Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome tabs disappearing [Solved]


  • This topic is locked This topic is locked

#1
ColtsFan18

ColtsFan18

    Member

  • Member
  • PipPipPip
  • 372 posts

This has been an on and off deal since this morning, when I click on a bookmark or any link to open a page, the page opens in a new tab next to the one I'm working on, I click on the tab (not the red X) and the entire tab disappears, in addition to this, literally nothing is clickable (ex:  settings, address bar, bookmarks, etc...).  I have run a Kaspersky scan, an eset scan, ccleaner and Malware Antibytes, got rid of a few nuisances but nothing terrible.  It works fine for a couple hours and starts in again.  There is no specific page that sets it off, it just starts doing it out of nowhere.  Things work fine in Firefox and Internet Explorer so I'm guessing it is a Chrome specific issue.  I have reset Chrome settings and restarted the laptop, no luck.  I really prefer Chrome over FF or IE even though it's a resource hog...  It's a hit or miss and I've tried everything I can think of.  

 

Edited to add that I can't use drag and drop feature to move files, nor can I right click on a file and move it.  I have to open the document and click "Save as" and save it to the folder I need it to be in.  And now, for a new twist, if I leave a browser open and the laptop unattended it will open 20 to 30 new tabs all by itself.  At that point my only option is to use the task manager and end all running processes to close the endless windows/tabs that have been opened.

 

Hoping one of the geniuses here can help me.  Thanks!

 

Here is the first FRST Scan log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by Tams (2016-01-04 17:23:09)
Running from C:\Users\Tams\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-04-05 21:41:00)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4195195172-405157436-2273080122-500 - Administrator - Disabled)
Guest (S-1-5-21-4195195172-405157436-2273080122-501 - Limited - Disabled)
Tams (S-1-5-21-4195195172-405157436-2273080122-1000 - Administrator - Enabled) => C:\Users\Tams
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)
Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
clear.fi SDK - MVP 2 (x32 Version: 2.0.1415 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.0.1406 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)
FOSCAM Client (HKLM-x32\...\{9F9CDA0B-2291-4061-85C4-441A75BE6713}) (Version: 1.4.13 - FOSCAM)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.1.202 - Kaspersky Lab) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {45C13437-81AB-4A99-8CFE-1216C2062573} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {7000C952-9E7B-40AD-898A-1238FDB7728F} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {76128B93-8FA3-4DB5-AD92-BC0A6DB5E11B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)
Task: {8158FC5B-32DB-4CE5-87E0-BE5A12941C77} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {8D7A0A42-0D00-4E98-8879-FA45E5FDC00F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {9A21AAEE-C445-4B66-BFE8-9700E50E478F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)
Task: {9E8F8715-4477-41DA-B864-C0EFAC5C8DB0} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {A9996A0B-2EF2-4801-8BCA-E19ED5418523} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)
Task: {B28F014A-9E06-435E-83C8-C8301E735A02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)
Task: {C3522F50-9544-4E04-81F4-63161DA92086} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {C38E11BD-3977-454D-9CE9-1F849EBE881B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)
Task: {D5BCB3FC-A996-40CC-A419-480E8082A452} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {DB91C973-6569-4742-8ABA-C1C100F6F132} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-11-20 14:57 - 2015-11-20 14:57 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-11-20 14:57 - 2015-11-20 14:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-13 04:46 - 2012-02-14 11:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-01-05 15:22 - 2012-01-05 15:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-12-15 13:45 - 2015-12-15 13:45 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2015-12-15 13:45 - 2015-12-15 13:45 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll
2015-12-15 13:45 - 2015-12-15 13:45 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll
2015-12-20 14:03 - 2015-12-20 14:03 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-17 11:10 - 2015-11-17 11:10 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-23 18:44 - 2015-11-23 18:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-04-13 11:16 - 2015-04-13 11:16 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-03-13 04:06 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-02-18 20:36 - 2012-02-07 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2016-01-04 10:20 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2016-01-04 10:20 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2015-10-15 10:45 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tams\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tams\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.226
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{BA4C277E-AEFB-478C-8007-521FD33EF45B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A38D4D2F-A5D0-4C17-AAA2-7A7C3A00B046}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{ECBCEBBA-C2FB-45DB-8A17-AEC4C640C2AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C10D1719-B2EA-4034-9619-A70C74B87070}] => (Allow) LPort=2869
FirewallRules: [{00D6FFD1-02B2-4818-B562-7B0E08D99C87}] => (Allow) LPort=1900
FirewallRules: [{F945D8B9-07F5-4B6A-951E-1ACF5220F913}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6336EC0D-D234-470A-8213-17B382CB3B7B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{797081F8-0E0A-427B-ACA7-4785EFA2B645}] => (Allow) C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe
FirewallRules: [{46851057-8955-4605-A264-53CD21F21DE8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{57A516E9-68D2-4068-B385-BDF8B8882411}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{6DB36738-769E-498D-B6A5-2465E43919EC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{D701F2EC-38EA-40C2-AFB9-A7C2EC24B116}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{92C72C58-7FD9-45EE-BF0C-EA92BCB6170A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{90D78AAA-8E1E-4110-9DD5-F8D4D0C20327}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{EDE2D0BB-790B-4A37-880C-065DFA62A7BC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{CCEA494D-8A29-440C-BCCF-7A4721F22981}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{F61751E4-9279-48FB-ABFB-8F44D3E828CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\PlayMovie.exe
FirewallRules: [{BE0EA31F-285C-4F75-9256-D1454F25649A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe
FirewallRules: [{BE8E41E0-C088-437C-9FF8-DDD36F25EE72}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe
FirewallRules: [{451C51C5-F455-479C-AB8A-7FEDDAD17232}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{C7A424DE-13C6-4AA5-A743-A515D81761CE}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [TCP Query User{021FC334-8C0C-459A-A1A9-4A2C51875696}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe
FirewallRules: [UDP Query User{34D4A8B6-A6E7-4D07-92AB-258307038ABF}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe
FirewallRules: [TCP Query User{455AE7F2-5D88-4CA5-BBA1-A7648205E8CF}C:\users\tams\desktop\ipcamera.exe] => (Allow) C:\users\tams\desktop\ipcamera.exe
FirewallRules: [UDP Query User{2D3D04DB-3EBF-4541-9D2D-971A2BD8F794}C:\users\tams\desktop\ipcamera.exe] => (Allow) C:\users\tams\desktop\ipcamera.exe
FirewallRules: [{3E0CB740-8242-4ADC-8585-998EA40B620E}] => (Allow) C:\Users\Tams\AppData\Local\Temp\SmallInstaller\InstallFiles\ccdd.exe
FirewallRules: [{EF6EF56D-C6FD-4B96-ABBD-C77B8AC1AC01}] => (Allow) C:\Users\Tams\AppData\Local\Temp\SmallInstaller\InstallFiles\ccdd.exe
FirewallRules: [{ABDB74DF-8299-480D-BF3F-2F55811BCC7A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9C5EC6DC-C08B-4690-BB68-4E4DE2D67E11}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{1BA7526F-AE86-48A8-8A86-230EA204017F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A5B721F7-3397-411F-8319-16F5A386A96C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DBD130E3-21AD-41B7-A2A5-C2E5BA7DF2B4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BF943D19-BFFA-4AAF-B804-A67958BEEA27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4EDFB0FD-5825-48AA-BCCF-0DB2D26BAC98}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E88342F7-E100-46FF-B0ED-AE94BBE6C057}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A6D1B2AB-AF65-4D43-ACB0-762D2A64C462}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5232F64E-E305-4863-838B-F36785FCAF36}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{6B128251-28BF-44D6-BC08-4F508086D50D}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{E18562ED-C463-44EA-943E-C6C9A8871309}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{F94A5E1C-490A-4E53-8BAD-ED3D4E2681DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FAA0E424-B706-4287-97DA-D4B76C6C3C31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9E2F9CDB-EC5E-4FA3-937C-EE63F6A72199}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D3875E60-BF32-4654-9345-5C21B67AA642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5BCC9A84-399D-41F7-BBB7-5AAC6541667E}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe
FirewallRules: [UDP Query User{F1609EF3-FCAD-4613-A944-96E1F4A5657B}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe
FirewallRules: [TCP Query User{D828DA12-9A7D-4DE5-B616-358C711B51EE}C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe] => (Allow) C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe
FirewallRules: [UDP Query User{DC49B0EA-5CAD-4D28-949E-FBB8E10A210D}C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe] => (Allow) C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe
FirewallRules: [{35BA66C9-F04C-4A76-A23B-3B259BDB37BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{02DDFD92-738B-4B1E-B002-F521CDC54C1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{689A2983-F942-41C7-B15A-54C20D949224}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{89490EA3-BBAC-4648-B112-40DEF2805B84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{10F23C33-9F1F-4649-8A90-F6C993218296}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{085713A9-43A9-4610-8702-C8D19CA91967}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4FF0415B-6366-42F5-A30B-D32D352D6A0F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{896BBA5B-E9CD-4433-9E98-A6772C886DE2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ADFA03DD-1CD5-4926-8338-2A12B755D065}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{70AA4AE6-AF14-47A0-9765-55EB355ACFC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6355056D-6A41-48B2-80E7-27EBDC2B8F06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F1DD5023-5DC7-431D-B52A-7194EAF67EF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{49455E39-45B2-4AD2-B31A-8A09FDCB94F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
==================== Restore Points =========================
 
16-12-2015 09:48:45 Installed Free Ringtone Maker
16-12-2015 09:50:48 Removed NowUSeeIt Player
16-12-2015 09:53:57 Removed Free Ringtone Maker
19-12-2015 23:40:36 Installed iTunes
20-12-2015 15:25:30 Removed BlueStacks App Player
23-12-2015 13:23:39 Windows Update
28-12-2015 12:58:12 Windows Update
01-01-2016 15:15:23 Windows Update
03-01-2016 12:10:04 Removed Microsoft Office 2010
04-01-2016 17:11:50 Removed Content Manager
04-01-2016 17:12:53 Removed Evernote v. 5.8.6
04-01-2016 17:14:16 Removed LG VZW United Drivers.
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/04/2016 04:58:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 2.3.125.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d30
 
Start Time: 01d1471e60fcb795
 
Termination Time: 13
 
Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
 
Report Id:
 
Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19781
 
Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19781
 
Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 18782
 
Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 18782
 
Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17690
 
Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17690
 
Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (01/04/2016 04:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (01/04/2016 04:18:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275
 
Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU B820 @ 1.70GHz
Percentage of memory in use: 51%
Total physical RAM: 3932.36 MB
Available physical RAM: 1901.65 MB
Total Virtual: 7862.93 MB
Available Virtual: 5490.58 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:178.83 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: ACC74791)
Partition 1: (Not Active) - (Size=18 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
Here is the second FRST Scan Log:
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by Tams (administrator) on TAMS-PC (04-01-2016 17:22:30)
Running from C:\Users\Tams\Downloads
Loaded Profiles: Tams &  (Available Profiles: Tams)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(LG Electronics) C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\Tams\Downloads\FRST64 (1).exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\RunOnce: [CM2.0_Uninst] => 1
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: F - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {2b0cf4c6-2034-11e5-81a8-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {b2e59576-dc9d-11e4-874c-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {f27d139a-7356-11e5-8293-dc0ea1aba574} - E:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-12] ()
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2b0cf4c6-2034-11e5-81a8-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b2e59576-dc9d-11e4-874c-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f27d139a-7356-11e5-8293-dc0ea1aba574} - E:\VerizonSWUpgradeAssistantLauncher.exe
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-12] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-01-04]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226
Tcpip\..\Interfaces\{7B6751E9-19A8-49B0-B9CF-572485848058}: [DhcpNameServer] 192.168.0.1 205.171.2.226
 
Internet Explorer:
==================
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.wow.com/?ncid=txtlnkusaolc00000290&s_pt=source9&s_chn=101&s_chn2=0D0CtD0E0AtC0A0B0AyDyByEyEtC0A0E2RtBtDtCyDtCtBtCyCtDzyyEyCtCtBzyzzyE
HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.wow.com/?ncid=txtlnkusaolc00000290&s_pt=source9&s_chn=101&s_chn2=0D0CtD0E0AtC0A0B0AyDyByEyEtC0A0E2RtBtDtCyDtCtBtCyCtDzyyEyCtCtBzyzzyE
HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> DefaultScope {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.0.147/codebase/DVM_IPCam2.ocx
 
FireFox:
========
FF ProfilePath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default
FF DefaultSearchEngine.US: Google
FF Homepage: www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]
CHR Extension: (Google Docs) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]
CHR Extension: (Google Drive) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Blur) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-12-31]
CHR Extension: (Google Sheets) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]
CHR Extension: (Gmail) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR Extension: (RSS Feed Reader) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-12-14]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-16] (Acer Incorporated)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)
S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-01-18] (Atheros Communication Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-04] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
S3 vzandnetbus; system32\DRIVERS\lgvzandnetbus64.sys [X]
S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag64.sys [X]
S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-04 17:22 - 2016-01-04 17:22 - 00023119 _____ C:\Users\Tams\Downloads\FRST.txt
2016-01-04 17:21 - 2016-01-04 17:21 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64 (2).exe
2016-01-04 17:19 - 2016-01-04 17:22 - 00000000 ____D C:\FRST
2016-01-04 17:19 - 2016-01-04 17:19 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64 (1).exe
2016-01-04 17:18 - 2016-01-04 17:19 - 01721856 _____ (Farbar) C:\Users\Tams\Downloads\FRST.exe
2016-01-04 17:18 - 2016-01-04 17:18 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64.exe
2016-01-04 14:55 - 2016-01-04 14:55 - 02870984 _____ (ESET) C:\Users\Tams\Downloads\esetsmartinstaller_enu.exe
2016-01-04 14:55 - 2016-01-04 14:55 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-04 12:13 - 2016-01-04 16:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-04 12:12 - 2016-01-04 12:12 - 22908888 _____ (Malwarebytes ) C:\Users\Tams\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-04 12:12 - 2016-01-04 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-04 12:12 - 2016-01-04 12:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-04 12:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-04 12:12 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-04 12:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-04 11:14 - 2016-01-04 11:14 - 00000000 ____D C:\Users\Tams\AppData\Local\CEF
2016-01-04 11:14 - 2016-01-04 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-01-04 11:09 - 2016-01-04 11:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-04 11:04 - 2016-01-04 11:04 - 00000093 _____ C:\Windows\wininit.ini
2016-01-04 10:53 - 2016-01-04 16:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 10:20 - 2016-01-04 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-04 10:19 - 2016-01-04 16:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-04 10:19 - 2016-01-04 12:32 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-04 10:19 - 2016-01-04 10:19 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-04 10:19 - 2016-01-04 10:19 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-04 10:18 - 2016-01-04 10:18 - 00927824 _____ (Google Inc.) C:\Users\Tams\Downloads\ChromeSetup.exe
2015-12-28 14:08 - 2015-12-28 14:08 - 01167655 _____ C:\Users\Tams\Downloads\document.pdf
2015-12-23 12:41 - 2015-12-23 12:41 - 00071915 _____ C:\Users\Tams\Downloads\LoadConfirmation894608.pdf
2015-12-21 14:15 - 2015-12-21 14:15 - 00003338 _____ C:\Windows\System32\Tasks\abDocsDllLoader
2015-12-20 14:08 - 2015-12-20 14:08 - 00089525 _____ C:\Users\Tams\Downloads\dir (8).dcr
2015-12-20 14:04 - 2015-12-20 14:04 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-12-20 13:57 - 2015-12-20 13:57 - 00000000 ____D C:\Users\Tams\abBox
2015-12-19 23:40 - 2015-12-19 23:40 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Users\Tams\AppData\Local\Apple
2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files\Bonjour
2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-19 23:39 - 2015-12-19 23:40 - 00000000 ____D C:\ProgramData\Apple
2015-12-19 23:39 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-19 23:31 - 2015-12-19 23:33 - 167608088 _____ (Apple Inc.) C:\Users\Tams\Downloads\iTunes6464Setup.exe
2015-12-18 12:31 - 2015-12-18 12:31 - 00086812 _____ C:\Users\Tams\Downloads\1070-126-61526868.pdf
2015-12-18 12:30 - 2015-12-18 12:30 - 00086278 _____ C:\Users\Tams\Downloads\1070-126-56957259.pdf
2015-12-16 09:51 - 2015-12-16 09:51 - 00000000 ____D C:\Users\Tams\AppData\Local\SkinSoft
2015-12-16 09:50 - 2015-12-16 09:50 - 00000000 _____ C:\Windows\SysWOW64\${FILE_SN_DLL}
2015-12-16 09:48 - 2015-12-16 09:48 - 00000000 ____D C:\Users\Tams\AppData\Roaming\Convert Audio Free
2015-12-16 09:47 - 2015-12-16 09:50 - 00000000 ____D C:\Users\Tams\AppData\Roaming\Wow_com
2015-12-16 09:47 - 2015-12-16 09:46 - 13873613 _____ (Convert Audio Free) C:\Users\Tams\Downloads\ringtonemaker_setup [1].exe
2015-12-16 09:44 - 2015-12-16 09:45 - 03317248 _____ C:\Users\Tams\Downloads\Ringtone-Maker_1240.msi
2015-12-14 13:30 - 2015-12-14 13:30 - 00071921 _____ C:\Users\Tams\Downloads\LoadConfirmation891346.pdf
2015-12-14 08:27 - 2015-12-14 08:27 - 00071923 _____ C:\Users\Tams\Downloads\LoadConfirmation891858.pdf
2015-12-13 23:59 - 2015-12-13 23:59 - 00980175 _____ C:\Users\Tams\AppData\Local\Ringtone-Maker_1240.rar
2015-12-11 13:52 - 2015-12-11 13:52 - 00000000 ____D C:\Users\Tams\AppData\Local\{6C1CDB57-48C8-4624-B430-27D516555632}
2015-12-09 19:11 - 2015-12-09 19:11 - 00293262 _____ C:\Users\Tams\Downloads\Recipes - Red Velvet Cake with Buttercream Frosting.pdf
2015-12-08 22:18 - 2015-12-08 22:18 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-12-08 22:18 - 2015-12-08 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-08 22:17 - 2015-12-08 22:18 - 00000000 ____D C:\Program Files\CCleaner
2015-12-08 22:15 - 2015-12-08 22:18 - 06801752 _____ (Piriform Ltd) C:\Users\Tams\Downloads\ccsetup512 (1).exe
2015-12-08 22:15 - 2015-12-08 22:17 - 06801752 _____ (Piriform Ltd) C:\Users\Tams\Downloads\ccsetup512.exe
2015-12-08 11:25 - 2015-12-08 11:25 - 00236048 _____ C:\Users\Tams\Documents\Scan0003.pdf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-01-04 17:22 - 2015-10-06 13:17 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-04 17:22 - 2009-07-13 22:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-04 17:22 - 2009-07-13 22:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-04 17:19 - 2007-07-11 19:48 - 00000000 ____D C:\Windows
2016-01-04 17:14 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-01-04 17:12 - 2015-10-06 13:17 - 00000000 ____D C:\Users\Tams\AppData\Local\Dropbox
2016-01-04 17:12 - 2015-10-06 13:17 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-01-04 17:12 - 2012-03-13 04:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-04 16:17 - 2015-04-06 06:16 - 00000000 ____D C:\Program Files (x86)\Coupons
2016-01-04 14:22 - 2015-10-06 13:17 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-04 12:39 - 2009-07-13 23:13 - 00727182 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-04 12:32 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-04 12:09 - 2015-09-29 08:49 - 00000000 ____D C:\Windows\Minidump
2016-01-04 12:09 - 2015-07-10 15:52 - 00000000 ____D C:\Users\Tams\AppData\Local\CrashDumps
2016-01-04 11:46 - 2015-10-15 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 10:20 - 2015-04-05 15:50 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-03 12:12 - 2015-04-05 15:49 - 00000000 ____D C:\Users\Tams\AppData\Local\Deployment
2016-01-03 08:14 - 2015-04-06 06:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-21 14:15 - 2012-03-13 04:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-21 14:15 - 2012-03-13 04:19 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-21 14:14 - 2015-05-26 09:22 - 00000000 ____D C:\Users\Tams\AppData\Local\clear.fi
2015-12-20 14:07 - 2015-10-15 10:32 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-20 14:07 - 2015-10-15 10:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-20 14:07 - 2015-04-06 11:42 - 00000000 ____D C:\Users\Tams\AppData\Local\Adobe
2015-12-20 14:04 - 2015-07-20 11:47 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2015-12-20 14:04 - 2012-03-13 04:27 - 00000000 ____D C:\ProgramData\oem
2015-12-20 13:57 - 2015-04-05 15:41 - 00000000 ____D C:\Users\Tams
2015-12-18 17:11 - 2015-06-03 12:55 - 00000000 ____D C:\Users\Tams\AppData\Local\Windows Live
2015-12-18 15:50 - 2015-04-06 06:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
2015-12-14 12:16 - 2015-04-05 16:22 - 00000000 ____D C:\Users\Tams\Desktop\Documents and stuff
2015-12-10 00:26 - 2015-05-16 09:39 - 00000000 ____D C:\Users\Tams\AppData\Roaming\SoftGrid Client
2015-12-08 22:21 - 2015-11-11 19:44 - 00000000 ____D C:\Users\Tams\AppData\Roaming\PhotoScape
2015-12-08 22:21 - 2015-10-31 16:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-12-08 22:21 - 2012-03-13 04:36 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-12-08 22:20 - 2007-07-11 19:49 - 00000000 ____D C:\Windows\Panther
2015-12-08 22:12 - 2015-02-18 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barnes & Noble
2015-12-08 22:12 - 2015-02-18 20:51 - 00000000 ____D C:\Program Files (x86)\Barnes & Noble
 
==================== Files in the root of some directories =======
 
2015-12-13 23:59 - 2015-12-13 23:59 - 0980175 _____ () C:\Users\Tams\AppData\Local\Ringtone-Maker_1240.rar
2015-04-06 06:14 - 2015-04-06 06:14 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-02-18 20:47 - 2015-02-18 20:50 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log
2015-02-18 20:49 - 2015-02-18 20:49 - 0000032 _____ () C:\ProgramData\PS.log
 
Some files in TEMP:
====================
C:\Users\Tams\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Tams\AppData\Local\Temp\_isE87F.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-12-30 15:28
 
==================== End of FRST.txt ============================

Edited by ColtsFan18, 07 January 2016 - 02:08 PM.

  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello ColtsFan18,

Have you tried checking Chromes settings?

I don't use Chrome but I did find a reference that might help you. See the link below and see if that helps:

https://productforum...ome/4gN9xVSB1FU

If that doesn't help

Just resetting Chrome doesn't always work. If there is an anomally or deep infection then you really need a full uninstall and reinstall, see below:

To do a full Chrome Uninstall

First, you might like to backup your bookmarks. Go to the link below to learn how to export Chrome's bookmarks. You can save them somewhere you can find them and import them back to Chrome when you reinstall.

https://support.goog...wer/96816?hl=en

Step 2

Go to the link below for instructions to uninstall Google Chrome. Use the Windows instructions for Windows Vista/ Windows 7/ Windows 8

https://support.goog...wer/95319?hl=en

Note: To completely uninstall you must remove your profile information so make sure you tick the "Also delete your browsing data" check box.

Step 3

Download and reinstall Google Chrome.

Come back and tell me if there is any change.

Also

Are you aware of the program TeamViewer on you machine?
 


  • 0

#3
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

I have done all of this prior to starting the thread here, I see I neglected to post that I did do a full Chrome uninstall and reinstall.  And yes, I'm aware of Team Viewer, I use it often with 2 clients... it has never given me an issue in the past, but I'm guessing you think it could be a problem...


Edited by ColtsFan18, 07 January 2016 - 08:13 PM.

  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

I use it often with 2 clients... it has never given me an issue in the past, but I'm guessing you think it could be a problem...

 

No it's a useful and legitimate program but it is sometimes used for malicious purposes to gain access to the victims computer. Just wanted to make sure you were aware of it. Those foreigners that telephone posing as Microsoft engineers use it for example.

 

 

I did do a full Chrome uninstall and reinstall.

 

Let's see if this will make a difference then:

 

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).
 

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  •     If you downloaded the zip version double click zoek.zip
  •     Double click on zoek.exe to run.
  •     Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
  •     Copy the text below and paste it into the large window in the zoek tool:

CHRDefaults;
EmptyAllTemp;
AutoClean;
  •     Click on Run script button
  •     Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  •     Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"


  • 0

#5
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Thank you for the additional info on Team Viewer.  Is it best to install it when it's needed and uninstall it when it's not?  Because that's totally doable to keep things safe.  I assumed that if I logged off and closed the application that it would be OK to leave on the machine when not in use...

 

At any rate, here is the Zoek scan log:

 

 
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Tams on Thu 01/07/2016 at 21:37:39.35.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tams\Downloads\zoek (1).exe    [Scan all users] [Script inserted] 
 
==== System Restore Info ======================
 
1/7/2016 9:39:26 PM Zoek.exe System Restore Point Created Successfully.
 
==== Empty Folders Check ======================
 
C:\PROGRA~2\Barnes & Noble deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\Users\Tams\AppData\Roaming\PhotoScape deleted successfully
C:\Users\Tams\AppData\Roaming\TP deleted successfully
C:\Users\Tams\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Tams\AppData\Roaming\Wow_com deleted successfully
C:\Users\Tams\AppData\Local\CrashDumps deleted successfully
 
==== Deleting CLSID Registry Keys ======================
 
 
==== Deleting CLSID Registry Values ======================
 
 
==== Deleting Services ======================
 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee SiteAdvisor Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McAfee SiteAdvisor Service deleted successfully
 
==== Deleting Files \ Folders ======================
 
C:\PROGRA~2\Barnes & Noble not found
C:\install.exe deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons deleted
C:\Windows\wininit.ini deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\shoC9C.tmp deleted
"C:\PROGRA~2\Coupons\CouponPrinterService.exe" deleted
"C:\PROGRA~2\Coupons\CouponPrinterService.exe" deleted
"C:\PROGRA~2\Coupons" not deleted
"C:\PROGRA~2\Coupons" not deleted
 
==== Firefox Start and Search pages ======================
 
ProfilePath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.defaultenginename.US", "Google");
 
==== Firefox Extensions ======================
 
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
==== Firefox Plugins ======================
 
Profilepath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default
5DF56521E8985BFD8F21A3D97A4D4574 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash
 
 
==== Chromium Look ======================
 
 
Blur - Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd
feeder - Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp
 
==== Chromium Fix ======================
 
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
 
==== Set IE to Default ======================
 
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
 
==== All HKLM and HKCU SearchScopes ======================
 
HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/...rc=IE-SearchBox
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/...rc=IE-SearchBox
HKCU\SearchScopes "DefaultScope"="{082D6C62-5D86-4FC4-8FC7-765B79181466}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.co...q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKCU\SearchScopes\{082D6C62-5D86-4FC4-8FC7-765B79181466} - https://www.google.c...q={searchTerms}
 
==== Reset Google Chrome ======================
 
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
 
==== Deleting Registry Keys ======================
 
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
 
==== Empty IE Cache ======================
 
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tams\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tams\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 
==== Empty FireFox Cache ======================
 
C:\Users\Tams\AppData\Local\Mozilla\Firefox\Profiles\oiobye5v.default\cache2 emptied successfully
 
==== Empty Chrome Cache ======================
 
C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 
==== Empty All Flash Cache ======================
 
Flash Cache Emptied Successfully
 
==== Empty All Java Cache ======================
 
No Java Cache Found
 
==== C:\zoek_backup content ======================
 
C:\zoek_backup (files=38 folders=4 8875722 bytes)
 
==== Empty Temp Folders ======================
 
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tams\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
 
==== After Reboot ======================
 
==== Empty Temp Folders ======================
 
C:\Windows\Temp successfully emptied
C:\Users\Tams\AppData\Local\Temp successfully emptied
 
==== Empty Recycle Bin ======================
 
C:\$RECYCLE.BIN successfully emptied
 
==== Deleting Files / Folders ======================
 
"C:\PROGRA~2\Coupons"  not found
"C:\PROGRA~2\Coupons"  not found
 
==== EOF on Thu 01/07/2016 at 22:08:21.40 ======================

  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

I assumed that if I logged off and closed the application that it would be OK to leave on the machine when not in use...


It's as safe as any other program. In normal course it is not a problem.
 

 

Moving on

 

How is Chrome now?


  • 0

#7
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

I appear to be working fine now but I don't trust i..  Can we keep this topic open for a couple days?I gotta get some sleep,we'll catch uptomorrow


  • 0

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Can we keep this topic open for a couple days?


Sure we can. :cool:
 

I gotta get some sleep,we'll catch uptomorrow

Look forward to it. :)

 

When we are happy I will give you some instructions to remove the tool we have been using.


  • 0

#9
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

So far so good this morning... I'll touch base again this afternoon.  Would it be possible to take a quick look at why Adobe Shockwave crashes regularly?  I check the settings (now that I can access them) and I don't have 2 different applications running, it's up to date, etc....


Edited by ColtsFan18, 08 January 2016 - 10:54 AM.

  • 0

#10
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

I knew it!!  It's back to what it was doing before.  I thought it might have been the wireless mouse so I switched to a USB mouse and even tried it without a mouse and just used the touchpad and it's back to tab killing.  I click on a link and a new tab opens, I click on the new tab and it closes.


  • 0

Advertisements


#11
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

I don't think this is a malware problem although it was interesting that it seemed to go albeit for a short while, after the Zoek cleanup

 

Have you got another keyboard you can try? Sometimes if the Ctrl is pressed inadvertently it will cause strange things to happen. Could it be that your keyboard has a fault?

 

 

Adobe Shockwave crashes regularly?

 

Are you referring to it crashing in Firefox?


  • 0

#12
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

 

 

Have you got another keyboard you can try? Sometimes if the Ctrl is pressed inadvertently it will cause strange things to happen. Could it be that your keyboard 

 

I can't really change the keyboard since it's a laptop.  However, I can pop the keys and make sure there isn't anything under a control key jamming it up...  

 

 

 

Are you referring to it crashing in Firefox?

 

The Shockwave crashes in Chrome.  I only use FF or IE when absolutely necessary.

 

 

 

I don't think this is a malware problem although it was interesting that it seemed to go albeit for a short while, after the Zoek cleanup

 

This is how this thing has run the whole time.  It improves for a short period after a scan then goes back to giving me grief.


  • 0

#13
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

OK, I just popped the control keys (and the Alt keys for safe measure) and cleaned some cat hair and crumbs out that I thought MIGHT have been an issue but it's still killing tabs.  I really thought that might have been the issue but its abundantly clear that my machine hates me.  After all I've done for it :( 


  • 0

#14
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Yep it does seem it doesn't like you lol.

 

I don't believe this is a malware issue. We will remove the tools we have been using and then you can open a topic in the Web Browser forum and see if anyone there has a solution.

 

Now

 

To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:
 

  • Remove disinfection tools
  • Purge System Restore
  • Reset System Settings

    Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.
 

 


  • 0

#15
ColtsFan18

ColtsFan18

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 372 posts

Done.  Here is the scan log.

 

# DelFix v1.011 - Logfile created 09/01/2016 at 10:48:06
# Updated 18/08/2015 by Xplode
# Username : Tams - TAMS-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\zoek-results.log
Deleted : C:\Users\Tams\Downloads\Addition.txt
Deleted : C:\Users\Tams\Downloads\esetsmartinstaller_enu.exe
Deleted : C:\Users\Tams\Downloads\FRST.exe
Deleted : C:\Users\Tams\Downloads\FRST.txt
Deleted : C:\Users\Tams\Downloads\FRST64 (1).exe
Deleted : C:\Users\Tams\Downloads\FRST64 (2).exe
Deleted : C:\Users\Tams\Downloads\FRST64.exe
Deleted : C:\Users\Tams\Downloads\HijackThis (1).exe
Deleted : C:\Users\Tams\Downloads\HijackThis.exe
Deleted : C:\Users\Tams\Downloads\hijackthis.log
Deleted : C:\Users\Tams\Downloads\zoek (1).exe
Deleted : C:\Users\Tams\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
 
~ Cleaning system restore ...
 
Deleted : RP #84 [Windows Update | 12/23/2015 19:23:39]
Deleted : RP #85 [Windows Update | 12/28/2015 18:58:12]
Deleted : RP #86 [Windows Update | 01/01/2016 21:15:23]
Deleted : RP #87 [Removed Microsoft Office 2010 | 01/03/2016 18:10:04]
Deleted : RP #88 [Removed Content Manager | 01/04/2016 23:11:50]
Deleted : RP #89 [Removed Evernote v. 5.8.6 | 01/04/2016 23:12:53]
Deleted : RP #90 [Removed LG VZW United Drivers. | 01/04/2016 23:14:16]
Deleted : RP #91 [Windows Update | 01/06/2016 18:11:13]
Deleted : RP #92 [zoek.exe restore point | 01/08/2016 03:39:12]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########
 

 

I have started a topic in the web browser forum.  Is that just a peer to peer forum or are there techs there?


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP