Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016 Ran by Stacie (administrator) on STACESACER (08-02-2016 23:01:56) Running from C:\Users\Stacie\Downloads Loaded Profiles: Stacie (Available Profiles: Stacie) Platform: Windows 8.1 Connected (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Pokki) C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe () C:\Windows\SysWOW64\UMonit64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Pokki) C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) C:\Users\Stacie\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor) HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2016-01-19] (Acer) HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\MountPoints2: {cf1cab34-c2a3-11e5-826c-2c600c7c5e06} - "D:\autorun.exe" HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\MountPoints2: {cf1cab3e-c2a3-11e5-826c-2c600c7c5e06} - "D:\autorun.exe" HKU\S-1-5-21-555111471-2403504220-3507946370-1001\...\MountPoints2: {cf1cabae-c2a3-11e5-826c-2c600c7c5e06} - "D:\autorun.exe" ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated) ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-24] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-24] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-04-07] ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{2B728B98-5926-4F4F-BB1A-3684C4393821}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{6900C5E0-B6E0-4702-9120-0F19581FD2D1}: [DhcpNameServer] 40.30.1.66 Tcpip\..\Interfaces\{ECB8E448-8E2A-4C36-9A5F-1BD5BAA39653}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB HKU\S-1-5-21-555111471-2403504220-3507946370-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-555111471-2403504220-3507946370-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-555111471-2403504220-3507946370-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-555111471-2403504220-3507946370-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-12-20] (Microsoft Corporation) BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-24] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-12-20] (Microsoft Corporation) BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-24] (Microsoft Corporation) Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File Toolbar: HKLM-x32 - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-12-02] (Microsoft Corporation) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-12-02] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://uk.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_ir_15_28¶m1=1¶m2=f%3D7%26b%3DChrome%26cc%3Dgb%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtCzzzy0DyD0EtA0AtD0DtN0D0Tzu0StCtBzzyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StAzzyDtA0FtCyE0BtGtAyByBtDtGtCtB0DtAtGtC0B0B0FtGtDtBtB0FtCzyyD0B0C0A0FtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FtA0F0AtD0EtDtGzz0EyCtDtGyE0AtD0AtG0AyDzz0FtGyD0FtB0D0CtDyByEtD0EtB0C2QtN0A0LzuyE%26cr%3D1725030734%26a%3Dwny_ir_15_28%26os%3DWindows 7 Home Premium","hxxp://www.dregol.com/?f=7&a=drg_ir_15_28&cd=2XzuyEtN2Y1L1QzuyBzz0EyEtDtDtCzzzy0DyD0EtA0AtD0DtN0D0Tzu0StCtBzztAtN1L2XzutAtFtCtCtFtAtFtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StB0FyCyB0D0DtByDtGtDyCtDtAtG0AtCyD0BtGtAyB0EtDtG0BtDyEyDtByEyByBzzzyyD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0FtA0F0AtD0EtDtGzz0EyCtDtGyE0AtD0AtG0AyDzz0FtGyD0FtB0D0CtDyByEtD0EtB0C2QtN0A0LzuyEtN1B2Z1V1T1S1NzuzzyCtB&cr=1522303241&ir=","hxxps://uk.search.yahoo.com/?type=994519&fr=yo-yhp-ch" CHR Profile: C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-01] CHR Extension: (Google Drive) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-01] CHR Extension: (YouTube) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-01] CHR Extension: (Facebook) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2016-02-02] CHR Extension: (Adblock Plus) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-07] CHR Extension: (Google Search) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-01] CHR Extension: (Google Sheets) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-01] CHR Extension: (SiteAdvisor) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-02-01] CHR Extension: (Google Docs Offline) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-02] CHR Extension: (Vysor (Beta)) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2016-02-04] CHR Extension: (AdBlock) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-08] CHR Extension: (My Study Life) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnjdjjiobjicmlhnjlogfgbibihjhkeo [2016-02-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-01] CHR Extension: (Gmail) - C:\Users\Stacie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-02] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx Opera: ======= OPR Extension: (Adguard) - C:\Users\Stacie\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2016-02-08] OPR Extension: (Youtube - Most Popular) - C:\Users\Stacie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oldapoiohefbnmggejjodihigclfhnka [2015-12-21] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.) R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2787512 2015-12-22] (Microsoft Corporation) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-05-07] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7524016 2014-01-07] (Broadcom Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-08] (ELAN Microelectronic Corp.) S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic) R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation) R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [67584 2013-11-11] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-12-10] (Intel Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-08 23:01 - 2016-02-08 23:03 - 00018762 _____ C:\Users\Stacie\Downloads\FRST.txt 2016-02-08 23:00 - 2016-02-08 23:01 - 00000000 ____D C:\FRST 2016-02-08 22:59 - 2016-02-08 22:59 - 00001432 _____ C:\Users\Stacie\Desktop\FRST64 - Shortcut.lnk 2016-02-08 22:54 - 2016-02-08 22:55 - 02370560 _____ (Farbar) C:\Users\Stacie\Downloads\FRST64 (1).exe 2016-02-08 22:53 - 2016-02-08 22:55 - 02370560 _____ (Farbar) C:\Users\Stacie\Downloads\FRST64.exe 2016-02-08 21:51 - 2016-02-08 21:51 - 00000000 ____D C:\Users\Stacie\AppData\Local\niemiro 2016-02-08 21:50 - 2016-02-08 21:50 - 00001470 _____ C:\Users\Stacie\Desktop\SFCFix (1) - Shortcut.lnk 2016-02-08 21:48 - 2016-02-08 21:49 - 02716160 _____ (niemiro) C:\Users\Stacie\Downloads\SFCFix (1).exe 2016-02-08 03:49 - 2016-02-08 03:50 - 00000000 ____D C:\Users\Stacie\Documents\COLLEGE WORK 2016-02-07 16:50 - 2016-02-07 16:50 - 00003334 _____ C:\WINDOWS\System32\Tasks\AcerCloud 2016-02-07 16:50 - 2016-02-07 16:50 - 00001988 _____ C:\Users\Public\Desktop\Acer Portal.lnk 2016-02-04 15:00 - 2016-02-04 15:00 - 00002283 _____ C:\Users\Stacie\Desktop\Chrome App Launcher.lnk 2016-02-04 15:00 - 2016-02-04 15:00 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-02-04 15:00 - 2016-02-04 15:00 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps 2016-02-04 14:36 - 2016-02-04 14:36 - 00000516 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics 2016-02-01 18:52 - 2016-02-07 17:02 - 00002196 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-01 18:52 - 2016-02-07 17:02 - 00002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-01 18:50 - 2016-02-08 22:56 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-01 18:50 - 2016-02-08 18:55 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-01 18:50 - 2016-02-02 12:58 - 00000000 ____D C:\Users\Stacie\AppData\Local\Google 2016-02-01 18:50 - 2016-02-01 18:51 - 00000000 ____D C:\Program Files (x86)\Google 2016-02-01 18:50 - 2016-02-01 18:50 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-01 18:50 - 2016-02-01 18:50 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-30 03:58 - 2016-01-30 03:58 - 00000000 ____D C:\Users\Stacie\Documents\Custom Office Templates 2016-01-24 14:16 - 2016-02-08 22:29 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-24 14:16 - 2016-01-24 18:10 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2016-01-13 20:45 - 2015-12-07 10:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 20:45 - 2015-12-04 15:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 20:41 - 2015-12-30 19:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 20:41 - 2015-12-30 19:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-01-13 20:41 - 2015-12-30 19:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-01-13 11:42 - 2015-12-11 04:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-13 11:42 - 2015-12-11 04:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 11:42 - 2015-12-11 03:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 11:42 - 2015-12-11 03:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-13 11:42 - 2015-12-11 03:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2016-01-13 11:42 - 2015-12-11 03:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 11:42 - 2015-12-11 03:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-01-13 11:42 - 2015-12-11 03:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-01-13 11:42 - 2015-12-11 03:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2016-01-13 11:42 - 2015-12-11 03:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-13 11:42 - 2015-12-11 02:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-13 11:42 - 2015-12-11 02:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 11:42 - 2015-12-11 02:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-01-13 11:42 - 2015-12-11 02:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-01-13 11:42 - 2015-12-11 02:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-13 11:42 - 2015-12-11 02:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-13 11:42 - 2015-12-11 02:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-01-13 11:42 - 2015-12-11 02:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-01-13 11:42 - 2015-12-11 02:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-01-13 11:42 - 2015-12-11 02:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-01-13 11:42 - 2015-12-11 02:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-01-13 11:42 - 2015-12-05 05:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll 2016-01-13 11:42 - 2015-12-02 15:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 11:42 - 2015-12-02 15:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 01798480 ____C (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 11:41 - 2015-12-05 05:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll 2016-01-13 11:41 - 2015-12-05 05:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll 2016-01-13 11:41 - 2015-12-03 18:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 11:41 - 2015-12-03 18:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 11:41 - 2015-12-03 18:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL 2016-01-13 11:41 - 2015-12-03 18:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 11:41 - 2015-12-03 18:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL 2016-01-13 11:41 - 2015-12-03 17:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll 2016-01-13 11:41 - 2015-12-03 17:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 11:41 - 2015-12-03 17:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL 2016-01-13 11:41 - 2015-12-03 17:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 11:41 - 2015-12-03 17:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 11:41 - 2015-12-03 17:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL 2016-01-13 11:41 - 2015-12-03 17:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 11:41 - 2015-12-03 17:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL 2016-01-13 11:41 - 2015-12-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 11:41 - 2015-12-03 17:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL 2016-01-13 11:41 - 2015-12-03 16:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 11:41 - 2015-12-03 16:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 11:36 - 2015-12-03 19:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-01-13 11:36 - 2015-12-03 19:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2016-01-13 11:36 - 2015-12-03 19:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2016-01-13 11:36 - 2015-12-03 19:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2016-01-13 11:36 - 2015-12-03 19:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2016-01-13 11:36 - 2015-12-03 18:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2016-01-13 11:36 - 2015-12-03 18:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2016-01-13 11:36 - 2015-12-03 18:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2016-01-13 11:36 - 2015-12-03 18:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-01-13 11:36 - 2015-12-03 18:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2016-01-13 11:36 - 2015-12-03 17:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2016-01-13 11:36 - 2015-12-03 17:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-01-13 11:36 - 2015-12-03 17:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 11:36 - 2015-12-03 16:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 11:35 - 2015-12-03 17:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2016-01-12 23:09 - 2015-12-08 19:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-12 23:09 - 2015-12-08 19:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-10 07:42 - 2016-02-08 03:53 - 00000000 ____D C:\Users\Stacie\AppData\Roaming\Foxit Software ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-02-08 22:43 - 2013-08-22 15:20 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-08 20:59 - 2014-03-18 09:47 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-08 20:59 - 2013-08-22 13:36 - 00000000 ____D C:\WINDOWS\Inf 2016-02-08 20:49 - 2015-12-01 18:23 - 00000000 ____D C:\Users\Stacie\AppData\Local\SweetLabs App Platform 2016-02-08 19:36 - 2015-12-01 18:29 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-555111471-2403504220-3507946370-1001 2016-02-08 19:31 - 2015-12-01 18:23 - 00000000 ____D C:\Users\Stacie\AppData\Local\Packages 2016-02-08 19:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-08 06:43 - 2015-12-01 19:52 - 00000000 ____D C:\Users\Stacie\AppData\Local\CrashDumps 2016-02-08 02:32 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-07 20:11 - 2015-12-14 05:39 - 00000000 ___DO C:\Users\Stacie\OneDrive 2016-02-07 16:50 - 2015-12-06 14:48 - 00003352 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent 2016-02-07 16:49 - 2014-07-15 08:17 - 00000000 ___HD C:\OEM 2016-02-07 16:46 - 2015-04-07 15:43 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2016-02-07 16:43 - 2015-12-01 18:27 - 00000000 ____D C:\Users\Stacie\AppData\Local\clear.fi 2016-02-07 16:02 - 2015-12-02 01:07 - 00003850 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1449018443 2016-02-07 16:02 - 2015-12-02 01:07 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-02-07 16:02 - 2015-12-02 01:06 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-30 21:38 - 2015-12-02 15:43 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2016-01-25 03:57 - 2015-12-01 18:22 - 00000000 ____D C:\Users\Stacie 2016-01-24 18:10 - 2015-12-02 15:43 - 00003862 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2016-01-24 18:10 - 2015-12-02 15:37 - 00000000 ____D C:\Users\Stacie\AppData\Local\Adobe 2016-01-24 14:08 - 2013-08-22 14:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-24 06:24 - 2013-08-22 15:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-01-24 06:21 - 2015-12-02 01:42 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-01-23 05:33 - 2013-08-22 15:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-21 16:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\rescache 2016-01-15 22:59 - 2013-08-22 13:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-15 22:57 - 2015-12-03 02:57 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-15 22:53 - 2015-12-03 02:57 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe ==================== Files in the root of some directories ======= 2015-12-02 01:13 - 2015-12-02 01:13 - 0007606 _____ () C:\Users\Stacie\AppData\Local\Resmon.ResmonCfg 2015-04-07 15:28 - 2015-04-07 15:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Stacie\AppData\Local\Temp\Foxit PhantomPDF Updater.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-02-04 15:15 ==================== End of FRST.txt ============================