Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome just shut down by itself?

virus google tabs

  • Please log in to reply

#16
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
Ran by Alanna (administrator) on HEMPANATOR (01-06-2016 00:10:18)
Running from C:\Users\Alanna\Downloads
Loaded Profiles: Alanna (Available Profiles: Alanna)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\FUJ02E3\FUJ02E3.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\PSUService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\nst.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\PSUtility\TrayManager.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Flux Software LLC) C:\Users\Alanna\AppData\Local\FluxSoftware\Flux\flux.exe
(© 2015 Microsoft Corporation) C:\Users\Alanna\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\FUJITSU\Plugfree NETWORK\PFNTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS_SWVOL] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-23] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [349000 2016-02-02] (FUJITSU LIMITED)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-30] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Facebook Update] => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-03] (Facebook Inc.)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [51656320 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [f.lux] => C:\Users\Alanna\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Run: [BingSvc] => C:\Users\Alanna\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {59557de8-0498-11e5-829c-681729d24acd} - "F:\Startme.exe" 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {5bcd9483-d6fc-11e5-82b2-681729d24acd} - "D:\Startme.exe" 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {989ccea9-b855-11e3-826f-681729d24acd} - "D:\Startme.exe" 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-30] (AVAST Software)
Startup: C:\Users\Alanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-09-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{7BA37EAC-A21F-42CA-9DDA-F3532474E1F2}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK216&ocid=SK216DHP&osmkt=en-gb
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://fujitsu13.msn.com/?pc=FSJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> DefaultScope {95DB76ED-8DBB-4160-8973-D1EB4497AC13} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2581172181-3245553297-1029845820-1001 -> {95DB76ED-8DBB-4160-8973-D1EB4497AC13} URL = hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q={searchTerms}&src=IE-SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-30] (AVAST Software)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-30] (AVAST Software)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-01] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-01] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Alanna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-2581172181-3245553297-1029845820-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-04-21] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-30]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2016-05-31]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-08-31]
CHR Extension: (Google Docs) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Docs Offline) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (AdBlock) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-05-29]
CHR Extension: (Skype) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Norton Security Toolbar) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-08-07]
CHR Extension: (Gmail) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-07]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-05-30]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [86872 2013-08-02] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-30] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [74448 2013-07-18] (FUJITSU LIMITED)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2219520 2013-07-12] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\FUJITSU\PSUtility\PSUService.exe [51608 2013-08-19] (FUJITSU LIMITED)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-30] (AVAST Software)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-02-05] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [20176 2013-08-09] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\drivers\FUJ02B1.sys [33096 2016-02-02] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\drivers\FUJ02E3.sys [21200 2013-08-12] (FUJITSU LIMITED)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SNP2UVC; C:\Windows\system32\DRIVERS\snp2uvc.sys [1812760 2013-08-12] (Sonix Co. Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-05-31 22:08 - 2016-05-31 22:20 - 00000000 ____D C:\AVG_Remover
2016-05-31 22:07 - 2016-05-31 22:07 - 08065568 _____ ( ) C:\Users\Alanna\Downloads\AVG_Remover.exe
2016-05-31 14:32 - 2016-05-31 14:32 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Alanna\Downloads\procexp (1).exe
2016-05-30 16:12 - 2016-05-30 16:12 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Alanna\Downloads\avg_remover_stf_x86_2011_1184 (2).exe
2016-05-30 15:33 - 2016-05-30 15:33 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\Alanna\Downloads\procexp.exe
2016-05-30 15:03 - 2016-05-30 15:03 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-05-30 15:03 - 2016-05-30 15:03 - 00003894 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1464617027
2016-05-30 15:03 - 2016-05-30 15:03 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-05-30 15:03 - 2016-05-30 15:03 - 00001060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-05-30 15:00 - 2016-05-30 15:00 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-30 15:00 - 2016-05-30 15:00 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\AVAST Software
2016-05-30 15:00 - 2016-05-30 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-30 14:59 - 2016-05-30 14:59 - 00003924 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-30 14:59 - 2016-05-30 14:59 - 00000000 ____D C:\windows\System32\Tasks\AVAST Software
