

#13
arigatou

arigatou

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts

# DelFix v1.010 - Logfile created 08/07/2015 at 03:40:28
# Updated 26/04/2015 by Xplode
# Username : user - PC
# Operating System : Windows 8.1  (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\RegBackup
Deleted : C:\Users\user\Desktop\Addition.txt
Deleted : C:\Users\user\Desktop\AdwCleaner.exe
Deleted : C:\Users\user\Desktop\AdwCleaner[S1].txt
Deleted : C:\Users\user\Desktop\Fixlog.txt
Deleted : C:\Users\user\Desktop\FRST.txt
Deleted : C:\Users\user\Desktop\FRST64.exe
Deleted : C:\Users\user\Desktop\JRT.exe
Deleted : C:\Users\user\Desktop\JRT.txt
Deleted : C:\Users\user\Downloads\adwcleaner_3.209.exe
Deleted : C:\Users\user\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\user\Downloads\JRT.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #31 [Scheduled Checkpoint | 06/22/2015 19:51:08]
Deleted : RP #32 [avast! antivirus system restore point | 07/02/2015 10:06:13]
Deleted : RP #34 [Restore Point Created by FRST | 07/07/2015 16:12:15]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########
 


  • 0

#14
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP