Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015
Ran by TRW (administrator) on TOMS-PC (14-10-2015 01:11:00)
Running from C:\Users\TRW\Downloads
Loaded Profiles: TRW (Available Profiles: TRW & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...) C:\Program Files (x86)\eMule\emule.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
() C:\Program Files (x86)\SolSuite\SolSuite.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_185_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-11] (Glarysoft Ltd)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-10-14] (IncrediMail, Ltd.)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\GPHOTO~1.SCR [641088 2012-04-30] (Gianpaolo Bottin)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-11-09]
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\TRW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2014-12-19]
ShortcutTarget: Event Reminder.lnk -> C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE ()
BootExecute: autocheck autochk * BootDefrag.exeSmartDefragBootTime.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Ran by TRW (administrator) on TOMS-PC (14-10-2015 01:11:00)
Running from C:\Users\TRW\Downloads
Loaded Profiles: TRW (Available Profiles: TRW & Guest)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\AMT\atchksrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Intel) C:\Program Files (x86)\Intel\AMT\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Intel) C:\Program Files (x86)\Intel\AMT\UNS.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...) C:\Program Files (x86)\eMule\emule.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\22.5.4.24\n360.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
() C:\Program Files (x86)\SolSuite\SolSuite.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
(IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_19_0_0_185_ActiveX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [AllShareAgent] => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-10-11] (Glarysoft Ltd)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [IncrediMail] => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe [444840 2015-10-14] (IncrediMail, Ltd.)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\...\Run: [eMuleAutoStart] => C:\Program Files (x86)\eMule\emule.exe [5758976 2010-04-07] (eMule-Project.net - Official eMule Homepage. Downloads, Help, Docu, News...)
HKU\S-1-5-21-1354457429-920771469-1351253148-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\GPHOTO~1.SCR [641088 2012-04-30] (Gianpaolo Bottin)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security Suite\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk [2014-11-09]
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\Users\TRW\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk [2014-12-19]
ShortcutTarget: Event Reminder.lnk -> C:\Program Files\Mindscape\PrintMaster\PMREMIND.EXE ()
BootExecute: autocheck autochk * BootDefrag.exeSmartDefragBootTime.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)