2016-05-30 14:59 - 2016-05-30 14:58 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-05-30 14:59 - 2016-05-30 14:58 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-05-30 14:58 - 2016-05-30 14:58 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-05-30 14:58 - 2016-05-30 14:58 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-05-30 14:56 - 2016-05-30 15:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-05-30 14:56 - 2016-05-30 15:03 - 00000000 ____D C:\Program Files\AVAST Software
2016-05-30 14:55 - 2016-05-30 14:55 - 05066104 _____ (AVAST Software) C:\Users\Alanna\Downloads\avast_free_antivirus_setup_online_cnet2 (3).exe
2016-05-30 09:51 - 2016-05-30 09:51 - 05066104 _____ (AVAST Software) C:\Users\Alanna\Downloads\avast_free_antivirus_setup_online_cnet2 (2).exe
2016-05-30 09:51 - 2016-05-30 09:51 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Alanna\Downloads\avg_remover_stf_x86_2011_1184 (1).exe
2016-05-30 09:41 - 2016-05-30 09:41 - 05066104 _____ (AVAST Software) C:\Users\Alanna\Downloads\avast_free_antivirus_setup_online_cnet2 (1).exe
2016-05-30 09:41 - 2016-05-30 09:41 - 01090912 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Alanna\Downloads\avg_remover_stf_x86_2011_1184.exe
2016-05-30 09:28 - 2016-05-30 09:28 - 05066104 _____ (AVAST Software) C:\Users\Alanna\Downloads\avast_free_antivirus_setup_online_cnet2.exe
2016-05-30 09:28 - 2016-05-30 09:28 - 00894960 _____ C:\Users\Alanna\Downloads\Norton_Removal_Tool.exe
2016-05-29 22:16 - 2016-05-29 22:20 - 00040533 _____ C:\Users\Alanna\Downloads\Addition.txt
2016-05-29 22:14 - 2016-06-01 00:10 - 00028215 _____ C:\Users\Alanna\Downloads\FRST.txt
2016-05-29 22:14 - 2016-06-01 00:10 - 00000000 ____D C:\FRST
2016-05-29 22:14 - 2016-05-29 22:14 - 02383872 _____ (Farbar) C:\Users\Alanna\Desktop\FRST64.exe
2016-05-29 22:12 - 2016-05-29 22:12 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (2).exe
2016-05-29 22:10 - 2016-05-29 22:10 - 00003071 _____ C:\Users\Alanna\Desktop\JRT.txt
2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Downloads\JRT.exe
2016-05-29 22:04 - 2016-05-29 22:04 - 01610816 _____ (Malwarebytes) C:\Users\Alanna\Desktop\JRT.exe
2016-05-29 22:02 - 2016-05-29 22:03 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner (1).exe
2016-05-29 21:45 - 2016-05-29 21:50 - 00000000 ____D C:\AdwCleaner
2016-05-29 19:41 - 2016-05-29 19:42 - 03678272 _____ C:\Users\Alanna\Downloads\AdwCleaner.exe
2016-05-29 10:27 - 2016-05-29 10:27 - 00602112 _____ (OldTimer Tools) C:\Users\Alanna\Downloads\OTL.scr
2016-05-28 09:00 - 2016-05-28 09:02 - 115953736 _____ C:\Users\Alanna\Downloads\AlejandroAravena_2014G-480p.mp4
2016-05-26 20:07 - 2016-05-26 20:07 - 00688913 _____ C:\Users\Alanna\Downloads\james (@niandraIades) _ Twitter.html
2016-05-23 08:04 - 2016-05-23 08:04 - 01311642 _____ C:\Users\Alanna\Downloads\ebook_the_monk_who_sold_his_ferrari_robin_s_sharma.pdf
2016-05-23 07:51 - 2016-05-31 22:42 - 00004970 _____ C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for HEMPANATOR-Alanna hempanator
2016-05-15 15:36 - 2016-05-15 15:36 - 20603894 _____ C:\Users\Alanna\Downloads\Results Day..mp4
2016-05-15 12:00 - 2016-05-15 12:00 - 00551424 _____ C:\Users\Alanna\Downloads\8. Formation of a depression.ppt
2016-05-15 01:00 - 2016-05-15 01:00 - 00157989 _____ C:\Users\Alanna\Downloads\property-33952917.html
2016-05-10 22:37 - 2016-04-22 21:54 - 25816576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-10 22:37 - 2016-04-22 21:15 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-10 22:37 - 2016-04-22 21:14 - 02893312 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-10 22:37 - 2016-04-22 21:08 - 06052864 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-10 22:37 - 2016-04-22 21:06 - 20349952 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-05-10 22:37 - 2016-04-22 21:00 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-10 22:37 - 2016-04-22 20:35 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-05-10 22:37 - 2016-04-22 20:29 - 02285568 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-05-10 22:37 - 2016-04-22 20:24 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2016-05-10 22:37 - 2016-04-22 20:23 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-05-10 22:37 - 2016-04-22 20:19 - 15414784 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-10 22:37 - 2016-04-22 20:17 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-10 22:37 - 2016-04-22 20:14 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-10 22:37 - 2016-04-22 20:14 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-10 22:37 - 2016-04-22 20:14 - 00379392 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-10 22:37 - 2016-04-22 20:12 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-10 22:37 - 2016-04-22 19:58 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-05-10 22:37 - 2016-04-22 19:58 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2016-05-10 22:37 - 2016-04-22 19:54 - 13811200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-05-10 22:37 - 2016-04-22 19:53 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-05-10 22:37 - 2016-04-22 19:52 - 00330752 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-05-10 22:37 - 2016-04-22 19:51 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-05-10 22:37 - 2016-04-22 19:40 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-10 22:37 - 2016-04-22 19:29 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-10 22:37 - 2016-04-22 19:27 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-05-10 22:37 - 2016-04-22 19:24 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-05-10 22:37 - 2016-04-22 19:23 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-05-10 22:35 - 2016-04-06 22:13 - 00561960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2016-05-10 22:35 - 2016-04-06 22:13 - 00137976 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-10 22:35 - 2016-04-06 19:20 - 00201728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-10 22:35 - 2016-04-06 19:19 - 00401920 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-10 22:35 - 2016-04-06 19:19 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-10 22:35 - 2016-04-06 18:49 - 00120384 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-10 22:35 - 2016-04-06 18:40 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-10 22:35 - 2016-04-06 17:57 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-10 22:35 - 2016-04-06 17:52 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-10 22:35 - 2016-04-06 17:20 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-10 22:35 - 2016-04-06 16:48 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-10 22:35 - 2016-03-31 07:50 - 01307328 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-10 22:35 - 2016-03-31 04:40 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-10 22:34 - 2016-04-10 08:48 - 00738096 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-10 22:34 - 2016-04-10 08:48 - 00613624 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-10 22:34 - 2016-04-10 05:21 - 01763376 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-10 22:34 - 2016-04-10 05:21 - 01489088 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-10 22:34 - 2016-04-10 05:14 - 01380600 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-10 22:34 - 2016-04-09 23:07 - 01097728 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-10 22:34 - 2016-04-09 22:58 - 00534016 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.dll
2016-05-10 22:34 - 2016-04-09 22:50 - 00375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.dll
2016-05-10 22:34 - 2016-03-29 02:42 - 07446368 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-10 22:34 - 2016-02-11 21:17 - 01737088 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-10 22:34 - 2016-02-11 21:17 - 01663184 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-10 22:34 - 2016-02-11 21:17 - 01523208 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2016-05-10 22:34 - 2016-02-11 21:17 - 01490120 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-10 22:34 - 2016-02-11 21:17 - 01358952 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2016-05-10 22:34 - 2016-02-11 21:16 - 01501488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-10 22:34 - 2016-02-09 19:07 - 00246784 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2016-05-10 22:33 - 2016-04-11 07:21 - 00074584 ____C (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
2016-05-10 22:33 - 2016-04-10 06:37 - 01549144 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-10 22:33 - 2016-04-10 00:29 - 04169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-08 10:51 - 2016-05-08 10:51 - 00025768 _____ C:\Users\Alanna\Downloads\Ch62nUBWwAsSCBE.jpg-large
2016-05-02 01:25 - 2016-05-02 01:25 - 01505408 _____ (Skype Technologies S.A.) C:\Users\Alanna\Downloads\SkypeSetup (1).exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-06-01 00:03 - 2013-12-22 22:41 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{D5FDDAAA-1C49-44B1-B641-7EF4732B44A2}
2016-05-31 23:55 - 2013-12-23 01:05 - 00000928 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-31 23:49 - 2015-06-16 17:12 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\Skype
2016-05-31 22:52 - 2013-09-02 08:32 - 00338280 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-31 22:52 - 2013-08-22 14:36 - 00000000 ____D C:\windows\Inf
2016-05-31 22:37 - 2013-12-22 22:36 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2581172181-3245553297-1029845820-1001
2016-05-31 22:31 - 2013-12-22 22:33 - 00000000 ____D C:\Users\Alanna\Documents\Youcam
2016-05-31 22:30 - 2013-12-23 01:05 - 00000924 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-31 22:30 - 2013-12-22 22:33 - 00000000 ___DO C:\Users\Alanna\SkyDrive
2016-05-31 22:22 - 2013-08-22 15:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-31 22:21 - 2013-08-22 14:25 - 00524288 ___SH C:\windows\system32\config\BBI
2016-05-31 22:18 - 2016-02-18 15:31 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\AVG
2016-05-31 22:18 - 2016-02-18 15:19 - 00000000 ____D C:\ProgramData\Avg
2016-05-31 22:18 - 2015-02-09 20:38 - 00000000 ____D C:\Program Files (x86)\AVG
2016-05-31 22:18 - 2014-05-03 19:13 - 00000954 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job
2016-05-31 19:18 - 2014-05-03 19:13 - 00000932 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job
2016-05-31 07:49 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-31 07:49 - 2013-08-22 16:36 - 00000000 ____D C:\windows\AppReadiness
2016-05-30 20:42 - 2014-09-02 09:25 - 00000000 ____D C:\Users\Alanna\AppData\Local\CrashDumps
2016-05-30 18:37 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\Norton
2016-05-30 15:40 - 2015-06-17 11:02 - 00000000 ____D C:\Program Files\Common Files\AV
2016-05-30 15:40 - 2015-05-30 10:26 - 00000000 ____D C:\Users\Alanna\AppData\Local\Avg
2016-05-30 15:40 - 2014-06-02 21:18 - 00000000 ____D C:\ProgramData\MFAData
2016-05-30 15:37 - 2013-08-22 16:36 - 00000000 ___HD C:\windows\ELAMBKUP
2016-05-30 09:30 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-05-30 09:30 - 2014-08-16 17:17 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-05-30 06:57 - 2015-08-07 15:55 - 00000000 ____D C:\windows\System32\Tasks\Remediation
2016-05-29 21:59 - 2013-08-22 14:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2016-05-28 02:53 - 2015-06-16 17:12 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-27 20:40 - 2013-12-22 22:30 - 00000000 ____D C:\Users\Alanna\AppData\Local\Packages
2016-05-26 20:15 - 2014-03-21 18:16 - 00305767 _____ C:\Users\Alanna\Downloads\lol.jpeg
2016-05-14 09:30 - 2013-08-22 16:20 - 00000000 ____D C:\windows\CbsTemp
2016-05-14 05:10 - 2013-08-22 16:36 - 00000000 ____D C:\windows\rescache
2016-05-14 00:16 - 2013-08-22 15:44 - 05101432 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-12 23:57 - 2015-12-13 17:26 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-12 23:57 - 2013-12-23 01:07 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 21:08 - 2014-09-15 18:00 - 00829944 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:08 - 2014-09-15 18:00 - 00176632 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 01:50 - 2013-12-23 01:05 - 00003900 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 01:50 - 2013-12-23 01:05 - 00003664 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-10 23:35 - 2013-08-22 21:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-10 23:34 - 2013-12-27 17:50 - 00000000 ____D C:\windows\system32\MRT
2016-05-10 23:04 - 2013-12-27 17:50 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\SysWOW64\en-GB
2016-05-10 23:04 - 2013-08-22 16:36 - 00000000 ____D C:\windows\system32\en-GB
2016-05-02 01:28 - 2015-06-16 17:12 - 00000000 ____D C:\ProgramData\Skype
 
==================== Files in the root of some directories =======
 
2013-09-07 18:56 - 2013-09-07 18:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\Alanna\AppData\Local\Temp\avguirn_081703364145.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_0858788724.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_08909684095.exe
C:\Users\Alanna\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\Alanna\AppData\Local\Temp\BSvcUpdater.exe
C:\Users\Alanna\AppData\Local\Temp\libeay32.dll
C:\Users\Alanna\AppData\Local\Temp\msvcr120.dll
C:\Users\Alanna\AppData\Local\Temp\procexp (1)64.exe
C:\Users\Alanna\AppData\Local\Temp\procexp64.exe
C:\Users\Alanna\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alanna\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-05-24 00:52
 
==================== End of FRST.txt ============================

  • 0

Advertisements


#17
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Ran by Alanna (2016-06-01 00:12:05)
Running from C:\Users\Alanna\Downloads
Windows 8.1 (Update) (X64) (2013-12-22 21:29:44)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2581172181-3245553297-1029845820-500 - Administrator - Disabled)
Alanna (S-1-5-21-2581172181-3245553297-1029845820-1001 - Administrator - Enabled) => C:\Users\Alanna
Guest (S-1-5-21-2581172181-3245553297-1029845820-501 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\Adobe Photoshop CS6) (Version: 13.0.0.0 - © The Computer Guy Tony)
Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.411.108 - ALPS ELECTRIC CO., LTD.)
Anytime USB Charge Utility (HKLM-x32\...\InstallShield_{A794229E-401E-44D4-A8B5-B21E975676DE}) (Version: 3.0.0.0 - FUJITSU LIMITED)
Anytime USB Charge Utility (Version: 3.0.0.0 - FUJITSU LIMITED) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)
AVG PC TuneUp (x32 Version: 16.32.5 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.1.831 - AVG Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MG5300 series User Registration (HKLM-x32\...\Canon MG5300 series User Registration) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.1 - Comodo)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5505.02 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3223.0 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.14.0123 - Fujitsu Technology Solutions)
Emergency Download Driver (HKLM-x32\...\{05DBF996-83D0-4C40-8D3A-A6850800BC88}) (Version: 1.1.7.1439 - Nokia)
f.lux (HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\Flux) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FJ Camera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1221.6 - Sonix)
Fujitsu BIOS Driver (HKLM-x32\...\InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}) (Version: 1.1.1.0 - FUJITSU LIMITED)
Fujitsu BIOS Driver (Version: 1.1.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version: 4.01.00.000 - FUJITSU LIMITED)
Fujitsu MobilityCenter Extension Utility (Version: 4.01.00.000 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version: 3.6.0.0 - FUJITSU LIMITED)
Fujitsu System Extension Utility (Version: 3.6.0.0 - FUJITSU LIMITED) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3282 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
LIFEBOOK Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version: 8.5.3.0 - FUJITSU LIMITED)
LIFEBOOK Application Panel (Version: 8.5.3.0 - FUJITSU LIMITED) Hidden
Lumia UEFI Blue Driver (HKLM-x32\...\{D6EEB835-5BBF-4F6B-8382-1681148D7771}) (Version: 1.1.8.1448 - Nokia)
Media Go (HKLM-x32\...\{70DB09B8-1BA5-410A-992F-1C1CE288229E}) (Version: 2.9.316 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Oovoo Toolbar (HKLM-x32\...\{4F564F32-5637-4300-76A7-A758B70C2600}) (Version: 12.38.0.3342 - APN, LLC)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 7.1.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 7.1.001 - FUJITSU LIMITED) Hidden
Pointing Device Utility (HKLM-x32\...\InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}) (Version: 2.1.0.0 - FUJITSU LIMITED)
Pointing Device Utility (Version: 2.1.0.0 - FUJITSU LIMITED) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{CB0EA768-62F2-450E-88BC-74182237F564}) (Version: 43.0.0.0 (00.002) - FUJITSU LIMITED)
Power Saving Utility (Version: 43.0.0.0 - FUJITSU LIMITED) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Shopping App by Ask (HKLM-x32\...\{4F564F32-5350-2D53-4154-A758B70C2804}) (Version: 12.40.4.174 - APN, LLC)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
The Sims 2 Glamour Life Stuff (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )
The Sims 2 Pets (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )
The Sims 2 University (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )
The Sims™ 2 Double Deluxe (HKLM-x32\...\{2D37F6AE-D201-4580-B91A-6BF9BB93ED2D}) (Version:  - Electronic Arts)
The Sims™ 2 Seasons (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - FUJITSU LIMITED (FUJ02B1) System  (06/26/2013 1.23) (HKLM\...\068FEFD9ECB0E04D17792AACEDA1D0A43CD7F82C) (Version: 06/26/2013 1.23 - FUJITSU LIMITED)
Windows Driver Package - FUJITSU LIMITED (FUJ02E3) System  (07/02/2013 1.30.1.0) (HKLM\...\39B67640DB636F6D78D660BE574C0C5DC39D08CF) (Version: 07/02/2013 1.30.1.0 - FUJITSU LIMITED)
Windows Phone Recovery Tool 2.1.1 (HKLM-x32\...\{461efced-58d4-4470-9b4b-5f2fc83704d4}) (Version: 2.1.1 - Microsoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
Wireless Radio Switch Driver (HKLM-x32\...\InstallShield_{13031CDF-00D2-4FCE-AB13-8430D8733574}) (Version: 1.1.0.0 - FUJITSU LIMITED)
Wireless Radio Switch Driver (Version: 1.1.0.0 - FUJITSU LIMITED) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06679362-3319-4285-A48F-BE6869C87050} - System32\Tasks\Fujitsu\Power Saving Utility\Fujitsu Power Saving Utility => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [2013-08-19] (FUJITSU LIMITED)
Task: {0F24E6F6-DBB4-4373-A2CD-EF8C6655D4D4} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {12B5D8F8-33B7-4DFC-B74C-431F558E8D82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {1A65726A-1312-405E-8527-68C667DB5429} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-05-30] (AVAST Software)
Task: {1A9106AE-63E3-4B7A-BA4D-69F00DC43FCE} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {1C298604-2BF7-4180-BE61-63374EBBF19F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {271A7278-F96F-4AF7-A961-63DCD604F1A9} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {2992C8A1-2151-452A-A483-3BF175E7F1E6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {2E322890-68B5-4887-9B46-39C581A3186A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {2E9829CF-F7CD-4D5B-BA6B-2DE00817224B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2581172181-3245553297-1029845820-1001
Task: {3526E9DD-3519-4E8B-844E-DD967CF33B9A} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN1S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {41B8531B-2064-4F65-9C60-92924249527E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2016-05-10] (Microsoft Corporation)
Task: {41CA72A4-0270-4692-87D5-571873AA61F6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {4FBB71F7-ED46-4778-973A-B7AC68BAA958} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {5679FD67-586B-4F0F-84A4-F0D40E5D87C9} - System32\Tasks\Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {5809F215-AEA1-4D73-A36B-2BC010D04EA8} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {59F49AC5-E36F-48EB-A2D3-1FBFDF1A4147} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupAtLogon => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {6349569C-9D87-44E6-9AD2-024C62E37D11} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN5S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {6697FAD2-9920-4793-A57E-5222C0F2E4FF} - System32\Tasks\Fujitsu\PointingDeviceUtility\ToggleIPD => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
Task: {66B55D72-4384-49B5-9597-22F2E9917EA8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {681034D0-FFDB-4421-B9D8-56F97201033B} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {7FF08932-1874-44CC-899E-E5C8DC115761} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe
Task: {8019DEFA-030D-4336-A447-CA2A0D87097A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-03] (Facebook Inc.)
Task: {8264B660-1B79-4515-AFF9-B93354206365} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {82B929E4-A212-4509-9457-5E3F85DD64C6} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {861BEA58-73C9-40DE-86EE-59376286E42A} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOff => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
Task: {95A515DD-E9A0-4D97-AC8B-36C0B47108F4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\WSCStub.exe
Task: {AE286F8B-2DC1-4CD8-ACFA-B8D26CE634E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AE9946BB-4472-4C15-BD4C-4E907145247A} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetShowNotificationOn => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
Task: {B06FCB42-E4E9-4117-AE8F-E705AD725A3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B1084C08-0AAE-4652-8BD2-7A31A271F451} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {BC761DA6-8D6A-4D3C-AF89-FBB923231171} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {BD161AB0-BC67-4902-8DC6-86977D018505} - System32\Tasks\SafeZone scheduled Autoupdate 1464617027 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {BFBD3455-D6BF-4C20-9823-5010777AF933} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-30] (AVAST Software)
Task: {C959F692-D38C-4EB7-8C1D-186F78BBA2B5} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {D2E06237-757B-4E5A-8860-A1D4606F6DA6} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HEMPANATOR-Alanna hempanator => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {DB1742CD-37E2-45F6-96FA-BC9F5CF1E409} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {DE444558-BA06-454E-8A2B-53C12B43E688} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-05-03] (Facebook Inc.)
Task: {E16C2DB5-9C96-4572-AA7A-B728427725E0} - System32\Tasks\{506166C2-25BD-4DC6-A586-4FD1EBC14569} => Chrome.exe hxxp://ui.skype.com/ui/0/7.18.0.109/en/abandoninstall?page=tsProgressBar
Task: {E28646E0-165E-4F82-AC75-80EA017CDC28} - System32\Tasks\[email protected]com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe <==== ATTENTION
Task: {EED88C77-BDE9-4EBD-BA64-7CD60BB58D18} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {F2C7465F-E637-4F2C-9C51-4A44E768C0CF} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe
Task: {F40B65F6-77C0-4785-98D3-4210B9924EA7} - System32\Tasks\Fujitsu\ApplicationPanel\BtnHndOnABN4S0 => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [2013-07-08] (FUJITSU LIMITED)
Task: {F7A843D0-42D1-48C6-B007-2D41EE12681F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {FA6D9436-FE60-4E65-80EF-30F287D3411D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {FADC7239-F6E2-4AF5-9B72-21E337E71750} - System32\Tasks\Fujitsu\PointingDeviceUtility\SetDriverIfFuj02b1DisableOnLogon => C:\Program Files\Fujitsu\PointingDeviceUtility\FJPDAutoSet.exe [2013-08-12] (FUJITSU LIMITED)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-08-26 07:34 - 2013-08-02 11:47 - 00086872 _____ () C:\Program Files\Apoint2K\HidMonitorSvc.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-26 14:41 - 2014-09-26 14:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2012-10-01 21:36 - 2012-10-01 21:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-04 01:31 - 2013-08-12 11:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-05-27 19:26 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alanna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "ooVoo.exe"
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\StartupApproved\Run: => "AdobeBridge"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E9DC418A-0BF9-4034-9CB3-381C5853166B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3F2F2B32-9503-4D21-9454-455E261F576B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4F76C034-1E61-4A94-BC6C-F512D5713509}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{1F15A123-A35A-4057-8D66-425E2ED9C281}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{06300B16-432E-4E5C-9913-C1E13B0C85A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{5E12CA7E-AADD-4A14-B835-0EF219CC3752}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9BA1BE93-561E-4E2C-A2BC-9D2843719827}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1BD6C073-3335-46F4-9877-F9EA6AF464D3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B6AF2902-6C35-4720-BCC7-1FD3815264E9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C0F85A32-61A9-4E6F-ACA5-ABEFF55B3A61}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{97CF830B-B537-4DE3-AEB1-330DB30DEA02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{369CAAB3-FFFA-4193-A4A2-B7FB61FC81FB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A17B9E1F-4D91-4153-8BE0-A39DA6215077}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{8AECF3CB-0FAA-47F6-B0CF-7459F7D45AEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{14BBA612-B47A-4FA1-87EE-ACA818D7B152}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{485DC8F9-8B1D-492A-9CD7-D413700E9C97}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3E9893F4-BABA-4225-9746-A997B2C9B1BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{04F2E74C-1CA2-40DC-B081-677837112F7A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{5D8F48B0-0C2B-43B8-847B-D3A832C9AF67}] => (Allow) C:\Users\Alanna\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{AEE1740C-4017-489D-BBA3-E4BBCAF0D08C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{8C25989F-A0BE-4A24-BB45-F2BF696223A2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A2975FF5-0F5D-431E-B942-D2C8A9F670EA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0E6E158-6E96-4C7D-9358-94CD1E72D2FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{27D12D7D-F346-4CBD-8E68-BC3FCC0C31F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55A52BF9-051A-484F-98B9-308319A2AFE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4489D7A-04B4-4628-B58A-C4176AC00E4F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{723E8C9B-89C3-4C47-8E21-5D718B83253B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8CFD6C70-0C16-47E0-9A58-81891F97F70A}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zSBF28.tmp\SymNRT.exe
FirewallRules: [{A6822F7B-0E1F-4BCA-ADDA-3ABF4C6C4745}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zSBF28.tmp\SymNRT.exe
FirewallRules: [{1A9CE22E-BF37-492F-AB97-4C7BB71C3F02}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zS682B.tmp\SymNRT.exe
FirewallRules: [{5C94C600-4377-47F5-9825-C80C90C35C58}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zS682B.tmp\SymNRT.exe
 
==================== Restore Points =========================
 
14-05-2016 09:29:16 Windows Update
23-05-2016 18:47:07 Scheduled Checkpoint
29-05-2016 22:05:36 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
Name: Fujitsu Wireless Radio Switch Driver
Description: Fujitsu Wireless Radio Switch Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: FUJITSU LIMITED
Service: mshidumdf
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/31/2016 11:29:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1324641
 
Error: (05/31/2016 11:29:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1324641
 
Error: (05/31/2016 11:29:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/31/2016 11:07:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
 
Error: (05/31/2016 11:07:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
 
Error: (05/31/2016 11:07:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/31/2016 10:51:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 258094
 
Error: (05/31/2016 10:51:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 258094
 
Error: (05/31/2016 10:51:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (05/31/2016 10:47:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5422
 
 
System errors:
=============
Error: (06/01/2016 12:10:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/01/2016 12:10:08 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/01/2016 12:08:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/01/2016 12:08:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/01/2016 12:01:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (06/01/2016 12:01:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/31/2016 11:59:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/31/2016 11:59:42 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/31/2016 11:59:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/31/2016 11:59:24 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{22279AF5-03AE-4CAF-989D-2530918B2F1C}{0773CCD6-59A2-4D26-B235-19247767E645}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
CodeIntegrity:
===================================
  Date: 2016-05-30 09:47:42.206
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\1\avgnetclia.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 09:47:41.558
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\1\avgnetclia.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 09:47:40.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:23.860
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:23.187
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:22.553
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:21.928
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:21.268
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:20.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-05-30 07:46:20.042
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasea.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Celeron® CPU 1000M @ 1.80GHz
Percentage of memory in use: 62%
Total physical RAM: 8082.06 MB
Available physical RAM: 3007.98 MB
Total Virtual: 14738.06 MB
Available Virtual: 8548.02 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:681.51 GB) (Free:448.85 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP
 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=81298:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 
 
Tonight while you sleep let Avast do a boot-time scan
 
Open Avast, Scan, Scan for Viruses, Change the Quick Scan (in the box in the center of the page) to Boot-time Scan.  Then at the bottom of the page click on Scan Settings.
 
Make sure both boxes are checked and click on the gray box to the right of the orange ones.  It should turn orange.  Change where it says "Fix Automatically" to "Move to
Chest."  OK.  Now click on Start and then close Avast.  Mute your speakers so it doesn't wake you up when Windows boots.
 
When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:
 
 
Copy and paste the text from the log to a Reply when done.  Is Chrome still crashing?

 


  • 0

#19
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Sorry I am so inept, how do I save the fixlist to the same location? 


  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

If you click on the fixlist and download it it should go to the same place as FRST which in your case is C:\Users\Alanna\Downloads\


  • 0

#21
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
Ran by Alanna (2016-06-01 23:16:54) Run:1
Running from C:\Users\Alanna\Downloads
Loaded Profiles: Alanna (Available Profiles: Alanna)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {59557de8-0498-11e5-829c-681729d24acd} - "F:\Startme.exe" 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {5bcd9483-d6fc-11e5-82b2-681729d24acd} - "D:\Startme.exe" 
HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\...\MountPoints2: {989ccea9-b855-11e3-826f-681729d24acd} - "D:\Startme.exe" 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll => No File
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-06-26] (Symantec Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2016-05-31]
CHR Extension: (Norton Security Toolbar) - C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-08-07]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-03-24]
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
2016-05-31 22:18 - 2016-02-18 15:31 - 00000000 ____D C:\Users\Alanna\AppData\Roaming\AVG
2016-05-31 22:18 - 2016-02-18 15:19 - 00000000 ____D C:\ProgramData\Avg
2016-05-31 22:18 - 2015-02-09 20:38 - 00000000 ____D C:\Program Files (x86)\AVG
2016-05-30 18:37 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\Norton
2016-05-30 15:40 - 2015-05-30 10:26 - 00000000 ____D C:\Users\Alanna\AppData\Local\Avg
2016-05-30 09:30 - 2014-08-16 17:17 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-05-30 09:30 - 2014-08-16 17:17 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
C:\Users\Alanna\AppData\Local\Temp\avguirn_081703364145.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_0858788724.exe
C:\Users\Alanna\AppData\Local\Temp\avguirn_08909684095.exe
Task: {7FF08932-1874-44CC-899E-E5C8DC115761} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe
Task: {95A515DD-E9A0-4D97-AC8B-36C0B47108F4} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\WSCStub.exe
Task: {DB1742CD-37E2-45F6-96FA-BC9F5CF1E409} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F2C7465F-E637-4F2C-9C51-4A44E768C0CF} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\SymErr.exe
Task: {F7A843D0-42D1-48C6-B007-2D41EE12681F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton AntiVirus\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {FA6D9436-FE60-4E65-80EF-30F287D3411D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job => C:\Users\Alanna\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
FirewallRules: [{E9DC418A-0BF9-4034-9CB3-381C5853166B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3F2F2B32-9503-4D21-9454-455E261F576B}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{A17B9E1F-4D91-4153-8BE0-A39DA6215077}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{8AECF3CB-0FAA-47F6-B0CF-7459F7D45AEA}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{14BBA612-B47A-4FA1-87EE-ACA818D7B152}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{485DC8F9-8B1D-492A-9CD7-D413700E9C97}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3E9893F4-BABA-4225-9746-A997B2C9B1BD}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{04F2E74C-1CA2-40DC-B081-677837112F7A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{8CFD6C70-0C16-47E0-9A58-81891F97F70A}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zSBF28.tmp\SymNRT.exe
FirewallRules: [{A6822F7B-0E1F-4BCA-ADDA-3ABF4C6C4745}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zSBF28.tmp\SymNRT.exe
FirewallRules: [{1A9CE22E-BF37-492F-AB97-4C7BB71C3F02}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zS682B.tmp\SymNRT.exe
FirewallRules: [{5C94C600-4377-47F5-9825-C80C90C35C58}] => (Allow) C:\Users\Alanna\AppData\Local\Temp\7zS682B.tmp\SymNRT.exe
 
 
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AvgUi => value removed successfully
"HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{59557de8-0498-11e5-829c-681729d24acd}" => key removed successfully
HKCR\CLSID\{59557de8-0498-11e5-829c-681729d24acd} => key not found. 
"HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5bcd9483-d6fc-11e5-82b2-681729d24acd}" => key removed successfully
HKCR\CLSID\{5bcd9483-d6fc-11e5-82b2-681729d24acd} => key not found. 
"HKU\S-1-5-21-2581172181-3245553297-1029845820-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{989ccea9-b855-11e3-826f-681729d24acd}" => key removed successfully
HKCR\CLSID\{989ccea9-b855-11e3-826f-681729d24acd} => key not found. 
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
"HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}" => key removed successfully
"HKCR\CLSID\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => value removed successfully
"HKCR\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{A13C2648-91D4-4bf3-BC6D-0079707C4389} => value removed successfully
"HKCR\Wow6432Node\CLSID\{A13C2648-91D4-4bf3-BC6D-0079707C4389}" => key removed successfully
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D} => value removed successfully
C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn => moved successfully
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn [2016-05-31] => not found
C:\Users\Alanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob" => key removed successfully
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob" => key removed successfully
"C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx" => not found.
NCO => Unable to stop service.
NCO => service removed successfully
C:\Users\Alanna\AppData\Roaming\AVG => moved successfully
C:\ProgramData\Avg => moved successfully
C:\Program Files (x86)\AVG => moved successfully
 
"C:\ProgramData\Norton" folder move:
 
Could not move "C:\ProgramData\Norton" => Scheduled to move on reboot.
 
C:\Users\Alanna\AppData\Local\Avg => moved successfully
C:\ProgramData\NortonInstaller => moved successfully
C:\Program Files (x86)\NortonInstaller => moved successfully
C:\Users\Alanna\AppData\Local\Temp\avguirn_081703364145.exe => moved successfully
C:\Users\Alanna\AppData\Local\Temp\avguirn_0858788724.exe => moved successfully
C:\Users\Alanna\AppData\Local\Temp\avguirn_08909684095.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7FF08932-1874-44CC-899E-E5C8DC115761}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7FF08932-1874-44CC-899E-E5C8DC115761}" => key removed successfully
C:\windows\System32\Tasks\Norton AntiVirus\Norton Error Processor => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton AntiVirus\Norton Error Processor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95A515DD-E9A0-4D97-AC8B-36C0B47108F4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95A515DD-E9A0-4D97-AC8B-36C0B47108F4}" => key removed successfully
C:\windows\System32\Tasks\Norton WSC Integration => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton WSC Integration" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB1742CD-37E2-45F6-96FA-BC9F5CF1E409}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB1742CD-37E2-45F6-96FA-BC9F5CF1E409}" => key removed successfully
C:\windows\System32\Tasks\Norton Identity Safe\Norton Error Analyzer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Analyzer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2C7465F-E637-4F2C-9C51-4A44E768C0CF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2C7465F-E637-4F2C-9C51-4A44E768C0CF}" => key removed successfully
C:\windows\System32\Tasks\Norton AntiVirus\Norton Error Analyzer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton AntiVirus\Norton Error Analyzer" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F7A843D0-42D1-48C6-B007-2D41EE12681F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7A843D0-42D1-48C6-B007-2D41EE12681F}" => key removed successfully
C:\windows\System32\Tasks\Remediation\AntimalwareMigrationTask => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Remediation\AntimalwareMigrationTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA6D9436-FE60-4E65-80EF-30F287D3411D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA6D9436-FE60-4E65-80EF-30F287D3411D}" => key removed successfully
C:\windows\System32\Tasks\Norton Identity Safe\Norton Error Processor => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Norton Identity Safe\Norton Error Processor" => key removed successfully
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001Core.job => moved successfully
C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2581172181-3245553297-1029845820-1001UA.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E9DC418A-0BF9-4034-9CB3-381C5853166B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F2F2B32-9503-4D21-9454-455E261F576B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A17B9E1F-4D91-4153-8BE0-A39DA6215077} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8AECF3CB-0FAA-47F6-B0CF-7459F7D45AEA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{14BBA612-B47A-4FA1-87EE-ACA818D7B152} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{485DC8F9-8B1D-492A-9CD7-D413700E9C97} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E9893F4-BABA-4225-9746-A997B2C9B1BD} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04F2E74C-1CA2-40DC-B081-677837112F7A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8CFD6C70-0C16-47E0-9A58-81891F97F70A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A6822F7B-0E1F-4BCA-ADDA-3ABF4C6C4745} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A9CE22E-BF37-492F-AB97-4C7BB71C3F02} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C94C600-4377-47F5-9825-C80C90C35C58} => value removed successfully
 
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-06-01 23:20:14)
 
"C:\ProgramData\Norton" => Could not move
 
==== End of Fixlog 23:20:17 ====

  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP
Is Chrome still crashing?

  • 0

#23
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

No it hasnt since. 

 

06/02/2016 01:01
Scan of C:
 
Scan of *STARTUP
 
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-c0e2287f.exe|>mpavdlta.vdm Error 42127 {CAB archive is corrupted.}
File C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-e54b9a25.exe|>mpavdlta.vdm Error 42127 {CAB archive is corrupted.}
Number of searched folders: 50430
Number of tested files: 679605
Number of infected files: 0

  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

The two files that it complained about are MSE updates that are apparently corrupt.  Let's let FRST remove them.

 

 
Download the attached fixlist.txt to the same location as FRST
 
[attachment=81312:fixlist.txt]
 
Run FRST and press Fix
A fix log will be generated please post that 
 
Avast appears to be working OK.  Have you registered with them?  They just want an email address and they don't spam you.  To register, open Avast (either by click on the icon by the clock) or by All Programs , Avast Software, Avast Free AntiVirus) Then Setings (the gear), Registration.
 
Stick with Avast for a while and see how you like it.  
 
They have  started using their info popup to try and get you to upgrade so I go into Settings, General, Popups and change the first two to 1 second.
 
I don't like their Browser Cleanup so I turn it off:
Settings, Tools, Browser Cleanup (click on the white space to the right of On.)
 
 
The registration is good for 12-14 months then you will need to register again.  They will, of course, try to talk you into buying the product but you can always register again for another year free tho it may not be the default.
 
How are things working now?  Any more problems?
 
 

  • 0

#25
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:01-06-2016
Ran by Alanna (2016-06-03 07:47:38) Run:2
Running from C:\Users\Alanna\Downloads
Loaded Profiles: Alanna (Available Profiles: Alanna)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-c0e2287f.exe
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-e54b9a25.exe
*****************
 
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-c0e2287f.exe => moved successfully
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-e54b9a25.exe => moved successfully
 
==== End of Fixlog 07:47:41 ====

  • 0

Advertisements


#26
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Thank you for your dedicated support! The only problems were experienced last night where the internet was slow to load and facebook chats were not opening but im not sure if that is connected.


  • 0

#27
animalloverabh

animalloverabh

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I just turned on my laptop and it said something about cyberlink wanting to make changed to my harddrive?


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,664 posts
  • MVP

Should be OK.  Cyberlink makes two programs that have been on your PC since 2013:

 

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
 
Probably just an update.

  • 0






Similar Topics


Also tagged with one or more of these keywords: virus, google, tabs

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP