[hongbones]

 

hello my computer has been infected with a virus. It causes annoying ads and popups that take up the screen and somtimes redirect me to new tabs. One of them is called "ads by saleplus".

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:24-06-2015
Ran by Atiyyah (administrator) on ATHOME on 27-06-2015 22:57:15
Running from C:\Users\Intaaf\Desktop
Loaded Profiles: Atiyyah (Available Profiles: Atiyyah)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Quick Access\RMSvc.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Gateway\Gateway Quick Access\QuickAccess.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Pokki) C:\Users\Intaaf\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Pokki) C:\Users\Intaaf\AppData\Local\Pokki\Engine\HostAppService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Pokki) C:\Users\Intaaf\AppData\Local\Pokki\Engine\HostAppService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Pokki) C:\Users\Intaaf\AppData\Local\Pokki\Engine\StartMenuIndexer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_190.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_190.exe
() C:\Program Files (x86)\Gateway\Live Updater\updater.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13647576 2013-08-27] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-10-14] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Qualcomm®Atheros®)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [Pokki] => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-10-23] (Spotify Ltd)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\RunOnce: [Application Restart #3] => C:\Users\Intaaf\AppData\Local\Pokki\Engine\HostAppService.exe [7853568 2015-05-29] (Pokki)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-01-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-09-26] ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2985085416-437969470-2083931593-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityrespo...er/fix_homepage
HKU\S-1-5-21-2985085416-437969470-2083931593-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=AGJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
SearchScopes: HKU\S-1-5-21-2985085416-437969470-2083931593-1001 -> DefaultScope {9BA0FB58-AB0F-11E4-82AB-3065EC1FE5DD} URL =
SearchScopes: HKU\S-1-5-21-2985085416-437969470-2083931593-1001 -> {20EC2ED0-4A5F-4C70-9F80-0EC138D4A715} URL =
SearchScopes: HKU\S-1-5-21-2985085416-437969470-2083931593-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://us.yhs4.searc...p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: SpoaiceOfffErs -> {54028CE4-98F6-4517-801F-F3092737DB77} -> C:\Program Files (x86)\SpoaiceOfffErs\S5SlecoD8NF8kL.x64.dll [2015-06-14] ()
BHO: bestadblocker -> {619e0da7-04de-4947-a578-865438767d38} -> C:\Program Files (x86)\bestadblocker\pK88I7fG7GcwjT.x64.dll No File
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO: DigiCoupOn -> {D09AEFC4-92A7-4C7B-9824-0796D0994ECD} -> C:\Program Files (x86)\DigiCoupOn\MmwX8lSstHzzkT.x64.dll [2015-06-21] ()
BHO: DiigiCooupon -> {E2C9AB5A-0710-4AEF-B8CC-016324C7DEFD} -> C:\Program Files (x86)\DiigiCooupon\JW5I78wWLeRDF2.x64.dll [2015-06-21] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-05-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-26] (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-26] (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719
FF DefaultSearchEngine.US: Google
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2014-10-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2013-08-05] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Extension: AdPunisher - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\bvmk_ipselbum@hmuskfn_hh_xhqhu.com [2015-06-20]
FF Extension: SpoaiceOfffErs - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\[email protected] [2015-06-14]
FF Extension: ActiveCoupon - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\[email protected] [2015-06-14]
FF Extension: DigiCCoupoon - C:\Users\Intaaf\AppData\Roaming\Mozilla\Firefox\Profiles\gmfquphl.default-1432440194719\Extensions\[email protected] [2015-06-22]
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.11.42\coFFPlgn [2015-06-27]
FF HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-18]
CHR Extension: (Google Drive) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-18]
CHR Extension: (YouTube) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-18]
CHR Extension: (McAfee Security Scan+) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-03]
CHR Extension: (Google Search) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-18]
CHR Extension: (SpoaiceOfffErs) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjocmbnibidjdonphngeljcdfncdange [2015-06-14]
CHR Extension: (XKit) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-03-25]
CHR Extension: (Handy maps) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\gamlmgkgpkoacendnhjdlccbijpkflbf [2015-04-22]
CHR Extension: (Norton Identity Safe) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-10-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-21]
CHR Extension: (Twitch Now) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmbdmpjmlijibeockamioakdpmhjnpk [2015-06-21]
CHR Extension: (Google Wallet) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-18]
CHR Extension: (Norton Security Toolbar) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2015-06-27]
CHR Extension: (Gmail) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-18]
CHR Extension: (Beautify for Trello) - C:\Users\Intaaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppmoihbfiilgkkgcogbblhhanjjaocil [2015-06-14]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-06-27]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - http://clients2.goog...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx [2015-06-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2650696 2013-07-27] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-17] (WildTangent)
R2 LMSvc; C:\Program Files\Gateway\Gateway Launch Manager\LMSvc.exe [457768 2013-08-02] (Acer Incorporate)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-02] (Symantec Corporation)
R3 QASvc; C:\Program Files\Gateway\Gateway Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate)
R3 RMSvc; C:\Program Files\Gateway\Gateway Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [222168 2013-01-29] (Soluto)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 WdNisSvc; "%ProgramFiles%\Windows Defender\NisSrv.exe" [X]
S3 WinDefend; "%ProgramFiles%\Windows Defender\MsMpEng.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-27 22:57 - 2015-06-27 23:04 - 00024690 _____ C:\Users\Intaaf\Desktop\FRST.txt
2015-06-27 22:56 - 2015-06-27 22:57 - 00000000 ____D C:\FRST
2015-06-27 22:47 - 2015-06-27 22:47 - 02112512 _____ (Farbar) C:\Users\Intaaf\Desktop\FRST64.exe
2015-06-27 21:47 - 2015-06-27 21:47 - 00002559 _____ C:\Users\Public\Desktop\Norton Identity Safe.LNK
2015-06-27 21:47 - 2015-06-27 21:47 - 00000000 ____D C:\Windows\system32\Drivers\NSTx64
2015-06-27 21:46 - 2015-06-27 21:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
2015-06-27 21:46 - 2015-06-27 21:47 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2015-06-26 16:34 - 2015-06-26 16:32 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-26 16:32 - 2015-06-26 16:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-26 16:27 - 2015-06-26 16:27 - 00561248 _____ (Oracle Corporation) C:\Users\Intaaf\Downloads\jxpiinstall.exe
2015-06-23 23:12 - 2015-06-23 23:12 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-23 23:12 - 2015-06-23 23:12 - 00001166 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-23 23:12 - 2015-06-23 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-23 23:11 - 2015-06-23 23:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-23 23:04 - 2015-06-23 23:04 - 00243408 _____ C:\Users\Intaaf\Downloads\Firefox Setup Stub 38.0.5.exe
2015-06-23 22:34 - 2015-06-23 22:34 - 03088296 _____ (Symantec Corporation) C:\Users\Intaaf\Downloads\NPE.exe
2015-06-23 22:29 - 2015-06-26 19:45 - 00000000 ____D C:\Users\Intaaf\AppData\Local\NPE
2015-06-23 20:01 - 2015-06-23 20:01 - 00000000 ____D C:\ProgramData\PCSettings
2015-06-23 19:52 - 2015-06-23 20:22 - 00042496 ___SH C:\Users\Intaaf\Desktop\Thumbs.db
2015-06-23 19:52 - 2015-06-23 20:22 - 00001319 _____ C:\Users\Intaaf\Desktop\Norton Installation Files.lnk
2015-06-23 19:52 - 2015-06-23 19:52 - 01110424 _____ (Symantec Corporation) C:\Users\Intaaf\Downloads\NSDownloader.exe
2015-06-23 19:52 - 2015-06-23 19:52 - 00000000 ____D C:\Users\Public\Downloads\Norton
2015-06-23 18:48 - 2015-06-23 18:48 - 18174128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-21 23:59 - 2015-06-26 16:26 - 00000000 ____D C:\Program Files (x86)\Twitch Now
2015-06-21 23:57 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\DigiCoupOn
2015-06-21 23:56 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\DiigiCooupon
2015-06-21 23:56 - 2015-06-21 23:56 - 00000000 ____D C:\Program Files (x86)\DigiCCoupoon
2015-06-20 21:58 - 2015-06-20 21:58 - 00000079 _____ C:\Program Files (x86)\prefs.js
2015-06-17 21:29 - 2015-04-08 18:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-17 21:29 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-17 21:29 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-17 21:29 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-17 21:29 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-17 21:28 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-17 21:28 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-17 17:29 - 2015-05-25 09:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-17 17:29 - 2015-05-25 09:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-17 17:29 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-17 17:24 - 2015-04-16 02:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-17 17:24 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-17 17:24 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-17 17:24 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-17 17:24 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-17 17:23 - 2015-04-01 18:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-17 17:23 - 2015-04-01 18:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-17 17:23 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-17 17:23 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-17 17:23 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-17 17:23 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-17 17:23 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-17 17:23 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-17 17:23 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-17 17:23 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-17 17:23 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-17 17:23 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-17 17:23 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-17 17:23 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-17 17:23 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-14 13:00 - 2015-06-23 22:09 - 00000000 ____D C:\Program Files (x86)\SoftwarePlus
2015-06-14 12:59 - 2015-06-26 16:18 - 00000000 ____D C:\Program Files (x86)\Beautify for Trello
2015-06-14 12:58 - 2015-06-23 20:39 - 00000000 ____D C:\Program Files (x86)\SpoaiceOfffErs
2015-06-14 12:55 - 2015-06-14 12:55 - 00004096 _____ C:\Windows\SysWOW64\ntwdblib.dll
2015-06-12 20:55 - 2015-06-12 20:55 - 00002282 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-12 20:55 - 2015-06-12 20:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-12 20:31 - 2015-06-12 20:32 - 00931408 _____ (Google Inc.) C:\Users\Intaaf\Downloads\ChromeSetup(1).exe
2015-06-09 17:47 - 2015-05-27 10:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-09 17:47 - 2015-05-27 10:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-09 17:47 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-09 17:47 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-09 17:46 - 2015-05-22 23:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-09 17:46 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-09 17:46 - 2015-05-22 23:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-09 17:46 - 2015-05-22 23:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-09 17:46 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 17:46 - 2015-05-22 22:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-09 17:46 - 2015-05-22 22:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-09 17:46 - 2015-05-22 22:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 17:46 - 2015-05-22 22:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-09 17:46 - 2015-05-22 22:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 17:46 - 2015-05-22 22:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 17:46 - 2015-05-22 22:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 17:46 - 2015-05-22 22:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 17:46 - 2015-05-22 22:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-09 17:46 - 2015-05-22 22:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 17:46 - 2015-05-22 22:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-09 17:46 - 2015-05-22 22:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-09 17:46 - 2015-05-22 22:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 17:46 - 2015-05-22 15:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-09 17:46 - 2015-05-22 15:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-09 17:46 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-09 17:46 - 2015-05-22 14:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-09 17:46 - 2015-05-22 14:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-09 17:46 - 2015-05-22 14:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-09 17:46 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-09 17:46 - 2015-05-22 14:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-09 17:46 - 2015-05-22 14:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-09 17:46 - 2015-05-22 14:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-09 17:46 - 2015-05-22 14:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-09 17:46 - 2015-05-22 14:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-09 17:46 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-09 17:46 - 2015-05-22 14:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-09 17:46 - 2015-05-22 14:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-09 17:46 - 2015-05-22 13:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-09 17:46 - 2015-05-22 13:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-09 17:46 - 2015-05-22 13:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-09 17:46 - 2015-05-22 13:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-09 17:46 - 2015-05-22 13:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 17:45 - 2015-05-21 12:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-06 00:32 - 2015-06-14 12:58 - 00000000 ____D C:\Program Files (x86)\ExsttruaSavings
2015-06-06 00:31 - 2015-06-06 00:31 - 00000000 ____D C:\Program Files (x86)\ExsTraSavings
2015-06-06 00:30 - 2015-06-06 00:30 - 00000000 ____D C:\Program Files (x86)\CalendarWeek
2015-06-06 00:28 - 2015-06-14 12:58 - 00000000 ____D C:\Program Files (x86)\ExsTraoSavvinngs
2015-05-29 19:42 - 2015-05-29 19:42 - 00660220 _____ C:\Users\Intaaf\Documents\001.tif
2015-05-28 21:40 - 2015-05-28 21:40 - 00000000 _____ C:\Users\Intaaf\AppData\Local\{51C1DCF3-919A-4127-98A2-1416288B8203}

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-27 23:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-27 22:48 - 2014-02-12 20:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-27 22:35 - 2013-10-23 07:45 - 01863458 _____ C:\Windows\WindowsUpdate.log
2015-06-27 22:16 - 2014-01-10 11:38 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2985085416-437969470-2083931593-1001
2015-06-27 22:15 - 2013-09-05 11:46 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-27 22:14 - 2014-01-10 11:30 - 00000000 ____D C:\Users\Intaaf\AppData\Local\Pokki
2015-06-27 22:13 - 2014-09-20 17:31 - 00000000 ___RD C:\Users\Intaaf\iCloudDrive
2015-06-27 22:12 - 2014-01-17 19:14 - 00000000 __RDO C:\Users\Intaaf\SkyDrive
2015-06-27 22:11 - 2013-08-22 10:46 - 00031525 _____ C:\Windows\setupact.log
2015-06-27 22:11 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-27 22:10 - 2013-09-05 11:55 - 00000000 ____D C:\ProgramData\Norton
2015-06-27 22:10 - 2013-09-05 11:36 - 01730304 _____ C:\Windows\PFRO.log
2015-06-27 22:06 - 2013-08-22 11:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-06-27 22:06 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-27 21:21 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-27 21:18 - 2014-09-09 22:08 - 00000000 ____D C:\Users\Intaaf\AppData\Local\Adobe
2015-06-26 23:45 - 2013-10-23 07:59 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-06-26 23:05 - 2014-11-22 22:51 - 00000000 ____D C:\Users\Intaaf\AppData\Roaming\Skype
2015-06-26 16:35 - 2014-12-17 01:32 - 00000000 ____D C:\ProgramData\Oracle
2015-06-26 16:31 - 2014-12-17 01:31 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-26 16:26 - 2015-05-15 21:18 - 00000000 ____D C:\Program Files (x86)\OpenDyslexic
2015-06-26 16:26 - 2015-04-22 23:04 - 00000000 ____D C:\Program Files (x86)\SalePlus
2015-06-26 16:20 - 2015-01-23 23:33 - 00000000 ____D C:\Program Files (x86)\Kakao
2015-06-26 16:17 - 2015-05-15 21:15 - 00000000 ____D C:\Program Files (x86)\FindoBesstDoeal
2015-06-25 16:54 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2015-06-23 22:15 - 2014-12-25 15:05 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-23 20:11 - 2014-12-13 17:33 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-23 20:07 - 2013-08-22 09:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-06-23 19:40 - 2014-10-25 17:41 - 00315904 ___SH C:\Users\Intaaf\Downloads\Thumbs.db
2015-06-23 18:49 - 2014-02-12 20:38 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-22 22:47 - 2015-05-23 18:06 - 00000024 _____ C:\Users\Intaaf\AppData\Roaming\appdataFr25.bin
2015-06-22 00:00 - 2015-04-22 23:03 - 00000000 ____D C:\ProgramData\3560252052232944589
2015-06-21 21:37 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-20 22:30 - 2014-01-20 22:24 - 00000000 ____D C:\Windows\system32\MRT
2015-06-20 22:10 - 2014-01-20 22:24 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-19 23:02 - 2014-07-09 15:26 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-19 23:02 - 2014-07-09 15:26 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-14 12:59 - 2015-05-15 20:54 - 00000000 ____D C:\Program Files (x86)\StatMaker
2015-06-14 12:58 - 2015-05-15 21:19 - 00000000 ____D C:\Program Files (x86)\Fuun2SAve
2015-06-14 12:58 - 2015-05-15 21:15 - 00000000 ____D C:\Program Files (x86)\FunuDaeals
2015-06-12 23:24 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2015-06-12 20:52 - 2014-01-18 17:52 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 23:05 - 2014-01-10 11:30 - 00000000 ____D C:\Users\Intaaf
2015-06-11 19:21 - 2013-08-22 10:44 - 00478072 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 00:04 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-02 22:23 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-02 00:45 - 2015-04-05 20:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-02 00:45 - 2015-04-05 20:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-31 19:12 - 2014-01-10 11:32 - 00000000 ____D C:\Users\Intaaf\AppData\Local\Packages
2015-05-31 16:03 - 2014-07-30 17:56 - 00000000 ____D C:\Users\Intaaf\AppData\Local\Deployment
2015-05-30 23:41 - 2015-05-24 00:01 - 00002318 _____ C:\Users\Intaaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

==================== Files in the root of some directories =======

2015-06-20 21:58 - 2015-06-20 21:58 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-05-23 18:06 - 2015-06-22 22:47 - 0000024 _____ () C:\Users\Intaaf\AppData\Roaming\appdataFr25.bin
2015-05-28 21:40 - 2015-05-28 21:40 - 0000000 _____ () C:\Users\Intaaf\AppData\Local\{51C1DCF3-919A-4127-98A2-1416288B8203}
2013-10-23 08:04 - 2013-10-23 08:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-01-10 11:46 - 2014-01-10 11:46 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:
====================
C:\Users\Intaaf\AppData\Local\Temp\3714336557572608426b.exe
C:\Users\Intaaf\AppData\Local\Temp\6448131735792973622.exe
C:\Users\Intaaf\AppData\Local\Temp\APNSetup.exe
C:\Users\Intaaf\AppData\Local\Temp\B3B0.exe
C:\Users\Intaaf\AppData\Local\Temp\ntwdblib.dll
C:\Users\Intaaf\AppData\Local\Temp\oct20DE.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct25E0.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct2D38.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct2FAA.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct3F2E.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct4ACD.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct5B9F.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct5F99.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct6162.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct68E5.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct7614.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct7BC.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct848E.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct97DA.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct9A66.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\oct9CCB.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octAC2F.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octB292.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octC3FA.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octC43B.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octC48.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octCABE.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octD16B.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octD403.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octD816.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octDCB3.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octDF82.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octDFED.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octE447.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octE6F7.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octF0B5.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\octFEAA.tmp.exe
C:\Users\Intaaf\AppData\Local\Temp\setacl.exe
C:\Users\Intaaf\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-23 11:13

==================== End of log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-06-2015
Ran by Atiyyah at 2015-06-27 23:12:32
Running from C:\Users\Intaaf\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2985085416-437969470-2083931593-500 - Administrator - Disabled)
Atiyyah (S-1-5-21-2985085416-437969470-2083931593-1001 - Administrator - Enabled) => C:\Users\Intaaf
Guest (S-1-5-21-2985085416-437969470-2083931593-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2985085416-437969470-2083931593-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.3006 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.3104.3 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.3104.6 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.3104 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{4465D909-4FA8-86D2-121C-676BB60E63D7}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AOL (HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Pokki_b6e646d11b719eb1b6efa13bd5a9bd1897ee4eb5) (Version: v1.0.3 - Pokki)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 9.2.0.11 - WildTangent, Inc.)
Gateway Games (HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Pokki_9a4324f00d4f0f3e5795bc8a599c0551ac01936f) (Version: 1.1.9.43466 - Pokki)
Gateway Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Gateway Incorporated)
Gateway Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Gateway Incorporated)
Gateway Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Gateway Incorporated)
Gateway Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Gateway Incorporated)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
GovernorPlatform (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{ec9c17f1}) (Version:  - GovernorPlatform) <==== ATTENTION
Handy maps (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Host App Service (HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Pokki) (Version: 0.269.7.660 - Pokki)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Gateway Incorporated)
iExplorer 3.2.5.2 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant LLC)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Gateway Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Identity Safe (HKLM-x32\...\NST) (Version: 2014.7.11.42 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.02.2009 - Acer)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-2985085416-437969470-2083931593-1001\...\Pokki_Start_Menu) (Version: 0.269.7.660 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7027 - Realtek Semiconductor Corp.)
Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1D00}) (Version: 12.29.0.197 - APN, LLC) <==== ATTENTION
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Soluto (HKLM\...\{A40888FC-B545-46F3-8628-6AE98C1C75C6}) (Version: 1.3.1193.1 - Soluto)
SpoaiceOfffErs (HKLM-x32\...\{C206CC20-60D6-8D02-746E-4465CC40B2F6}) (Version:  - )
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
StatMaker (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995}) (Version:  - Software Publisher) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.13 - Synaptics Incorporated)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.2 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

Check "winmgmt" service or repair WMI.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {060E9475-4073-4490-9A60-3811B4F22831} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {12DCD060-A7F8-44C3-A381-2FC12B4A3FF3} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {174AD047-F092-4415-B69E-164E4CE86A3D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {202A49B1-EE01-4AAB-9D73-9FB753F8674E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2353A7BA-4ACD-40FB-BD3F-88148B3902DC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {2BA8A22E-8767-457C-B82D-747E79CBB1C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {35B82500-8307-4BE1-9B73-3D47847E046F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {38A931D4-4ABF-41C1-9EBA-0526D24C3A80} - System32\Tasks\Quick Access => C:\Program Files\Gateway\Gateway Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate)
Task: {40A3B277-93CD-4E00-A2EE-0D4EBDA80325} - System32\Tasks\Launch Manager => C:\Program Files\Gateway\Gateway Launch Manager\LMLauncher.exe [2013-08-02] (Acer Incorporate)
Task: {425010A0-8C8A-4900-A981-6A5BFDBA803D} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {4CE03BE8-10BB-46A3-80E1-556CEF873A22} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Time-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4DACBAE1-6E27-441C-AC79-02C4526BFE42} - System32\Tasks\ALU => C:\Program Files (x86)\Gateway\Live Updater\updater.exe [2013-07-08] ()
Task: {59923BDD-3099-4858-A7FE-83333B23AE49} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Gateway\Gateway Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {7295FA4B-3AEA-4B0D-8BEC-ECA882DE560B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {918965D3-14C2-4AE8-A57B-4C62B6897186} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation)
Task: {98243034-3F4F-4E73-B36C-E1666159E0B1} - System32\Tasks\Power Management => C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {9B58552B-B11F-480C-AF15-7AD5FF68B8E6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-20] (Microsoft Corporation)
Task: {A3A9280A-761A-4D0F-8668-4125E217AE86} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {A4CD0B93-AFE8-4021-85D0-33DB40E3074E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Gateway\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {A5B9C901-CEFC-473E-A031-D669EDA7A71B} - System32\Tasks\[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-10-14] (Adobe Systems Incorporated)
Task: {AEDC0FE1-6537-4BF5-87C2-32FF819C277F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-07-27] (Acer Incorporated)
Task: {C25D73D8-12AF-4032-9E7F-90FE3D2B3B93} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon-10s => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {D14ABD2E-8358-452B-8F44-1AAC24A97958} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {D888E696-65D8-43B2-8DC1-0F15EC0E2CBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {EC85ECDC-9092-44A1-AB02-09E6D58CA300} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-13 17:58 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-29 15:28 - 2013-01-29 15:28 - 00109024 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-01-29 15:28 - 2013-01-29 15:28 - 00055352 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2013-08-22 03:19 - 2013-08-22 02:54 - 00008704 _____ () C:\Windows\system32\WinMetadata\Windows.Management.winmd
2013-08-22 03:19 - 2013-08-22 02:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2013-08-22 03:19 - 2013-08-22 02:54 - 00134144 _____ () C:\Windows\system32\WinMetadata\Windows.ApplicationModel.winmd
2013-08-22 03:19 - 2013-08-22 02:54 - 00020480 _____ () C:\Windows\system32\WinMetadata\Windows.System.winmd
2013-01-29 15:28 - 2013-01-29 15:28 - 00109024 _____ () c:\program files\soluto\PCGDllExportInspector.dll
2014-09-26 15:41 - 2014-09-26 15:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-16 17:53 - 2015-01-27 11:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-07 04:48 - 2013-09-07 04:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 04:45 - 2013-09-07 04:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 04:52 - 2013-09-07 04:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-09-26 15:40 - 2014-09-26 15:40 - 06237856 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-07-08 17:34 - 2013-07-08 17:34 - 04150312 _____ () C:\Program Files (x86)\Gateway\Live Updater\updater.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-23 08:27 - 2013-07-30 21:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2014-09-28 22:01 - 2014-09-28 22:01 - 36730032 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2015-06-12 20:54 - 2015-06-05 14:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libglesv2.dll
2015-06-12 20:54 - 2015-06-05 14:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\libegl.dll
2015-04-28 16:15 - 2015-04-28 16:15 - 00569856 _____ () C:\Users\Intaaf\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-28 16:15 - 2015-04-28 16:15 - 01400846 _____ () C:\Users\Intaaf\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-28 16:15 - 2015-04-28 16:15 - 00151054 _____ () C:\Users\Intaaf\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-28 16:15 - 2015-04-28 16:15 - 00222734 _____ () C:\Users\Intaaf\AppData\Local\Pokki\Engine\avformat-54.dll
2015-06-12 20:54 - 2015-06-05 14:22 - 15003464 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Intaaf\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Intaaf\SkyDrive.old:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2985085416-437969470-2083931593-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Intaaf\Pictures\2015-03-05\IMG_0011.JPG
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{AFA84E43-07C7-480A-8E59-91530DAF5953}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{90E98B0E-ADA6-4F7A-A5E0-E6D18B3BB88A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{3488BC7E-F972-441D-BCB8-A87D8A843D72}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E3D29E86-ABC9-4D31-9E8F-F38004BECEF4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B35430E0-685C-4EF0-A7AF-237AD873AD7A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{8AE89ADA-F20E-4299-9E8D-143ECA9F9533}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{B033445B-2D41-4AE2-9509-244CF1FC5A69}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{3B618E56-EBCB-4C41-BF3C-287602994CC2}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{AD489391-34FA-4767-8EB2-94B8DD8457C2}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{EED50F83-55A8-4F2D-BFB5-3C0A6E0AF4A7}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{B22ACB4B-C331-4657-9EFA-E46D4AA98B62}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{4158DE74-5975-4B52-9988-6E31BB16BC05}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{50AC570E-980F-4661-8660-E23909D0DDE7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F26CAD6B-804A-4F11-AB97-3B735A047BA2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{B75B0EDB-C3D9-43E7-A1ED-BA17ADF7283B}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{2F7C4616-7497-4BC3-B11C-049CFE054474}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{93CAE712-0874-4D20-AB31-999A04FD0F3E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{64A58E19-FCC8-4C64-AF59-A33AC9900E2A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3F5ACCD1-CFF5-48A8-8ACD-4526648ECF6D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{7FBEB94E-D588-4A8D-900C-7C776DF5E89E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{BAFB850C-3F54-4214-BA59-01C0AF60C38F}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{5433EEFC-C0DF-4475-9F86-33B8DF6245C4}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{3B87C44A-ABCF-4036-8290-D5734D29E7FE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{F4C13627-BFFB-4F36-BC2D-9509C5602DAF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{25CCCCED-E111-4258-B4BD-A95385F115DC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{BFC48582-4F5F-474D-A50D-04CEF026A1EB}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{EEB974D4-F578-47C1-BE32-446FBF06518D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{7B51420F-A025-41B1-B568-9BFFC9197472}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{BBB89B0F-45B2-4D43-B786-0621202F5B06}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{D6523A04-46CA-40E7-BD24-DA224E8F6FAE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{A5CCD1BF-6B5E-4546-B358-320AA4ADB969}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{AD038197-0C7B-4320-8DBE-F15C0EFA9059}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{43022EC4-EC7A-4AF1-BA92-65D8CF3BF447}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{B283A874-EFD0-481A-95AA-AFECEEDB5364}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{E6E7E427-3559-48B4-A5BA-FB3A910F0150}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{F8EE1770-AA70-4465-B4F4-198D97C7BE58}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C7D33044-D8F5-4E0F-8D5D-C48663971807}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9E76DCCF-55FE-45C3-89C0-E22D2687560F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{962E00BA-37A9-443E-A1C6-8CACDEC208D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{731980A7-3C7F-4CE1-91C8-632828E5164E}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [UDP Query User{50153B45-A5A7-4659-B56B-13B4523355AC}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe
FirewallRules: [{A3978712-5537-418A-9D7B-2063724A9D7B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E8E70350-B7D7-4CDE-96FD-BC3485A7C938}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{037C3024-4F1F-44CA-8428-83CD7A57860C}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{138EDE1E-9E57-4869-A049-709B4CDB22A6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5925D591-DDCA-47C5-8FC2-AE1242884917}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{93E7D43D-3F3A-4774-936C-1E766B11EAE9}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{052C954C-6D18-4D77-BCD8-28A42C4209A6}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{8EE80A0E-666E-4CDB-B79D-BADDF570A8AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62453

Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62453

Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14360

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14360

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5938

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5938

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:15:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2625


System errors:
=============
Error: (06/27/2015 11:17:29 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.

Error: (06/27/2015 10:19:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ePower Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (06/27/2015 10:13:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%2

Error: (06/27/2015 10:10:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.

Error: (06/27/2015 10:10:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CCDMonitorService service.

Error: (06/27/2015 10:09:19 PM) (Source: DCOM) (EventID: 10010) (User: ATHOME)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (06/27/2015 10:09:13 PM) (Source: DCOM) (EventID: 10010) (User: ATHOME)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/27/2015 10:08:57 PM) (Source: DCOM) (EventID: 10010) (User: ATHOME)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/27/2015 10:08:57 PM) (Source: DCOM) (EventID: 10010) (User: ATHOME)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (06/27/2015 10:08:56 PM) (Source: DCOM) (EventID: 10010) (User: ATHOME)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office:
=========================
Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 62453

Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 62453

Error: (06/27/2015 11:16:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14360

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14360

Error: (06/27/2015 11:16:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5938

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5938

Error: (06/27/2015 11:16:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/27/2015 11:15:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2625


==================== Memory info ===========================

Processor: AMD E1-2500 APU with Radeon™ HD Graphics
Percentage of memory in use: 71%
Total physical RAM: 3525.01 MB
Available physical RAM: 1010.01 MB
Total Pagefile: 4485.01 MB
Available Pagefile: 1075.6 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:681.12 GB) (Free:609.97 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 6EC8F460)

Partition: GPT Partition Type.

==================== End of log ============================

 

 

 

[Advertisements]

Hello hongbones and welcome to GeeksToGo.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

• please follow all instructions in the order posted
• please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
• all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
• if you don't understand something, please don't hesitate to ask for clarification before proceeding
• the fixes are specific to your problem and should only be used for this issue on this machine.
• please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please carry out these instructions these in the order given.

===================================================

Uninstall programs

Uninstall these programs if present:

Search App by Ask
StatMaker

• hold down the Windows logo key and press X to open a menu at the lower-left area of the screen
• select Programs and Features from the menu
• search and select the above programs one by one and click on Uninstall
• reboot your computer.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

• run AdwCleaner
• when it has finished, select Clean
• if it asks to reboot, allow the reboot
• on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

• shut down your protection software now to avoid potential conflicts.
• run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
• the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• on completion, a log (JRT.txt) is saved to your desktop and will automatically open
• post the contents of JRT.txt into your next message.

===================================================

Run Farbar Recovery Scan Tool

Please run FRST again and post the new log.

Logs to include with next post:

AdwCleaner log
JRT.txt
Frst.txt

Thanks

Satchfan

 

 

[Satchfan]

Hello hongbones and welcome to GeeksToGo.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

• please follow all instructions in the order posted
• please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
• all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
• if you don't understand something, please don't hesitate to ask for clarification before proceeding
• the fixes are specific to your problem and should only be used for this issue on this machine.
• please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please carry out these instructions these in the order given.

===================================================

Uninstall programs

Uninstall these programs if present:

Search App by Ask
StatMaker

• hold down the Windows logo key and press X to open a menu at the lower-left area of the screen
• select Programs and Features from the menu
• search and select the above programs one by one and click on Uninstall
• reboot your computer.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.

• run AdwCleaner
• when it has finished, select Clean
• if it asks to reboot, allow the reboot
• on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

Please download Junkware Removal Tool to your desktop.

• shut down your protection software now to avoid potential conflicts.
• run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
• the tool will open and start scanning your system
• please be patient as this can take a while to complete depending on your system's specifications
• on completion, a log (JRT.txt) is saved to your desktop and will automatically open
• post the contents of JRT.txt into your next message.

===================================================

Run Farbar Recovery Scan Tool

Please run FRST again and post the new log.

Logs to include with next post:

AdwCleaner log
JRT.txt
Frst.txt

Thanks

Satchfan

 

 

[Satchfan]

Hi hongbones

It has been several days since I replied to your request for help with your computer problems.

Please let me know if you are having problems and still need help.

Thanks

Satchfan

[Satchfan]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.