Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google Chrome tabs disappearing [Solved]

Started by ColtsFan18 , Jan 04 2016 05:07 PM

This topic is locked

#1
ColtsFan18

Posted 04 January 2016 - 05:07 PM

Member

Member
389 posts

This has been an on and off deal since this morning, when I click on a bookmark or any link to open a page, the page opens in a new tab next to the one I'm working on, I click on the tab (not the red X) and the entire tab disappears, in addition to this, literally nothing is clickable (ex: settings, address bar, bookmarks, etc...). I have run a Kaspersky scan, an eset scan, ccleaner and Malware Antibytes, got rid of a few nuisances but nothing terrible. It works fine for a couple hours and starts in again. There is no specific page that sets it off, it just starts doing it out of nowhere. Things work fine in Firefox and Internet Explorer so I'm guessing it is a Chrome specific issue. I have reset Chrome settings and restarted the laptop, no luck. I really prefer Chrome over FF or IE even though it's a resource hog... It's a hit or miss and I've tried everything I can think of.

Edited to add that I can't use drag and drop feature to move files, nor can I right click on a file and move it. I have to open the document and click "Save as" and save it to the folder I need it to be in. And now, for a new twist, if I leave a browser open and the laptop unattended it will open 20 to 30 new tabs all by itself. At that point my only option is to use the task manager and end all running processes to close the endless windows/tabs that have been opened.

Hoping one of the geniuses here can help me. Thanks!

Here is the first FRST Scan log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015

Ran by Tams (2016-01-04 17:23:09)

Running from C:\Users\Tams\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2015-04-05 21:41:00)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4195195172-405157436-2273080122-500 - Administrator - Disabled)

Guest (S-1-5-21-4195195172-405157436-2273080122-501 - Limited - Disabled)

Tams (S-1-5-21-4195195172-405157436-2273080122-1000 - Administrator - Enabled) => C:\Users\Tams

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)

abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)

abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.100 - NTI Corporation)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2108.00 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.5.2108.00 - CyberLink Corp.) Hidden

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Acer Incorporated)

Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2001 - Acer Incorporated)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3506 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.1107.1418 - Acer Incorporated)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Acer Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)

Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)

Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)

AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.13.2000.0 - Acer Incorporated)

Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)

Backup Manager V3 (x32 Version: 3.0.0.100 - NTI Corporation) Hidden

BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Broadcom Card Reader Driver Installer (HKLM\...\{4710662C-8204-4334-A977-B1AC9E547819}) (Version: 15.0.7.2 - Broadcom Corporation)

Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)

clear.fi SDK - MVP 2 (x32 Version: 2.0.1415 - CyberLink Corp.) Hidden

clear.fi SDK- Movie 2 (x32 Version: 2.0.1406 - CyberLink Corp.) Hidden

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden

eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

ETDWare PS/2-X64 10.6.9.9_WHQL (HKLM\...\Elantech) (Version: 10.6.9.9 - ELAN Microelectronic Corp.)

FOSCAM Client (HKLM-x32\...\{9F9CDA0B-2291-4061-85C4-441A75BE6713}) (Version: 1.4.13 - FOSCAM)

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)

Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden

HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)

HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)

HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)

Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)

Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden

Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab)

Kaspersky Software Updater Beta (x32 Version: 1.5.1.202 - Kaspersky Lab) Hidden

Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.13 - Acer Inc.)

Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)

Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)

MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden

MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.19 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 4.0.14.19 - Egis Technology Inc.) Hidden

NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9006 - NTI Corporation)

NTI Media Maker 9 (x32 Version: 9.0.2.9006 - NTI Corporation) Hidden

Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden

Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.0 - Qualcomm Atheros)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)

Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden

TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3507 - Acer Incorporated)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {45C13437-81AB-4A99-8CFE-1216C2062573} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)

Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto

Task: {7000C952-9E7B-40AD-898A-1238FDB7728F} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)

Task: {76128B93-8FA3-4DB5-AD92-BC0A6DB5E11B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-06] (Dropbox, Inc.)

Task: {8158FC5B-32DB-4CE5-87E0-BE5A12941C77} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-02-06] (Acer Incorporated)

Task: {8D7A0A42-0D00-4E98-8879-FA45E5FDC00F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)

Task: {9A21AAEE-C445-4B66-BFE8-9700E50E478F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)

Task: {9E8F8715-4477-41DA-B864-C0EFAC5C8DB0} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-28] (Egis Technology Inc.)

Task: {A9996A0B-2EF2-4801-8BCA-E19ED5418523} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-11-19] (Acer)

Task: {B28F014A-9E06-435E-83C8-C8301E735A02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.)

Task: {C3522F50-9544-4E04-81F4-63161DA92086} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)

Task: {C38E11BD-3977-454D-9CE9-1F849EBE881B} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-17] (Acer Incorporated)

Task: {D5BCB3FC-A996-40CC-A419-480E8082A452} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()

Task: {DB91C973-6569-4742-8ABA-C1C100F6F132} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-28] (Egis Technology Inc.)

Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-11-20 14:57 - 2015-11-20 14:57 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-11-20 14:57 - 2015-11-20 14:57 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2012-03-13 04:46 - 2012-02-14 11:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2015-11-23 18:44 - 2015-11-23 18:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

2015-11-23 18:44 - 2015-11-23 18:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

2015-12-15 13:38 - 2015-12-15 13:38 - 00326112 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\dblite.dll

2015-10-27 16:44 - 2015-10-27 16:44 - 00404952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll

2012-01-05 15:22 - 2012-01-05 15:22 - 00465344 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll

2012-01-05 15:22 - 2012-01-05 15:22 - 01081368 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll

2012-01-05 15:22 - 2012-01-05 15:22 - 00125464 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll

2015-11-19 14:39 - 2015-11-19 14:39 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll

2015-11-19 14:39 - 2015-11-19 14:39 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll

2015-12-15 13:45 - 2015-12-15 13:45 - 45077376 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll

2015-12-15 13:45 - 2015-12-15 13:45 - 01650560 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libglesv2.dll

2015-12-15 13:45 - 2015-12-15 13:45 - 00082304 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libegl.dll

2015-12-20 14:03 - 2015-12-20 14:03 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll

2015-11-17 11:11 - 2015-11-17 11:11 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll

2015-11-17 11:10 - 2015-11-17 11:10 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

2015-11-23 18:44 - 2015-11-23 18:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll

2015-04-13 11:16 - 2015-04-13 11:16 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll

2012-03-13 04:06 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2015-02-18 20:36 - 2012-02-07 19:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2016-01-04 10:20 - 2015-12-10 21:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll

2016-01-04 10:20 - 2015-12-10 21:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2015-10-15 10:45 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tams\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Tams\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.0.1 - 205.171.2.226

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BA4C277E-AEFB-478C-8007-521FD33EF45B}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{A38D4D2F-A5D0-4C17-AAA2-7A7C3A00B046}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

FirewallRules: [{ECBCEBBA-C2FB-45DB-8A17-AEC4C640C2AA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{C10D1719-B2EA-4034-9619-A70C74B87070}] => (Allow) LPort=2869

FirewallRules: [{00D6FFD1-02B2-4818-B562-7B0E08D99C87}] => (Allow) LPort=1900

FirewallRules: [{F945D8B9-07F5-4B6A-951E-1ACF5220F913}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{6336EC0D-D234-470A-8213-17B382CB3B7B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{797081F8-0E0A-427B-ACA7-4785EFA2B645}] => (Allow) C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe

FirewallRules: [{46851057-8955-4605-A264-53CD21F21DE8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe

FirewallRules: [{57A516E9-68D2-4068-B385-BDF8B8882411}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe

FirewallRules: [{6DB36738-769E-498D-B6A5-2465E43919EC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe

FirewallRules: [{D701F2EC-38EA-40C2-AFB9-A7C2EC24B116}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe

FirewallRules: [{92C72C58-7FD9-45EE-BF0C-EA92BCB6170A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe

FirewallRules: [{90D78AAA-8E1E-4110-9DD5-F8D4D0C20327}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe

FirewallRules: [{EDE2D0BB-790B-4A37-880C-065DFA62A7BC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe

FirewallRules: [{CCEA494D-8A29-440C-BCCF-7A4721F22981}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe

FirewallRules: [{F61751E4-9279-48FB-ABFB-8F44D3E828CD}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\Movie\PlayMovie.exe

FirewallRules: [{BE0EA31F-285C-4F75-9256-D1454F25649A}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\VideoPlayer.exe

FirewallRules: [{BE8E41E0-C088-437C-9FF8-DDD36F25EE72}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK20\MVP\MusicPlayer.exe

FirewallRules: [{451C51C5-F455-479C-AB8A-7FEDDAD17232}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe

FirewallRules: [{C7A424DE-13C6-4AA5-A743-A515D81761CE}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [TCP Query User{021FC334-8C0C-459A-A1A9-4A2C51875696}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe

FirewallRules: [UDP Query User{34D4A8B6-A6E7-4D07-92AB-258307038ABF}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe

FirewallRules: [TCP Query User{455AE7F2-5D88-4CA5-BBA1-A7648205E8CF}C:\users\tams\desktop\ipcamera.exe] => (Allow) C:\users\tams\desktop\ipcamera.exe

FirewallRules: [UDP Query User{2D3D04DB-3EBF-4541-9D2D-971A2BD8F794}C:\users\tams\desktop\ipcamera.exe] => (Allow) C:\users\tams\desktop\ipcamera.exe

FirewallRules: [{3E0CB740-8242-4ADC-8585-998EA40B620E}] => (Allow) C:\Users\Tams\AppData\Local\Temp\SmallInstaller\InstallFiles\ccdd.exe

FirewallRules: [{EF6EF56D-C6FD-4B96-ABBD-C77B8AC1AC01}] => (Allow) C:\Users\Tams\AppData\Local\Temp\SmallInstaller\InstallFiles\ccdd.exe

FirewallRules: [{ABDB74DF-8299-480D-BF3F-2F55811BCC7A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{9C5EC6DC-C08B-4690-BB68-4E4DE2D67E11}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{1BA7526F-AE86-48A8-8A86-230EA204017F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{A5B721F7-3397-411F-8319-16F5A386A96C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{DBD130E3-21AD-41B7-A2A5-C2E5BA7DF2B4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{BF943D19-BFFA-4AAF-B804-A67958BEEA27}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{4EDFB0FD-5825-48AA-BCCF-0DB2D26BAC98}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{E88342F7-E100-46FF-B0ED-AE94BBE6C057}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{A6D1B2AB-AF65-4D43-ACB0-762D2A64C462}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{5232F64E-E305-4863-838B-F36785FCAF36}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [TCP Query User{6B128251-28BF-44D6-BC08-4F508086D50D}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [UDP Query User{E18562ED-C463-44EA-943E-C6C9A8871309}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe

FirewallRules: [{F94A5E1C-490A-4E53-8BAD-ED3D4E2681DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{FAA0E424-B706-4287-97DA-D4B76C6C3C31}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{9E2F9CDB-EC5E-4FA3-937C-EE63F6A72199}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{D3875E60-BF32-4654-9345-5C21B67AA642}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [TCP Query User{5BCC9A84-399D-41F7-BBB7-5AAC6541667E}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe

FirewallRules: [UDP Query User{F1609EF3-FCAD-4613-A944-96E1F4A5657B}D:\01_for windows os\ipcamera.exe] => (Allow) D:\01_for windows os\ipcamera.exe

FirewallRules: [TCP Query User{D828DA12-9A7D-4DE5-B616-358C711B51EE}C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe] => (Allow) C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe

FirewallRules: [UDP Query User{DC49B0EA-5CAD-4D28-949E-FBB8E10A210D}C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe] => (Allow) C:\program files (x86)\foscam\foscam client\foscam\fsipcam.exe

FirewallRules: [{35BA66C9-F04C-4A76-A23B-3B259BDB37BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{02DDFD92-738B-4B1E-B002-F521CDC54C1D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{689A2983-F942-41C7-B15A-54C20D949224}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{89490EA3-BBAC-4648-B112-40DEF2805B84}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{10F23C33-9F1F-4649-8A90-F6C993218296}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{085713A9-43A9-4610-8702-C8D19CA91967}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{4FF0415B-6366-42F5-A30B-D32D352D6A0F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{896BBA5B-E9CD-4433-9E98-A6772C886DE2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{ADFA03DD-1CD5-4926-8338-2A12B755D065}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{70AA4AE6-AF14-47A0-9765-55EB355ACFC2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{6355056D-6A41-48B2-80E7-27EBDC2B8F06}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{F1DD5023-5DC7-431D-B52A-7194EAF67EF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{49455E39-45B2-4AD2-B31A-8A09FDCB94F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Restore Points =========================

16-12-2015 09:48:45 Installed Free Ringtone Maker

16-12-2015 09:50:48 Removed NowUSeeIt Player

16-12-2015 09:53:57 Removed Free Ringtone Maker

19-12-2015 23:40:36 Installed iTunes

20-12-2015 15:25:30 Removed BlueStacks App Player

23-12-2015 13:23:39 Windows Update

28-12-2015 12:58:12 Windows Update

01-01-2016 15:15:23 Windows Update

03-01-2016 12:10:04 Removed Microsoft Office 2010

04-01-2016 17:11:50 Removed Content Manager

04-01-2016 17:12:53 Removed Evernote v. 5.8.6

04-01-2016 17:14:16 Removed LG VZW United Drivers.

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (01/04/2016 04:58:43 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program mbam.exe version 2.3.125.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d30

Start Time: 01d1471e60fcb795

Termination Time: 13

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id:

Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 19781

Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 19781

Error: (01/04/2016 04:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 18782

Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 18782

Error: (01/04/2016 04:42:39 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 17690

Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 17690

Error: (01/04/2016 04:42:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

System errors:

=============

Error: (01/04/2016 04:18:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (01/04/2016 04:18:01 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\Tams\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )

Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )

Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )

Error: (01/04/2016 04:18:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275

Error: (01/04/2016 04:18:00 PM) (Source: Application Popup) (EventID: 1060) (User: )

==================== Memory info ===========================

Processor: Intel® Celeron® CPU B820 @ 1.70GHz

Percentage of memory in use: 51%

Total physical RAM: 3932.36 MB

Available physical RAM: 1901.65 MB

Total Virtual: 7862.93 MB

Available Virtual: 5490.58 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:279.99 GB) (Free:178.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: ACC74791)

Partition 1: (Not Active) - (Size=18 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=280 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Here is the second FRST Scan Log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015

Ran by Tams (administrator) on TAMS-PC (04-01-2016 17:22:30)

Running from C:\Users\Tams\Downloads

Loaded Profiles: Tams & (Available Profiles: Tams)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe

(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

(LG Electronics) C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Farbar) C:\Users\Tams\Downloads\FRST64 (1).exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2821936 2012-03-07] (ELAN Microelectronics Corp.)

HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [1829768 2012-02-07] (Acer Incorporated)

HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-09-20] (Egis Technology Inc.)

HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1106512 2012-03-02] (Dritek System Inc.)

HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)

HKLM-x32\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\RunOnce: [CM2.0_Uninst] => 1

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: F - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {2b0cf4c6-2034-11e5-81a8-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {b2e59576-dc9d-11e4-874c-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\...\MountPoints2: {f27d139a-7356-11e5-8293-dc0ea1aba574} - E:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-12] ()

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2015-11-19] (Acer)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BYRUA_AGENT] => C:\LGMobileUpgrade\LGMOBILEAX\BYR_Client\VZWUAAgent.exe [400880 2015-07-16] (LG Electronics)

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {2b0cf4c6-2034-11e5-81a8-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b2e59576-dc9d-11e4-874c-dc0ea1aba574} - F:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f27d139a-7356-11e5-8293-dc0ea1aba574} - E:\VerizonSWUpgradeAssistantLauncher.exe

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [450048 2011-09-12] ()

HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)

ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-01-04]

ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.226

Tcpip\..\Interfaces\{7B6751E9-19A8-49B0-B9CF-572485848058}: [DhcpNameServer] 192.168.0.1 205.171.2.226

Internet Explorer:

==================

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.wow.com/?ncid=txtlnkusaolc00000290&s_pt=source9&s_chn=101&s_chn2=0D0CtD0E0AtC0A0B0AyDyByEyEtC0A0E2RtBtDtCyDtCtBtCyCtDzyyEyCtCtBzyzzyE

HKU\S-1-5-21-4195195172-405157436-2273080122-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://us.wow.com/?ncid=txtlnkusaolc00000290&s_pt=source9&s_chn=101&s_chn2=0D0CtD0E0AtC0A0B0AyDyByEyEtC0A0E2RtBtDtCyDtCtBtCyCtDzyyEyCtCtBzyzzyE

HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> DefaultScope {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000 -> {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-4195195172-405157436-2273080122-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {082D6C62-5D86-4FC4-8FC7-765B79181466} URL = hxxps://www.google.com/search?q={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} hxxp://192.168.0.147/codebase/DVM_IPCam2.ocx

FireFox:

========

FF ProfilePath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default

FF DefaultSearchEngine.US: Google

FF Homepage: www.google.com

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-04] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-04] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)

Chrome:

=======

CHR HomePage: Default -> hxxp://www.google.com/

CHR StartupUrls: Default -> "hxxp://www.google.com/"

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\PepperFlash\pepflashplayer.dll ()

CHR Profile: C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-05]

CHR Extension: (Google Docs) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-05]

CHR Extension: (Google Drive) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]

CHR Extension: (YouTube) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]

CHR Extension: (Google Search) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]

CHR Extension: (Blur) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-12-31]

CHR Extension: (Google Sheets) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-05]

CHR Extension: (Google Docs Offline) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23]

CHR Extension: (Gmail) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]

CHR Extension: (RSS Feed Reader) - C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-12-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)

S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)

R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)

R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-16] (Acer Incorporated)

R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [1413736 2015-09-18] (Coupons.com Inc.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)

S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-06] (Dropbox, Inc.)

S3 DCDhcpService; C:\Program Files (x86)\Acer\WDAgent\DCDhcpService.exe [111776 2012-01-18] (Atheros Communication Inc.) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)

R2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-04] (Malwarebytes)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)

S3 vzandnetbus; system32\DRIVERS\lgvzandnetbus64.sys [X]

S3 vzandnetdiag; system32\DRIVERS\lgvzandnetdiag64.sys [X]

S3 vzandnetmodem; system32\DRIVERS\lgvzandnetmdm64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 17:22 - 2016-01-04 17:22 - 00023119 _____ C:\Users\Tams\Downloads\FRST.txt

2016-01-04 17:21 - 2016-01-04 17:21 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64 (2).exe

2016-01-04 17:19 - 2016-01-04 17:22 - 00000000 ____D C:\FRST

2016-01-04 17:19 - 2016-01-04 17:19 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64 (1).exe

2016-01-04 17:18 - 2016-01-04 17:19 - 01721856 _____ (Farbar) C:\Users\Tams\Downloads\FRST.exe

2016-01-04 17:18 - 2016-01-04 17:18 - 02370560 _____ (Farbar) C:\Users\Tams\Downloads\FRST64.exe

2016-01-04 14:55 - 2016-01-04 14:55 - 02870984 _____ (ESET) C:\Users\Tams\Downloads\esetsmartinstaller_enu.exe

2016-01-04 14:55 - 2016-01-04 14:55 - 00000000 ____D C:\Program Files (x86)\ESET

2016-01-04 12:13 - 2016-01-04 16:53 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-01-04 12:12 - 2016-01-04 12:12 - 22908888 _____ (Malwarebytes ) C:\Users\Tams\Downloads\mbam-setup-2.2.0.1024.exe

2016-01-04 12:12 - 2016-01-04 12:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-01-04 12:12 - 2016-01-04 12:12 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-01-04 12:12 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-01-04 12:12 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-01-04 12:12 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-01-04 11:14 - 2016-01-04 11:14 - 00000000 ____D C:\Users\Tams\AppData\Local\CEF

2016-01-04 11:14 - 2016-01-04 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta

2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan

2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\ProgramData\Kaspersky Lab

2016-01-04 11:13 - 2016-01-04 11:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab

2016-01-04 11:09 - 2016-01-04 11:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2016-01-04 11:04 - 2016-01-04 11:04 - 00000093 _____ C:\Windows\wininit.ini

2016-01-04 10:53 - 2016-01-04 16:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-01-04 10:20 - 2016-01-04 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2016-01-04 10:19 - 2016-01-04 16:24 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-01-04 10:19 - 2016-01-04 12:32 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-01-04 10:19 - 2016-01-04 10:19 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2016-01-04 10:19 - 2016-01-04 10:19 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2016-01-04 10:18 - 2016-01-04 10:18 - 00927824 _____ (Google Inc.) C:\Users\Tams\Downloads\ChromeSetup.exe

2015-12-28 14:08 - 2015-12-28 14:08 - 01167655 _____ C:\Users\Tams\Downloads\document.pdf

2015-12-23 12:41 - 2015-12-23 12:41 - 00071915 _____ C:\Users\Tams\Downloads\LoadConfirmation894608.pdf

2015-12-21 14:15 - 2015-12-21 14:15 - 00003338 _____ C:\Windows\System32\Tasks\abDocsDllLoader

2015-12-20 14:08 - 2015-12-20 14:08 - 00089525 _____ C:\Users\Tams\Downloads\dir (8).dcr

2015-12-20 14:04 - 2015-12-20 14:04 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud

2015-12-20 13:57 - 2015-12-20 13:57 - 00000000 ____D C:\Users\Tams\abBox

2015-12-19 23:40 - 2015-12-19 23:40 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Users\Tams\AppData\Local\Apple

2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files\Bonjour

2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files (x86)\Bonjour

2015-12-19 23:40 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

2015-12-19 23:39 - 2015-12-19 23:40 - 00000000 ____D C:\ProgramData\Apple

2015-12-19 23:39 - 2015-12-19 23:40 - 00000000 ____D C:\Program Files\Common Files\Apple

2015-12-19 23:31 - 2015-12-19 23:33 - 167608088 _____ (Apple Inc.) C:\Users\Tams\Downloads\iTunes6464Setup.exe

2015-12-18 12:31 - 2015-12-18 12:31 - 00086812 _____ C:\Users\Tams\Downloads\1070-126-61526868.pdf

2015-12-18 12:30 - 2015-12-18 12:30 - 00086278 _____ C:\Users\Tams\Downloads\1070-126-56957259.pdf

2015-12-16 09:51 - 2015-12-16 09:51 - 00000000 ____D C:\Users\Tams\AppData\Local\SkinSoft

2015-12-16 09:50 - 2015-12-16 09:50 - 00000000 _____ C:\Windows\SysWOW64\${FILE_SN_DLL}

2015-12-16 09:48 - 2015-12-16 09:48 - 00000000 ____D C:\Users\Tams\AppData\Roaming\Convert Audio Free

2015-12-16 09:47 - 2015-12-16 09:50 - 00000000 ____D C:\Users\Tams\AppData\Roaming\Wow_com

2015-12-16 09:47 - 2015-12-16 09:46 - 13873613 _____ (Convert Audio Free) C:\Users\Tams\Downloads\ringtonemaker_setup [1].exe

2015-12-16 09:44 - 2015-12-16 09:45 - 03317248 _____ C:\Users\Tams\Downloads\Ringtone-Maker_1240.msi

2015-12-14 13:30 - 2015-12-14 13:30 - 00071921 _____ C:\Users\Tams\Downloads\LoadConfirmation891346.pdf

2015-12-14 08:27 - 2015-12-14 08:27 - 00071923 _____ C:\Users\Tams\Downloads\LoadConfirmation891858.pdf

2015-12-13 23:59 - 2015-12-13 23:59 - 00980175 _____ C:\Users\Tams\AppData\Local\Ringtone-Maker_1240.rar

2015-12-11 13:52 - 2015-12-11 13:52 - 00000000 ____D C:\Users\Tams\AppData\Local\{6C1CDB57-48C8-4624-B430-27D516555632}

2015-12-09 19:11 - 2015-12-09 19:11 - 00293262 _____ C:\Users\Tams\Downloads\Recipes - Red Velvet Cake with Buttercream Frosting.pdf

2015-12-08 22:18 - 2015-12-08 22:18 - 00002786 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC

2015-12-08 22:18 - 2015-12-08 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-12-08 22:17 - 2015-12-08 22:18 - 00000000 ____D C:\Program Files\CCleaner

2015-12-08 22:15 - 2015-12-08 22:18 - 06801752 _____ (Piriform Ltd) C:\Users\Tams\Downloads\ccsetup512 (1).exe

2015-12-08 22:15 - 2015-12-08 22:17 - 06801752 _____ (Piriform Ltd) C:\Users\Tams\Downloads\ccsetup512.exe

2015-12-08 11:25 - 2015-12-08 11:25 - 00236048 _____ C:\Users\Tams\Documents\Scan0003.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-04 17:22 - 2015-10-06 13:17 - 00000904 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job

2016-01-04 17:22 - 2009-07-13 22:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2016-01-04 17:22 - 2009-07-13 22:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2016-01-04 17:19 - 2007-07-11 19:48 - 00000000 ____D C:\Windows

2016-01-04 17:14 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf

2016-01-04 17:12 - 2015-10-06 13:17 - 00000000 ____D C:\Users\Tams\AppData\Local\Dropbox

2016-01-04 17:12 - 2015-10-06 13:17 - 00000000 ____D C:\Program Files (x86)\Dropbox

2016-01-04 17:12 - 2012-03-13 04:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information

2016-01-04 16:17 - 2015-04-06 06:16 - 00000000 ____D C:\Program Files (x86)\Coupons

2016-01-04 14:22 - 2015-10-06 13:17 - 00000900 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

2016-01-04 12:39 - 2009-07-13 23:13 - 00727182 _____ C:\Windows\system32\PerfStringBackup.INI

2016-01-04 12:32 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-01-04 12:09 - 2015-09-29 08:49 - 00000000 ____D C:\Windows\Minidump

2016-01-04 12:09 - 2015-07-10 15:52 - 00000000 ____D C:\Users\Tams\AppData\Local\CrashDumps

2016-01-04 11:46 - 2015-10-15 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-01-04 10:20 - 2015-04-05 15:50 - 00000000 ____D C:\Program Files (x86)\Google

2016-01-03 12:12 - 2015-04-05 15:49 - 00000000 ____D C:\Users\Tams\AppData\Local\Deployment

2016-01-03 08:14 - 2015-04-06 06:23 - 00000000 ____D C:\Program Files (x86)\TeamViewer

2015-12-21 14:15 - 2012-03-13 04:19 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

2015-12-21 14:15 - 2012-03-13 04:19 - 00000000 ____D C:\Program Files (x86)\Acer

2015-12-21 14:14 - 2015-05-26 09:22 - 00000000 ____D C:\Users\Tams\AppData\Local\clear.fi

2015-12-20 14:07 - 2015-10-15 10:32 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-12-20 14:07 - 2015-10-15 10:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-12-20 14:07 - 2015-04-06 11:42 - 00000000 ____D C:\Users\Tams\AppData\Local\Adobe

2015-12-20 14:04 - 2015-07-20 11:47 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent

2015-12-20 14:04 - 2012-03-13 04:27 - 00000000 ____D C:\ProgramData\oem

2015-12-20 13:57 - 2015-04-05 15:41 - 00000000 ____D C:\Users\Tams

2015-12-18 17:11 - 2015-06-03 12:55 - 00000000 ____D C:\Users\Tams\AppData\Local\Windows Live

2015-12-18 15:50 - 2015-04-06 06:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons

2015-12-14 12:16 - 2015-04-05 16:22 - 00000000 ____D C:\Users\Tams\Desktop\Documents and stuff

2015-12-10 00:26 - 2015-05-16 09:39 - 00000000 ____D C:\Users\Tams\AppData\Roaming\SoftGrid Client

2015-12-08 22:21 - 2015-11-11 19:44 - 00000000 ____D C:\Users\Tams\AppData\Roaming\PhotoScape

2015-12-08 22:21 - 2015-10-31 16:58 - 00000000 ____D C:\ProgramData\BlueStacksSetup

2015-12-08 22:21 - 2012-03-13 04:36 - 00000000 ____D C:\Program Files (x86)\CyberLink

2015-12-08 22:20 - 2007-07-11 19:49 - 00000000 ____D C:\Windows\Panther

2015-12-08 22:12 - 2015-02-18 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Barnes & Noble

2015-12-08 22:12 - 2015-02-18 20:51 - 00000000 ____D C:\Program Files (x86)\Barnes & Noble

==================== Files in the root of some directories =======

2015-12-13 23:59 - 2015-12-13 23:59 - 0980175 _____ () C:\Users\Tams\AppData\Local\Ringtone-Maker_1240.rar

2015-04-06 06:14 - 2015-04-06 06:14 - 0000057 _____ () C:\ProgramData\Ament.ini

2015-02-18 20:47 - 2015-02-18 20:50 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log

2015-02-18 20:49 - 2015-02-18 20:49 - 0000032 _____ () C:\ProgramData\PS.log

Some files in TEMP:

====================

C:\Users\Tams\AppData\Local\Temp\AcerDocsSetup.exe

C:\Users\Tams\AppData\Local\Temp\_isE87F.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-12-30 15:28

==================== End of FRST.txt ============================

Edited by ColtsFan18, 07 January 2016 - 02:08 PM.

#2
emeraldnzl

Posted 07 January 2016 - 08:01 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Hello ColtsFan18,

Have you tried checking Chromes settings?

I don't use Chrome but I did find a reference that might help you. See the link below and see if that helps:

https://productforum...ome/4gN9xVSB1FU

If that doesn't help

Just resetting Chrome doesn't always work. If there is an anomally or deep infection then you really need a full uninstall and reinstall, see below:

To do a full Chrome Uninstall

First, you might like to backup your bookmarks. Go to the link below to learn how to export Chrome's bookmarks. You can save them somewhere you can find them and import them back to Chrome when you reinstall.

https://support.goog...wer/96816?hl=en

Step 2

Go to the link below for instructions to uninstall Google Chrome. Use the Windows instructions for Windows Vista/ Windows 7/ Windows 8

https://support.goog...wer/95319?hl=en

Note: To completely uninstall you must remove your profile information so make sure you tick the "Also delete your browsing data" check box.

Step 3

Download and reinstall Google Chrome.

Come back and tell me if there is any change.

Also

Are you aware of the program TeamViewer on you machine?

#3
ColtsFan18

Posted 07 January 2016 - 08:11 PM

Member

Topic Starter
Member
389 posts

I have done all of this prior to starting the thread here, I see I neglected to post that I did do a full Chrome uninstall and reinstall. And yes, I'm aware of Team Viewer, I use it often with 2 clients... it has never given me an issue in the past, but I'm guessing you think it could be a problem...

Edited by ColtsFan18, 07 January 2016 - 08:13 PM.

#4
emeraldnzl

Posted 07 January 2016 - 09:29 PM

GeekU Instructor

GeekU Moderator
20,051 posts

I use it often with 2 clients... it has never given me an issue in the past, but I'm guessing you think it could be a problem...

No it's a useful and legitimate program but it is sometimes used for malicious purposes to gain access to the victims computer. Just wanted to make sure you were aware of it. Those foreigners that telephone posing as Microsoft engineers use it for example.

I did do a full Chrome uninstall and reinstall.

Let's see if this will make a difference then:

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

Close any open browsers.
Temporarily disable your AntiVirus program. (If necessary)
If you downloaded the zip version double click zoek.zip
Double click on zoek.exe to run.
Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up.
Copy the text below and paste it into the large window in the zoek tool:

CHRDefaults;
EmptyAllTemp;
AutoClean;

Click on Run script button
Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

#5
ColtsFan18

Posted 07 January 2016 - 10:11 PM

Member

Topic Starter
Member
389 posts

Thank you for the additional info on Team Viewer. Is it best to install it when it's needed and uninstall it when it's not? Because that's totally doable to keep things safe. I assumed that if I logged off and closed the application that it would be OK to leave on the machine when not in use...

At any rate, here is the Zoek scan log:

Zoek.exe v5.0.0.1 Updated 31-December-2015

Tool run by Tams on Thu 01/07/2016 at 21:37:39.35.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Tams\Downloads\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

1/7/2016 9:39:26 PM Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Barnes & Noble deleted successfully

C:\PROGRA~3\Evernote deleted successfully

C:\Users\Tams\AppData\Roaming\PhotoScape deleted successfully

C:\Users\Tams\AppData\Roaming\TP deleted successfully

C:\Users\Tams\AppData\Roaming\Windows Live Writer deleted successfully

C:\Users\Tams\AppData\Roaming\Wow_com deleted successfully

C:\Users\Tams\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McAfee SiteAdvisor Service deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\McAfee SiteAdvisor Service deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Barnes & Noble not found

C:\install.exe deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons deleted

C:\Windows\wininit.ini deleted

C:\Windows\SysNative\config\systemprofile\Searches deleted

C:\Windows\Syswow64\shoC9C.tmp deleted

"C:\PROGRA~2\Coupons\CouponPrinterService.exe" deleted

"C:\PROGRA~2\Coupons" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default

user_pref("browser.startup.homepage", "www.google.com");

user_pref("browser.search.defaultenginename.US", "Google");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Tams\AppData\Roaming\Mozilla\Firefox\Profiles\oiobye5v.default

5DF56521E8985BFD8F21A3D97A4D4574 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll - Shockwave Flash

==== Chromium Look ======================

Blur - Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd

feeder - Tams\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp

==== Chromium Fix ======================

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://us.wow.com/?n...yEyCtCtBzyzzyE"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://us.wow.com/?n...yEyCtCtBzyzzyE"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/...rc=IE-SearchBox

HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/...rc=IE-SearchBox

HKCU\SearchScopes "DefaultScope"="{082D6C62-5D86-4FC4-8FC7-765B79181466}"

HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.co...q={searchTerms}

HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value

HKCU\SearchScopes\{082D6C62-5D86-4FC4-8FC7-765B79181466} - https://www.google.c...q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tams\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Tams\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Tams\AppData\Local\Mozilla\Firefox\Profiles\oiobye5v.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Tams\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=38 folders=4 8875722 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Tams\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Tams\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Coupons" not found

==== EOF on Thu 01/07/2016 at 22:08:21.40 ======================

#6
emeraldnzl

Posted 07 January 2016 - 10:53 PM

GeekU Instructor

GeekU Moderator
20,051 posts

I assumed that if I logged off and closed the application that it would be OK to leave on the machine when not in use...

It's as safe as any other program. In normal course it is not a problem.

Moving on

How is Chrome now?

#7
ColtsFan18

Posted 07 January 2016 - 11:12 PM

Member

Topic Starter
Member
389 posts

I appear to be working fine now but I don't trust i.. Can we keep this topic open for a couple days?I gotta get some sleep,we'll catch uptomorrow

#8
emeraldnzl

Posted 07 January 2016 - 11:18 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Can we keep this topic open for a couple days?

Sure we can. :cool:

I gotta get some sleep,we'll catch uptomorrow

Look forward to it.

When we are happy I will give you some instructions to remove the tool we have been using.

#9
ColtsFan18

Posted 08 January 2016 - 10:35 AM

Member

Topic Starter
Member
389 posts

So far so good this morning... I'll touch base again this afternoon. Would it be possible to take a quick look at why Adobe Shockwave crashes regularly? I check the settings (now that I can access them) and I don't have 2 different applications running, it's up to date, etc....

Edited by ColtsFan18, 08 January 2016 - 10:54 AM.

#10
ColtsFan18

Posted 08 January 2016 - 12:03 PM

Member

Topic Starter
Member
389 posts

I knew it!! It's back to what it was doing before. I thought it might have been the wireless mouse so I switched to a USB mouse and even tried it without a mouse and just used the touchpad and it's back to tab killing. I click on a link and a new tab opens, I click on the new tab and it closes.

#11
emeraldnzl

Posted 08 January 2016 - 01:20 PM

GeekU Instructor

GeekU Moderator
20,051 posts

I don't think this is a malware problem although it was interesting that it seemed to go albeit for a short while, after the Zoek cleanup

Have you got another keyboard you can try? Sometimes if the Ctrl is pressed inadvertently it will cause strange things to happen. Could it be that your keyboard has a fault?

Adobe Shockwave crashes regularly?

Are you referring to it crashing in Firefox?

#12
ColtsFan18

Posted 08 January 2016 - 02:26 PM

Member

Topic Starter
Member
389 posts

Have you got another keyboard you can try? Sometimes if the Ctrl is pressed inadvertently it will cause strange things to happen. Could it be that your keyboard

I can't really change the keyboard since it's a laptop. However, I can pop the keys and make sure there isn't anything under a control key jamming it up...

Are you referring to it crashing in Firefox?

The Shockwave crashes in Chrome. I only use FF or IE when absolutely necessary.

I don't think this is a malware problem although it was interesting that it seemed to go albeit for a short while, after the Zoek cleanup

This is how this thing has run the whole time. It improves for a short period after a scan then goes back to giving me grief.

#13
ColtsFan18

Posted 08 January 2016 - 02:38 PM

Member

Topic Starter
Member
389 posts

OK, I just popped the control keys (and the Alt keys for safe measure) and cleaned some cat hair and crumbs out that I thought MIGHT have been an issue but it's still killing tabs. I really thought that might have been the issue but its abundantly clear that my machine hates me. After all I've done for it

#14
emeraldnzl

Posted 08 January 2016 - 05:29 PM

GeekU Instructor

GeekU Moderator
20,051 posts

Yep it does seem it doesn't like you lol.

I don't believe this is a malware issue. We will remove the tools we have been using and then you can open a topic in the Web Browser forum and see if anyone there has a solution.

Now

To clear away the tools we have been using download Delfix from here. You will be taken to the download page. Just wait and shortly the download will appear.

Put a check (tick) in the following boxes:

Remove disinfection tools
Purge System Restore
Reset System Settings

Then click Run

The tool will run for a short time. When completed a notepad window will open with a log. Please copy and paste the log back here.

Any remaining tools may be deleted.

#15
ColtsFan18

Posted 09 January 2016 - 10:51 AM

Member

Topic Starter
Member
389 posts

Done. Here is the scan log.

# DelFix v1.011 - Logfile created 09/01/2016 at 10:48:06

# Updated 18/08/2015 by Xplode

# Username : Tams - TAMS-PC

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST

Deleted : C:\zoek_backup

Deleted : C:\zoek-results.log

Deleted : C:\Users\Tams\Downloads\Addition.txt

Deleted : C:\Users\Tams\Downloads\esetsmartinstaller_enu.exe

Deleted : C:\Users\Tams\Downloads\FRST.exe

Deleted : C:\Users\Tams\Downloads\FRST.txt

Deleted : C:\Users\Tams\Downloads\FRST64 (1).exe

Deleted : C:\Users\Tams\Downloads\FRST64 (2).exe

Deleted : C:\Users\Tams\Downloads\FRST64.exe

Deleted : C:\Users\Tams\Downloads\HijackThis (1).exe

Deleted : C:\Users\Tams\Downloads\HijackThis.exe

Deleted : C:\Users\Tams\Downloads\hijackthis.log

Deleted : C:\Users\Tams\Downloads\zoek (1).exe

Deleted : C:\Users\Tams\Downloads\zoek.exe

Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #84 [Windows Update | 12/23/2015 19:23:39]

Deleted : RP #85 [Windows Update | 12/28/2015 18:58:12]

Deleted : RP #86 [Windows Update | 01/01/2016 21:15:23]

Deleted : RP #87 [Removed Microsoft Office 2010 | 01/03/2016 18:10:04]

Deleted : RP #88 [Removed Content Manager | 01/04/2016 23:11:50]

Deleted : RP #89 [Removed Evernote v. 5.8.6 | 01/04/2016 23:12:53]

Deleted : RP #90 [Removed LG VZW United Drivers. | 01/04/2016 23:14:16]

Deleted : RP #91 [Windows Update | 01/06/2016 18:11:13]

Deleted : RP #92 [zoek.exe restore point | 01/08/2016 03:39:12]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

I have started a topic in the web browser forum. Is that just a peer to peer forum or are there techs there?

Back to Virus, Spyware, Malware Removal · Next Unread Topic →

As Featured On:

Geeks to Go Forum 343,318 topics
Quick Links FAQ Malware Cleaning Guide How it Works
Downloads 2+ million

View New Content

Google Chrome tabs disappearing [Solved]

#1
ColtsFan18

Posted 04 January 2016 - 05:07 PM

Advertisements

#2
emeraldnzl

Posted 07 January 2016 - 08:01 PM

#3
ColtsFan18

Posted 07 January 2016 - 08:11 PM

#4
emeraldnzl

Posted 07 January 2016 - 09:29 PM

#5
ColtsFan18

Posted 07 January 2016 - 10:11 PM

#6
emeraldnzl

Posted 07 January 2016 - 10:53 PM

#7
ColtsFan18

Posted 07 January 2016 - 11:12 PM

#8
emeraldnzl

Posted 07 January 2016 - 11:18 PM

#9
ColtsFan18

Posted 08 January 2016 - 10:35 AM

#10
ColtsFan18

Posted 08 January 2016 - 12:03 PM

Advertisements

#11
emeraldnzl

Posted 08 January 2016 - 01:20 PM

#12
ColtsFan18

Posted 08 January 2016 - 02:26 PM

#13
ColtsFan18

Posted 08 January 2016 - 02:38 PM

#14
emeraldnzl

Posted 08 January 2016 - 05:29 PM

#15
ColtsFan18

Posted 09 January 2016 - 10:51 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Google Chrome tabs disappearing [Solved]

#1 ColtsFan18 Posted 04 January 2016 - 05:07 PM

Advertisements

#2 emeraldnzl Posted 07 January 2016 - 08:01 PM

#3 ColtsFan18 Posted 07 January 2016 - 08:11 PM

#4 emeraldnzl Posted 07 January 2016 - 09:29 PM

#5 ColtsFan18 Posted 07 January 2016 - 10:11 PM

#6 emeraldnzl Posted 07 January 2016 - 10:53 PM

#7 ColtsFan18 Posted 07 January 2016 - 11:12 PM

#8 emeraldnzl Posted 07 January 2016 - 11:18 PM

#9 ColtsFan18 Posted 08 January 2016 - 10:35 AM

#10 ColtsFan18 Posted 08 January 2016 - 12:03 PM

Advertisements

#11 emeraldnzl Posted 08 January 2016 - 01:20 PM

#12 ColtsFan18 Posted 08 January 2016 - 02:26 PM

#13 ColtsFan18 Posted 08 January 2016 - 02:38 PM

#14 emeraldnzl Posted 08 January 2016 - 05:29 PM

#15 ColtsFan18 Posted 09 January 2016 - 10:51 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
ColtsFan18

Posted 04 January 2016 - 05:07 PM

#2
emeraldnzl

Posted 07 January 2016 - 08:01 PM

#3
ColtsFan18

Posted 07 January 2016 - 08:11 PM

#4
emeraldnzl

Posted 07 January 2016 - 09:29 PM

#5
ColtsFan18

Posted 07 January 2016 - 10:11 PM

#6
emeraldnzl

Posted 07 January 2016 - 10:53 PM

#7
ColtsFan18

Posted 07 January 2016 - 11:12 PM

#8
emeraldnzl

Posted 07 January 2016 - 11:18 PM

#9
ColtsFan18

Posted 08 January 2016 - 10:35 AM

#10
ColtsFan18

Posted 08 January 2016 - 12:03 PM

#11
emeraldnzl

Posted 08 January 2016 - 01:20 PM

#12
ColtsFan18

Posted 08 January 2016 - 02:26 PM

#13
ColtsFan18

Posted 08 January 2016 - 02:38 PM

#14
emeraldnzl

Posted 08 January 2016 - 05:29 PM

#15
ColtsFan18

Posted 09 January 2016 - 10:51 AM