Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

I THINK I'm infected, but not sure! [Solved]

Started by moondog830 , Jul 24 2015 04:34 PM

This topic is locked

#1
moondog830

Posted 24 July 2015 - 04:34 PM

Member

Member
804 posts

I'm having issues with opening webpages that I've ALWAYS been able to open ... such as my email page and other pages. I believe that maybe I'm infected .. help please.

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015

Ran by papa (administrator) on PAPAS on 24-07-2015 18:27:58

Running from C:\Users\papa\Desktop

Loaded Profiles: papa (Available Profiles: papa)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\SysWOW64\UMonit64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

() C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-01-13] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-20] (AVAST Software)

HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)

HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [64864 2015-07-23] (Acer Incorporated)

HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-23] ()

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7800088 2015-07-08] (SUPERAntiSpyware)

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [88928 2015-07-23] ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-04-18]

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-20] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://acer13.msn.com/?pc=ACJB

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\Software\Microsoft\Internet Explorer\Main,Start Page =

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\.DEFAULT -> {D6EEA06B-1DF7-46E0-BE8F-C66B5C6F2BB2} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001 -> DefaultScope {99A029AD-B1B5-42B9-BD0D-513656FD84B0} URL = https://search.yahoo...p={searchTerms}

SearchScopes: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001 -> {99A029AD-B1B5-42B9-BD0D-513656FD84B0} URL = https://search.yahoo...p={searchTerms}

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20] (AVAST Software)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-15] (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-15] (Oracle Corporation)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

Tcpip\..\Interfaces\{04F0CB9A-8BB9-47A6-9744-550650E38658}: [DhcpNameServer] 192.168.6.1 64.134.255.2 64.134.255.10

Tcpip\..\Interfaces\{578D2FEE-34D7-40D4-BD4B-0B28E6162879}: [NameServer] 10.0.0.17 10.1.0.35

Tcpip\..\Interfaces\{578D2FEE-34D7-40D4-BD4B-0B28E6162879}: [DhcpNameServer] 192.168.1.1

FireFox:

========

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-15] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-15] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)

FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-14]

Chrome:

=======

CHR Profile: C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Readium) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2015-04-11]

CHR Extension: (Avast Online Security) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-10]

CHR Extension: (PDFPocket - PDF to EPUB) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpackgjjakgbeipilljfdhjhfbpobjjo [2015-04-11]

CHR Extension: (Convert EPUB to MOBI (Kindle format)) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcichgcjcnjhkkaiglnobgopalkinhe [2015-04-11]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]

CHR Extension: (Google Wallet) - C:\Users\papa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-10]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)

R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-20] (AVAST Software)

R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-20] (Avast Software)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2837856 2015-07-22] (Acer Incorporated)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

R2 Intel® TechnologyAccessService; C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe [93408 2015-03-17] (Intel® Corporation)

S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1616160 2014-03-26] (NVIDIA Corporation)

S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-03-10] (Microsoft Corporation)

S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-03-10] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-20] (AVAST Software)

R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-20] (AVAST Software)

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-20] (AVAST Software)

R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-20] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-20] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-20] (AVAST Software)

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-20] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-20] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-20] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-20] (AVAST Software)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)

U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2014-03-18] (Microsoft Corporation)

S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [111336 2014-04-28] (GenesysLogic)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)

R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-27] (REALiX™)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)

R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)

S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-03-27] (Intel Corporation)

R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)

R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)

R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-20] (AVAST Software)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)

S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2015-01-05] (Synaptics Incorporated)

R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)

S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-20] (Avast Software)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-03-10] (Microsoft Corporation)

S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 18:27 - 2015-07-24 18:29 - 00020467 _____ C:\Users\papa\Desktop\FRST.txt

2015-07-24 18:27 - 2015-07-24 18:27 - 00001692 _____ C:\Users\Public\Desktop\Uninstall OMC ModPack 0.9.9.lnk

2015-07-24 18:27 - 2015-07-24 18:27 - 00001127 _____ C:\Users\Public\Desktop\OMC ModPack Update- ReConfigure.lnk

2015-07-24 18:27 - 2015-07-24 18:27 - 00000794 _____ C:\Users\Public\Desktop\World of Tanks 0.9.9.lnk

2015-07-24 18:27 - 2015-07-24 18:27 - 00000787 _____ C:\Users\Public\Desktop\World of Tanks Launcher 0.9.9.lnk

2015-07-24 18:27 - 2015-07-24 18:25 - 02135552 _____ (Farbar) C:\Users\papa\Desktop\FRST64.exe

2015-07-24 18:26 - 2015-07-24 18:28 - 00000000 ____D C:\FRST

2015-07-24 18:25 - 2015-07-24 18:25 - 02135552 _____ (Farbar) C:\Users\papa\Downloads\FRST64.exe

2015-07-24 18:06 - 2015-07-24 18:07 - 02208400 _____ (Odem Mortis ) C:\Users\papa\Downloads\OMC_ModPack_Installer (3).exe

2015-07-23 13:20 - 2015-07-24 18:25 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-07-23 13:20 - 2015-07-23 13:25 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-07-23 13:17 - 2015-07-23 13:17 - 00001216 _____ C:\Users\papa\Downloads\Tony Venables -The Red Hand.epub[ebooks-shares.org].torrent

2015-07-23 13:16 - 2015-07-23 13:16 - 00004098 _____ C:\Users\papa\Downloads\Tim Severin -Hector Lynch series (1-4)[epub,mobi][ebooks-shares.org].torrent

2015-07-23 13:15 - 2015-07-23 13:15 - 00002245 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-07-23 13:15 - 2015-07-23 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-07-23 13:11 - 2015-07-23 13:11 - 00000000 ____D C:\Users\papa\AppData\Local\Deployment

2015-07-23 13:11 - 2015-07-23 13:11 - 00000000 ____D C:\Users\papa\AppData\Local\Apps\2.0

2015-07-23 13:04 - 2015-07-23 13:04 - 00007292 _____ C:\Users\papa\Downloads\Tim Severin - Saxon Series (1-2)[epub,mobi][ebooks-shares.org].torrent

2015-07-23 10:32 - 2015-07-23 10:32 - 00001929 _____ C:\Users\Public\Desktop\abDocs.lnk

2015-07-23 09:44 - 2015-07-23 09:45 - 00000000 ____D C:\Users\papa\Desktop\stuff from laptop

2015-07-22 22:30 - 2015-07-22 22:30 - 00113129 _____ C:\Users\papa\Downloads\[kat.cr]before.we.go.2014.hdrip.xvid.ac3.evo (4).torrent

2015-07-22 22:30 - 2015-07-22 22:30 - 00057448 _____ C:\Users\papa\Downloads\[kat.cr]angel.2015.hdrip.xvid.etrg.torrent

2015-07-22 22:29 - 2015-07-22 22:29 - 00101817 _____ C:\Users\papa\Downloads\[kat.cr]furious.seven.2015.extended.1080p.bluray.x264.sparks.torrent

2015-07-22 22:26 - 2015-07-22 22:26 - 00009746 _____ C:\Users\papa\Downloads\[kat.cr]paper.model.hms.warspite.battleship.1.300scale.superunitedkingdom.torrent

2015-07-22 22:26 - 2015-07-22 22:26 - 00001391 _____ C:\Users\papa\Downloads\[kat.cr]christopher.nuttall.a.savage.war.of.peace.warspite.ii.ark.royal.5.wildwielder.epub.torrent

2015-07-22 22:26 - 2015-07-22 22:26 - 00001391 _____ C:\Users\papa\Downloads\[kat.cr]christopher.nuttall.a.savage.war.of.peace.warspite.ii.ark.royal.5.wildwielder.epub (1).torrent

2015-07-22 22:25 - 2015-07-22 22:25 - 00002882 _____ C:\Users\papa\Downloads\[kat.cr]the.trafalgar.gambit.ark.royal.christopher.nuttall.epub.mobi.torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00113129 _____ C:\Users\papa\Downloads\[kat.cr]before.we.go.2014.hdrip.xvid.ac3.evo.torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00113129 _____ C:\Users\papa\Downloads\[kat.cr]before.we.go.2014.hdrip.xvid.ac3.evo (3).torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00113129 _____ C:\Users\papa\Downloads\[kat.cr]before.we.go.2014.hdrip.xvid.ac3.evo (2).torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00113129 _____ C:\Users\papa\Downloads\[kat.cr]before.we.go.2014.hdrip.xvid.ac3.evo (1).torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00015484 _____ C:\Users\papa\Downloads\[kat.cr]this.is.our.time.2013.dvdrip.xvid.sc0rp.torrent

2015-07-22 21:30 - 2015-07-22 21:30 - 00015484 _____ C:\Users\papa\Downloads\[kat.cr]this.is.our.time.2013.dvdrip.xvid.sc0rp (1).torrent

2015-07-22 18:43 - 2015-07-22 18:43 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent

2015-07-21 23:30 - 2015-07-21 23:30 - 00015682 _____ C:\Users\papa\Downloads\Biscuits[ebooks-shares.org].torrent

2015-07-21 23:30 - 2015-07-21 23:30 - 00011406 _____ C:\Users\papa\Downloads\1,000 Inventions and Discoveries[ebooks-shares.org].torrent

2015-07-21 23:17 - 2015-07-21 23:17 - 09719863 _____ C:\Users\papa\Downloads\U5VafPA.rar

2015-07-21 23:16 - 2015-07-21 23:16 - 12154382 _____ C:\Users\papa\Downloads\U5VafBoS.rar

2015-07-21 23:16 - 2015-07-21 23:16 - 11515456 _____ C:\Users\papa\Downloads\U5VafO21p.rar

2015-07-21 23:08 - 2015-07-21 23:08 - 13279780 _____ C:\Users\papa\Downloads\U5VafOCa.rar

2015-07-21 23:07 - 2015-07-21 23:07 - 11870380 _____ C:\Users\papa\Downloads\U5VafO12s.rar

2015-07-21 20:39 - 2015-07-21 20:39 - 00006061 _____ C:\Users\papa\Downloads\[kat.cr]michael.j.sullivan.riyria.revelations.series.fantasy.epub.torrent

2015-07-21 20:02 - 2015-07-21 20:02 - 00004762 _____ C:\Users\papa\Downloads\[kat.cr]scott.lynch.the.gentleman.[bleep].sequence.1.3.epubs.thepillager.torrent

2015-07-21 20:01 - 2015-07-21 20:01 - 00001146 _____ C:\Users\papa\Downloads\[kat.cr]ebook.series.scifan.peter.v.brett.demon.trilogy.3.ebooks.torrent

2015-07-21 20:00 - 2015-07-21 20:00 - 00011058 _____ C:\Users\papa\Downloads\[kat.cr]the.lightbringer.series.1.3.by.brent.weeks.epub.mobi.knightinkat.torrent

2015-07-21 20:00 - 2015-07-21 20:00 - 00003616 _____ C:\Users\papa\Downloads\[kat.cr]brent.weeks.night.angel.trilogy.torrent

2015-07-21 19:59 - 2015-07-21 19:59 - 00003940 _____ C:\Users\papa\Downloads\[kat.cr]anthony.ryan.raven.s.shadow.03.queen.of.fire.epub.mobi.torrent

2015-07-21 19:59 - 2015-07-21 19:59 - 00001991 _____ C:\Users\papa\Downloads\[kat.cr]anthony.ryan.queen.of.fire.wildwielder.cpul.epub.torrent

2015-07-21 19:55 - 2015-07-21 19:55 - 00003662 _____ C:\Users\papa\Downloads\[kat.cr]mark.lawrence.the.broken.empire.01.03.mobi.torrent

2015-07-21 19:55 - 2015-07-21 19:55 - 00002899 _____ C:\Users\papa\Downloads\[kat.cr]broken.empire.3.books.by.mark.lawrence.sam2085.torrent

2015-07-21 17:41 - 2015-07-21 17:41 - 00012262 _____ C:\Users\papa\Downloads\[kat.cr]superantispyware.professional.6.0.1106.saw000.ctrg.torrent

2015-07-21 17:40 - 2015-07-21 17:40 - 00014316 _____ C:\Users\papa\Downloads\[kat.cr]superantispyware.professional.6.0.1200.final.keys.4realtorrentz.torrent

2015-07-21 17:37 - 2015-07-21 17:37 - 00121884 _____ C:\Users\papa\Downloads\[kat.cr]child.44.2015.real.hdrip.xvid.ac3.evo.torrent

2015-07-21 17:37 - 2015-07-21 17:37 - 00008311 _____ C:\Users\papa\Downloads\[kat.cr]the.road.within.2014.720p.brrip.x264.yify.torrent

2015-07-21 17:37 - 2015-07-21 17:37 - 00008164 _____ C:\Users\papa\Downloads\[kat.cr]the.last.survivors.2014.720p.brrip.x264.yify.torrent

2015-07-20 17:33 - 2015-07-20 17:33 - 00031469 _____ C:\Users\papa\Downloads\[kat.cr]malwarebytes.anti.malware.premium.2.1.8.1057.multilingual.keygen.by.fff.torrent

2015-07-20 17:33 - 2015-07-20 17:33 - 00013400 _____ C:\Users\papa\Downloads\[kat.cr]malwarebytes.anti.malware.premium.2.0.4.1028.final.keys.atom.torrent

2015-07-20 15:18 - 2015-07-20 15:18 - 00000000 ____D C:\Windows\%LOCALAPPDATA%

2015-07-20 15:12 - 2015-07-23 10:03 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update

2015-07-20 15:12 - 2015-07-20 15:12 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2015-07-20 15:12 - 2015-07-20 15:12 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00150160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr

2015-07-20 15:12 - 2015-07-20 15:12 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys

2015-07-20 15:12 - 2015-07-20 15:12 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys

2015-07-20 13:20 - 2015-07-20 13:20 - 02208496 _____ (Odem Mortis ) C:\Users\papa\Downloads\OMC_ModPack_Installer (1).exe

2015-07-20 12:25 - 2015-07-20 12:25 - 00000475 _____ C:\Users\papa\Downloads\EBS Endeavour (Atlantia Series Book 4)_nodrm.mobi[ebooks-shares.org].torrent

2015-07-20 12:25 - 2015-07-20 12:25 - 00000454 _____ C:\Users\papa\Downloads\EBS Defiance (Atlantia Series Book 5)_nodrm.mobi[ebooks-shares.org].torrent

2015-07-20 12:22 - 2015-07-20 12:22 - 00000611 _____ C:\Users\papa\Downloads\EBS A Prospect of War (An Age of Discord Novel Book 1)_nodrm.azw3[ebooks-shares.org].torrent

2015-07-20 12:22 - 2015-07-20 12:22 - 00000598 _____ C:\Users\papa\Downloads\EBS Mirandas Demons_nodrm.azw3[ebooks-shares.org].torrent

2015-07-19 23:16 - 2015-07-19 23:16 - 00020562 _____ C:\Users\papa\Downloads\Fitness Tracker.xlsx

2015-07-19 21:51 - 2015-07-19 21:51 - 00021945 _____ C:\Users\papa\Downloads\Levitt.xlsx

2015-07-19 21:49 - 2015-07-19 23:39 - 00022241 _____ C:\Users\papa\Downloads\PetroChart.xlsx

2015-07-19 21:48 - 2015-07-19 21:49 - 00278628 _____ C:\Users\papa\Downloads\Bertrand.xlsx

2015-07-19 21:19 - 2015-07-19 21:19 - 00000441 _____ C:\Users\papa\Downloads\EBS Space Carrier Avalon_nodrm.azw3[ebooks-shares.org].torrent

2015-07-19 20:51 - 2015-07-19 20:51 - 00015897 _____ C:\Users\papa\Downloads\Quality.xlsx

2015-07-19 18:26 - 2015-07-13 17:10 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-07-19 18:26 - 2015-07-13 17:10 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-07-19 17:29 - 2015-07-19 17:29 - 00017681 _____ C:\Users\papa\Downloads\Fitness (1).xlsx

2015-07-19 17:03 - 2015-07-19 17:04 - 21328258 _____ C:\Users\papa\Downloads\GWIWT29.rar

2015-07-19 16:50 - 2015-07-19 16:51 - 21125537 _____ C:\Users\papa\Downloads\GWIWT27.rar

2015-07-19 09:31 - 2015-07-19 09:31 - 00013652 _____ C:\Users\papa\Downloads\Hernandez.xlsx

2015-07-19 09:29 - 2015-07-19 09:29 - 00017681 _____ C:\Users\papa\Downloads\Fitness.xlsx

2015-07-19 09:10 - 2015-07-19 09:10 - 00015320 _____ C:\Users\papa\Downloads\read_and_understand_fairy_tales_and_folktales.pdf[ebooks-shares.org].torrent

2015-07-17 23:12 - 2015-07-17 23:13 - 64950272 _____ C:\Users\papa\Downloads\calibre-2.32.1.msi

2015-07-17 18:28 - 2015-07-17 18:28 - 51608829 _____ (soloviyko ) C:\Users\papa\Downloads\SoloModPack_v0.9.9_U1.exe

2015-07-17 16:57 - 2015-07-09 15:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-07-17 16:57 - 2015-07-09 14:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-07-17 16:57 - 2015-07-09 12:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-07-17 16:57 - 2015-07-09 11:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-07-17 16:57 - 2015-07-09 11:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-07-17 16:57 - 2015-07-09 11:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2015-07-17 16:57 - 2015-07-09 11:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2015-07-17 16:57 - 2015-07-09 11:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-07-17 16:57 - 2015-07-09 11:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-07-17 16:57 - 2015-07-09 11:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-07-17 16:57 - 2015-07-09 11:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-07-17 16:57 - 2015-07-09 11:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-07-17 16:57 - 2015-07-09 11:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-07-17 16:57 - 2015-06-26 23:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-07-17 16:57 - 2015-06-26 23:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-07-17 16:57 - 2015-06-26 22:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-07-17 16:57 - 2015-06-24 22:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-07-17 16:57 - 2015-04-29 19:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll

2015-07-17 16:56 - 2015-06-28 01:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-07-17 16:56 - 2015-06-28 01:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-07-17 16:56 - 2015-06-28 01:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-07-17 16:56 - 2015-06-28 01:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-07-17 16:56 - 2015-06-27 12:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-07-17 16:56 - 2015-06-26 23:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-07-17 16:56 - 2015-06-26 23:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-07-17 16:56 - 2015-06-26 23:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-07-17 16:56 - 2015-06-26 22:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2015-07-17 16:56 - 2015-06-26 22:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-07-17 16:56 - 2015-06-26 22:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-07-17 16:56 - 2015-06-26 21:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2015-07-17 16:56 - 2015-06-26 21:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-07-17 16:56 - 2015-05-30 17:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll

2015-07-17 16:56 - 2015-05-30 15:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll

2015-07-17 16:56 - 2015-05-30 15:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll

2015-07-17 16:56 - 2015-05-02 20:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-07-17 16:55 - 2015-06-15 18:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-17 16:55 - 2015-06-15 18:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-17 16:55 - 2015-06-15 17:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-17 16:55 - 2015-06-15 17:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-17 16:55 - 2015-06-15 16:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-17 16:55 - 2015-06-15 15:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-17 16:55 - 2015-05-07 13:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-07-17 16:55 - 2015-05-07 13:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll

2015-07-17 16:55 - 2015-05-07 12:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-07-17 16:55 - 2015-05-07 12:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll

2015-07-17 16:55 - 2015-05-07 11:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll

2015-07-17 16:55 - 2015-05-07 11:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll

2015-07-17 16:55 - 2015-03-19 23:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll

2015-07-17 16:55 - 2015-03-19 23:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2015-07-17 16:55 - 2015-03-19 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2015-07-17 16:55 - 2015-03-19 22:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2015-07-17 16:54 - 2015-03-01 21:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll

2015-07-17 16:54 - 2015-03-01 21:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll

2015-07-17 16:53 - 2015-05-11 14:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys

2015-07-17 16:53 - 2015-04-24 22:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys

2015-07-17 16:53 - 2015-04-08 18:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll

2015-07-17 16:52 - 2015-07-03 09:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-07-17 16:52 - 2015-07-03 09:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-07-17 16:52 - 2015-07-03 09:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-07-17 16:52 - 2015-07-03 09:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-07-17 16:52 - 2015-06-29 18:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-07-17 16:52 - 2015-06-29 11:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-07-17 16:52 - 2015-06-29 11:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-07-17 16:52 - 2015-06-29 11:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-07-17 16:52 - 2015-06-29 11:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-07-17 16:52 - 2015-06-29 11:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-07-17 16:52 - 2015-06-26 19:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-07-17 16:52 - 2015-06-26 19:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-07-17 16:50 - 2015-06-15 18:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-07-17 16:50 - 2015-06-15 18:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-07-17 16:50 - 2015-06-15 18:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-07-17 16:50 - 2015-06-15 18:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-07-17 16:50 - 2015-06-15 18:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx

2015-07-17 16:50 - 2015-06-15 17:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-07-17 16:50 - 2015-06-15 17:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-07-17 16:50 - 2015-06-15 17:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2015-07-17 16:50 - 2015-06-15 17:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-07-17 16:50 - 2015-06-15 17:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2015-07-17 16:50 - 2015-06-15 17:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2015-07-17 16:50 - 2015-06-15 17:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-07-17 16:50 - 2015-06-15 17:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-07-17 16:50 - 2015-06-15 17:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll

2015-07-17 16:50 - 2015-06-15 17:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-07-17 16:50 - 2015-06-15 17:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-07-17 16:50 - 2015-06-15 17:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-07-17 16:50 - 2015-06-15 17:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-07-17 16:50 - 2015-06-15 17:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-07-17 16:50 - 2015-06-15 16:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-07-17 16:50 - 2015-06-15 16:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2015-07-17 16:50 - 2015-06-15 16:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-07-17 16:50 - 2015-06-15 16:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-07-17 16:50 - 2015-06-15 16:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2015-07-17 16:50 - 2015-06-15 16:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-07-17 16:50 - 2015-06-15 16:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2015-07-17 16:50 - 2015-06-15 16:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2015-07-17 16:50 - 2015-06-15 16:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-07-17 16:50 - 2015-06-15 16:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-07-17 16:50 - 2015-06-15 16:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-07-17 16:50 - 2015-06-15 16:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll

2015-07-17 16:50 - 2015-06-15 16:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-07-17 16:50 - 2015-06-15 16:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-07-17 16:50 - 2015-05-22 23:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-07-17 16:50 - 2015-05-22 23:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-07-17 16:50 - 2015-05-22 15:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-07-17 16:50 - 2015-05-22 14:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-07-17 16:50 - 2015-05-22 14:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-07-17 16:50 - 2015-05-03 11:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2015-07-17 16:50 - 2015-05-03 10:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2015-07-17 16:50 - 2015-05-03 10:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll

2015-07-17 16:50 - 2015-05-03 10:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll

2015-07-17 16:49 - 2015-07-02 17:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-07-17 16:49 - 2015-07-02 16:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-07-17 16:49 - 2015-07-02 16:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-07-17 16:49 - 2015-07-02 16:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-07-17 16:49 - 2015-07-02 16:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-07-17 16:49 - 2015-07-02 15:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-07-17 16:49 - 2015-07-02 15:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-07-17 16:49 - 2015-07-02 14:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-07-17 16:49 - 2015-07-01 18:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-07-17 16:49 - 2015-07-01 17:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-07-17 16:49 - 2015-04-13 18:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll

2015-07-17 16:49 - 2015-04-13 18:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll

2015-07-17 16:47 - 2015-05-11 12:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll

2015-07-17 16:47 - 2015-04-24 22:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll

2015-07-17 16:47 - 2015-04-24 22:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll

2015-07-17 16:46 - 2015-06-16 01:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-17 16:46 - 2015-06-16 01:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-17 16:46 - 2015-06-10 23:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-17 16:46 - 2015-06-10 12:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-17 16:46 - 2015-05-07 12:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2015-07-17 16:46 - 2015-05-01 19:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml

2015-07-17 16:46 - 2015-04-28 09:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls

2015-07-17 16:46 - 2015-04-28 09:13 - 00513480 _____ C:\Windows\system32\locale.nls

2015-07-17 16:46 - 2015-04-23 11:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll

2015-07-17 16:46 - 2015-04-23 11:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll

2015-07-17 16:46 - 2015-04-16 02:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS

2015-07-17 16:46 - 2015-04-01 00:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe

2015-07-17 16:46 - 2015-04-01 00:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll

2015-07-17 16:46 - 2015-04-01 00:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll

2015-07-17 16:46 - 2015-04-01 00:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll

2015-07-17 16:46 - 2015-03-31 23:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll

2015-07-17 16:46 - 2015-03-31 23:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll

2015-07-17 16:46 - 2015-03-31 23:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe

2015-07-17 16:46 - 2015-03-31 22:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll

2015-07-17 16:46 - 2015-03-31 22:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe

2015-07-17 16:46 - 2015-03-31 22:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll

2015-07-17 16:46 - 2015-03-31 22:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll

2015-07-17 16:46 - 2015-03-31 22:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll

2015-07-17 16:46 - 2015-03-31 22:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe

2015-07-17 16:45 - 2015-05-12 09:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll

2015-07-17 16:45 - 2015-05-03 11:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll

2015-07-17 16:45 - 2015-05-03 10:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll

2015-07-17 16:44 - 2015-07-17 16:44 - 02208496 _____ (Odem Mortis ) C:\Users\papa\Downloads\OMC_ModPack_Installer.exe

2015-07-16 22:44 - 2015-07-16 22:44 - 00020547 _____ C:\Users\papa\Downloads\0545147131_e.pdf[ebooks-shares.org].torrent

2015-07-16 12:39 - 2015-07-16 12:39 - 00000000 ____D C:\Users\papa\AppData\Local\CEF

2015-07-16 11:53 - 2015-07-16 11:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2015-07-16 11:53 - 2015-07-16 11:53 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-07-16 09:55 - 2015-07-16 09:56 - 08736404 _____ C:\Users\papa\Downloads\w8thVBHlCf.rar

2015-07-15 22:38 - 2015-07-15 22:38 - 00007404 _____ C:\Users\papa\Downloads\1613749619.epub[ebooks-shares.org].torrent

2015-07-15 22:38 - 2015-07-15 22:38 - 00003548 _____ C:\Users\papa\Downloads\Easy MATH Art Projects & Activities.pdf[ebooks-shares.org].torrent

2015-07-15 22:38 - 2015-07-15 22:38 - 00002921 _____ C:\Users\papa\Downloads\Easy and Fun Cursive Writing.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00007007 _____ C:\Users\papa\Downloads\Fluency Practice Mini Books - Gr 3.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00004248 _____ C:\Users\papa\Downloads\Every Day of the Year Math Problems.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00003369 _____ C:\Users\papa\Downloads\Exploring Plants.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00002617 _____ C:\Users\papa\Downloads\Fractured Fairy Tales - Fractions & Decimals.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00002121 _____ C:\Users\papa\Downloads\Expository Writing - Primary.pdf[ebooks-shares.org].torrent

2015-07-15 22:37 - 2015-07-15 22:37 - 00001046 _____ C:\Users\papa\Downloads\Fast Facts - Addition & Subtraction.pdf[ebooks-shares.org].torrent

2015-07-15 22:36 - 2015-07-15 22:36 - 00005318 _____ C:\Users\papa\Downloads\Fractured Fairy Tales - Mult. & Div. - Gr 4-6.pdf[ebooks-shares.org].torrent

2015-07-15 22:36 - 2015-07-15 22:36 - 00002439 _____ C:\Users\papa\Downloads\Fractured Fairy Tales Math.pdf[ebooks-shares.org].torrent

2015-07-15 10:40 - 2015-07-15 10:50 - 33124422 _____ C:\Users\papa\Downloads\x9thVIowWiB.rar

2015-07-15 10:34 - 2015-07-15 10:37 - 16366602 _____ C:\Users\papa\Downloads\x9thVIowUbP.rar

2015-07-13 20:53 - 2015-07-13 20:53 - 05709124 _____ C:\Users\papa\Downloads\The Infantry's Armor.epub

2015-07-13 18:55 - 2015-07-13 18:55 - 06125138 _____ C:\Users\papa\Downloads\yMaIoMIAI.rar

2015-07-13 18:54 - 2015-07-13 18:55 - 06358966 _____ C:\Users\papa\Downloads\sbaIoMPa2.rar

2015-07-13 15:31 - 2015-07-13 15:31 - 00269312 _____ ([bleep]) C:\Users\papa\Downloads\DAMN_NFO_Viewer_v2-10-0032-RC3.exe

2015-07-11 18:27 - 2015-07-11 18:28 - 00000000 ____D C:\Users\papa\Desktop\gettysburg off stephs

2015-07-11 18:24 - 2015-07-11 18:24 - 00000000 ____D C:\Users\papa\Desktop\steph's phone pics

2015-07-10 22:21 - 2015-04-09 20:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll

2015-07-10 22:21 - 2015-04-09 20:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll

2015-07-10 16:25 - 2015-07-15 22:25 - 00000000 ____D C:\Users\papa\Desktop\gettysburg pics

2015-07-09 09:51 - 2015-07-09 09:52 - 87270706 _____ C:\Users\papa\Downloads\x9thVIww12.rar

2015-07-08 18:51 - 2015-07-08 18:52 - 39902656 _____ C:\Users\papa\Downloads\x9thVHL.rar

2015-07-08 18:42 - 2015-07-08 18:42 - 00000000 ____D C:\Users\papa\Downloads\EBS Ken Scholes

2015-07-08 18:42 - 2015-07-08 18:42 - 00000000 ____D C:\Users\papa\Downloads\Daniel Abraham

2015-07-07 16:39 - 2015-07-07 16:39 - 28448164 _____ C:\Users\papa\Downloads\r9thVBbHlVP.rar

2015-07-07 16:38 - 2015-07-07 16:39 - 45741164 _____ C:\Users\papa\Downloads\r9thVIoWTb.rar

2015-07-06 20:09 - 2015-07-06 20:10 - 00012288 _____ (Microsoft) C:\Users\papa\Downloads\VCF Viewer.exe

2015-06-29 11:50 - 2015-07-14 20:24 - 00013433 _____ C:\Users\papa\Desktop\Church 2nd Quarter 2015.xlsx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-24 18:27 - 2014-11-26 16:42 - 00000000 ____D C:\Users\papa\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack

2015-07-24 18:13 - 2014-11-13 06:56 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1752649306-4100760835-3452497139-1001

2015-07-24 18:07 - 2015-05-31 13:51 - 00000000 ____D C:\Program Files (x86)\OMC ModPack Client

2015-07-24 18:07 - 2014-11-26 12:31 - 00000000 ____D C:\Users\papa\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client

2015-07-24 18:00 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\sru

2015-07-24 16:25 - 2015-01-27 20:54 - 00000000 ____D C:\Users\papa\Desktop\Epub Stuff

2015-07-24 16:19 - 2014-11-13 07:03 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{26ACF6BE-75A4-4FDC-A990-EB59D2508DDE}

2015-07-23 14:41 - 2014-08-13 06:06 - 01886938 _____ C:\Windows\WindowsUpdate.log

2015-07-23 14:40 - 2014-03-18 06:03 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI

2015-07-23 14:38 - 2014-11-23 12:00 - 00000000 ____D C:\Users\papa\AppData\Roaming\vlc

2015-07-23 13:20 - 2014-11-14 05:16 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-07-23 13:20 - 2014-11-14 05:16 - 00003654 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-07-23 13:15 - 2014-11-14 05:16 - 00000000 ____D C:\Program Files (x86)\Google

2015-07-23 13:07 - 2015-02-25 09:58 - 00000000 __SHD C:\Users\papa\AppData\Local\EmieBrowserModeList

2015-07-23 13:07 - 2014-11-13 07:03 - 00000000 __SHD C:\Users\papa\AppData\Local\EmieUserList

2015-07-23 13:07 - 2014-11-13 07:03 - 00000000 __SHD C:\Users\papa\AppData\Local\EmieSiteList

2015-07-23 10:31 - 2014-06-12 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer

2015-07-23 10:31 - 2014-06-12 04:07 - 00000000 ____D C:\Program Files (x86)\Acer

2015-07-23 10:30 - 2014-06-12 04:36 - 00000000 ___HD C:\OEM

2015-07-23 10:28 - 2014-11-13 06:52 - 00000000 ____D C:\Users\papa\AppData\Local\clear.fi

2015-07-23 10:17 - 2015-01-15 10:08 - 00000000 ____D C:\Program Files\Adobe

2015-07-23 10:17 - 2014-06-12 04:17 - 00000000 ____D C:\ProgramData\Adobe

2015-07-23 10:16 - 2014-06-12 04:16 - 00000000 ____D C:\Program Files (x86)\Adobe

2015-07-23 10:10 - 2014-11-13 06:49 - 00000000 ____D C:\Users\papa

2015-07-23 10:05 - 2014-11-22 21:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe

2015-07-23 10:00 - 2015-04-08 07:24 - 00032281 _____ C:\Windows\setupact.log

2015-07-23 10:00 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-07-23 09:49 - 2014-12-31 15:26 - 00000000 ____D C:\Users\papa\Desktop\4KAD stuff

2015-07-23 09:45 - 2014-11-22 19:37 - 00000000 ____D C:\Users\papa\AppData\Local\Adobe

2015-07-22 22:52 - 2015-01-15 11:46 - 00000000 ____D C:\Users\papa\Documents\Calibre Library

2015-07-22 16:14 - 2014-11-26 16:56 - 00000000 ____D C:\Users\papa\AppData\Roaming\TS3Client

2015-07-22 11:39 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness

2015-07-21 20:20 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache

2015-07-21 09:20 - 2014-11-14 14:49 - 00000000 ____D C:\Windows\SysWOW64\vbox

2015-07-21 09:20 - 2014-11-14 14:49 - 00000000 ____D C:\Windows\system32\vbox

2015-07-20 16:47 - 2015-03-16 12:52 - 00000000 ____D C:\Users\papa\Desktop\book covers

2015-07-20 15:14 - 2015-04-08 07:23 - 00065010 _____ C:\Windows\PFRO.log

2015-07-20 15:14 - 2014-11-14 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software

2015-07-20 15:13 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

2015-07-20 14:57 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2015-07-19 18:33 - 2015-03-15 15:12 - 00000000 ____D C:\Users\papa\AppData\Local\Microsoft Help

2015-07-19 18:25 - 2013-08-22 10:44 - 09738280 _____ C:\Windows\system32\FNTCACHE.DAT

2015-07-19 18:23 - 2014-11-14 15:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2015-07-19 18:22 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData

2015-07-19 18:21 - 2014-12-11 17:36 - 00000000 ____D C:\Windows\system32\appraiser

2015-07-19 18:21 - 2014-11-19 17:18 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-07-19 18:21 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\WinStore

2015-07-19 18:21 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-19 09:20 - 2015-01-15 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management

2015-07-19 09:20 - 2015-01-15 11:45 - 00000000 ____D C:\Program Files (x86)\Calibre2

2015-07-19 08:56 - 2015-03-01 14:49 - 00000000 ____D C:\Users\papa\Documents\ConvertXtoDVD

2015-07-17 17:24 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp

2015-07-17 17:12 - 2014-11-15 14:06 - 00000000 ____D C:\Windows\system32\MRT

2015-07-17 17:01 - 2015-03-30 07:50 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-17 17:01 - 2015-03-30 07:50 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-17 16:45 - 2015-05-31 13:51 - 00000000 ____D C:\Users\papa\Documents\OMC ModPack

2015-07-17 08:53 - 2015-03-16 08:02 - 00000000 ____D C:\Users\papa\AppData\Local\CrashDumps

2015-07-13 14:38 - 2015-02-21 17:34 - 00000000 ____D C:\Users\papa\Desktop\movies

2015-07-11 23:05 - 2015-01-24 12:14 - 00001456 _____ C:\Users\papa\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-07-10 22:02 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\NDF

2015-07-06 23:19 - 2015-05-03 15:51 - 00000000 ____D C:\Users\papa\Desktop\warbooks

2015-07-03 08:43 - 2014-11-15 14:06 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-12-23 17:05 - 2014-12-23 17:36 - 0000132 _____ () C:\Users\papa\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen

2015-04-24 09:30 - 2015-05-30 09:51 - 0000132 _____ () C:\Users\papa\AppData\Roaming\Adobe PNG Format CS6 Prefs

2014-11-26 10:59 - 2014-11-26 10:59 - 0099384 _____ () C:\Users\papa\AppData\Roaming\inst.exe

2014-11-26 10:59 - 2014-11-26 10:59 - 0007859 _____ () C:\Users\papa\AppData\Roaming\pcouffin.cat

2014-11-26 10:59 - 2014-11-26 10:59 - 0001167 _____ () C:\Users\papa\AppData\Roaming\pcouffin.inf

2014-11-26 10:59 - 2014-11-26 10:59 - 0000055 _____ () C:\Users\papa\AppData\Roaming\pcouffin.log

2014-11-26 10:59 - 2014-11-26 10:59 - 0082816 _____ (VSO Software) C:\Users\papa\AppData\Roaming\pcouffin.sys

2014-12-17 17:11 - 2014-12-17 17:31 - 0001456 _____ () C:\Users\papa\AppData\Local\Adobe Für Web speichern 13.0 Prefs

2015-01-24 12:14 - 2015-07-11 23:05 - 0001456 _____ () C:\Users\papa\AppData\Local\Adobe Save for Web 13.0 Prefs

2014-08-13 06:05 - 2014-08-13 06:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2014-11-13 07:03 - 2015-01-15 14:14 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

Some files in TEMP:

====================

C:\Users\papa\AppData\Local\Temp\HssInstaller.exe

C:\Users\papa\AppData\Local\Temp\HssInstaller64.exe

C:\Users\papa\AppData\Local\Temp\{C767BF00-ACD5-4B89-90C7-26AD6B2549DB}-44.0.2403.89_chrome_installer.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-07-24 17:36

==================== End of log ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015

Ran by papa at 2015-07-24 18:29:48

Running from C:\Users\papa\Desktop

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1752649306-4100760835-3452497139-500 - Administrator - Disabled)

Guest (S-1-5-21-1752649306-4100760835-3452497139-501 - Limited - Disabled)

papa (S-1-5-21-1752649306-4100760835-3452497139-1001 - Administrator - Enabled) => C:\Users\papa

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2002 - Acer Incorporated)

abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated)

Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)

Adobe Reader 64-bit fixes (HKLM\...\{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1) (Version: - Leo Davidson / Pretentious Name)

Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)

Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)

AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2003.1 - Acer Incorporated)

Ashampoo Burning Studio 12 v.12.0.3 (HKLM-x32\...\{91B33C97-93EB-244C-F687-71D85E45A206}_is1) (Version: 12.0.3 - Ashampoo GmbH & Co. KG)

Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)

bl (x32 Version: 1.0.0 - Your Company Name) Hidden

calibre (HKLM-x32\...\{4DA127C8-972B-4A5A-A38B-CCBAF52D499F}) (Version: 2.32.1 - Kovid Goyal)

CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC)

Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.1 - Genesys Logic)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.89 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)

Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)

Intel® Technology Access (HKLM-x32\...\{efc54997-dfa9-44b1-afac-3a7ac4f45730}) (Version: 1.3.6.1042 - Intel Corporation)

Intel® Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)

Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)

Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)

Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

NVIDIA Graphics Driver 332.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.91 - NVIDIA Corporation)

NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)

OMC ModPack Client version 1.3.8.22 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.3.8.22 - Odem Mortis)

ph (x32 Version: 1.0.0 - Your Company Name) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)

Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)

Solo's ModPack for World of Tanks (HKLM-x32\...\{547468D0-A0E7-4EDD-8C5F-39CCB4DD9343}_is1) (Version: 9.9.1 - soloviyko)

SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.4 - Krzysztof Kowalczyk)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1158 - SUPERAntiSpyware.com)

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)

UltraISO Premium V9.52 (HKLM-x32\...\UltraISO_is1) (Version: - )

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)

VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.30 - VSO-Software SARL)

WinDjView 2.0.2 (HKLM\...\WinDjView) (Version: 2.0.2 - Andrew Zhezherun)

WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

World of Tanks (HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version: - Wargaming.net)

World of Warships (HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

21-07-2015 19:24:41 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2015-03-07 15:59 - 00001054 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 anchorfree.net

127.0.0.1 rss2search.com

127.0.0.1 techbrowsing.com

127.0.0.1 box.anchorfree.net

127.0.0.1 www.mefeedia.com

127.0.0.3 www.anchorfree.net

127.0.0.2 www.mefeedia.com

127.0.0.1 anchorfree.us

127.0.0.1 a433.com

127.0.0.3 anchorfree.net

127.0.0.1 rpt.anchorfree.net

127.0.0.1 delivery.anchorfree.us/land.php

127.0.0.1 hsselite.com

127.0.0.1 www.hsselite.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BA7382F-B601-48F4-B0FE-10DD3CBD345C} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)

Task: {4A83C9CD-B038-444A-9091-D3069D150A49} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)

Task: {60D7F1A9-6E6F-4EC1-AF8B-4DA8F1A73A1F} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION

Task: {8464E7D7-1C32-4249-9C2B-313D7F88428E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)

Task: {97208880-6263-4023-A260-867426D1F220} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()

Task: {A1AC7882-CE3E-4836-AB8C-B7A77F80B043} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)

Task: {A8988A94-5076-40A4-8065-C81AEF795FF3} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()

Task: {ACA1E3F2-F97B-4D64-A7C6-1B54C3C063B4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)

Task: {BDC431AF-1E50-4B64-B27B-6090E057E18C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)

Task: {C4CDEF1D-22F0-424B-885A-D0E18F04038F} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-25] ()

Task: {CD9FED0B-FB15-43C0-BB14-922E6D286C1A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-06-09] ()

Task: {F7374BF4-56B7-4534-9FCB-E77BFDF165F7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-06-09] ()

Task: {FB5628A9-1B22-4D04-872B-E34E01692FBE} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-08-13 06:07 - 2014-03-24 08:30 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2015-03-17 13:43 - 2015-03-17 13:43 - 00087552 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\libglog.dll

2015-02-08 12:20 - 2015-02-08 12:20 - 01793248 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\cpprest120_1_4.dll

2015-03-17 14:15 - 2015-03-17 14:15 - 00355040 _____ () C:\Program Files\Intel Corporation\Intel® Technology Access\JsonCpp.dll

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-08-13 06:52 - 2014-01-03 17:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll

2014-08-13 06:13 - 2014-02-25 23:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe

2014-02-26 01:14 - 2014-02-26 01:14 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2014-02-26 01:11 - 2014-02-26 01:11 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll

2014-02-26 01:17 - 2014-02-26 01:17 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

2015-07-23 12:26 - 2015-07-23 12:26 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

2015-07-23 12:26 - 2015-07-23 12:26 - 00088928 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

2014-08-13 06:05 - 2013-10-01 05:09 - 00078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2015-07-24 18:07 - 2015-07-21 22:06 - 01217536 _____ () C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe

2015-07-20 15:12 - 2015-07-20 15:12 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll

2015-07-20 15:12 - 2015-07-20 15:12 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll

2015-07-22 15:32 - 2015-07-22 15:32 - 02957312 _____ () C:\Program Files\AVAST Software\Avast\defs\15072201\algo.dll

2015-07-24 17:13 - 2015-07-24 17:13 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072402\algo.dll

2014-08-13 06:09 - 2013-12-09 19:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2015-07-20 14:09 - 2015-07-20 14:09 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-12-29 14:25 - 2014-12-29 14:25 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll

2014-12-29 14:26 - 2014-12-29 14:26 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll

2014-12-29 14:26 - 2014-12-29 14:26 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll

2014-12-29 14:26 - 2014-12-29 14:26 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll

2015-07-23 10:30 - 2015-07-23 10:30 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll

2015-07-23 11:31 - 2015-07-23 11:31 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll

2015-07-23 11:25 - 2015-07-23 11:25 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

2015-07-23 12:26 - 2015-07-23 12:26 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll

2014-08-13 06:52 - 2014-01-03 17:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll

2015-07-23 13:15 - 2015-07-14 01:55 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libglesv2.dll

2015-07-23 13:15 - 2015-07-14 01:55 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\libegl.dll

2015-07-23 13:15 - 2015-07-14 01:55 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.89\PepperFlash\pepflashplayer.dll

2015-04-23 18:05 - 2015-04-15 16:20 - 00044544 _____ () C:\Games\World_of_Tanks\voip.dll

2014-11-14 16:57 - 2014-09-17 07:59 - 00323568 _____ () C:\Games\World_of_Tanks\ortp.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\008k.com -> 008k.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\00hq.com -> 00hq.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\0190-dialers.com -> 0190-dialers.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\01i.info -> 01i.info

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\05p.com -> 05p.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\0calories.net -> 0calories.net

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\0cj.net -> 0cj.net

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\0scan.com -> 0scan.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\1-domains-registrations.com -> 1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\1-se.com -> 1-se.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\1001movie.com -> 1001movie.com

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\1001night.biz -> 1001night.biz

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\100gal.net -> 100gal.net

IE restricted site: HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4789 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1752649306-4100760835-3452497139-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\papa\Desktop\july2013_1280x1024_cl.jpg

DNS Servers: 10.0.0.17 - 10.1.0.35

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{22E6E4BF-6631-47C4-95AF-1F8ED0E024EF}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{358E9FC0-5DD2-4B9F-9A09-93C95E49D93A}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe

FirewallRules: [{A7504887-2CCE-4621-8C64-0FB5C7DE3D77}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{5C767B80-8006-4A46-8687-DAB011BD0ADB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

FirewallRules: [{7766D7A2-3AAC-40FB-B25D-95011E9BC8E5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe

FirewallRules: [{145636F3-98DE-4F61-8ACF-A976875D153E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe

FirewallRules: [{3589317E-804B-4C78-ACC5-D7B25799AC58}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe

FirewallRules: [{9D2651DB-DDE4-430E-8988-6476476FA6B4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe

FirewallRules: [{8A34381C-29CF-4C65-A4AF-96D28B12D2A9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe

FirewallRules: [{FB68A3F8-88AA-4706-AC05-526EE4045233}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe

FirewallRules: [{2D69B8CC-5BE5-4BC5-BAF1-2316E698DC66}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe

FirewallRules: [{E7BB174C-CFB6-4C72-AFEB-7E8F307B8DF9}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe

FirewallRules: [{E36B4FA6-708E-448D-8959-AD0AABDDD976}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe

FirewallRules: [{FD4CB4C8-2349-43A2-B7B4-96B5EDD25E9D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe

FirewallRules: [{5E9198F9-C216-459D-BD11-8F7B586BBE12}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe

FirewallRules: [{658AE267-26AB-4E42-9131-367891594BBE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe

FirewallRules: [{834AE14C-3344-459A-8C2D-05213D880B88}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe

FirewallRules: [{F6928D9C-BEF2-4282-BE77-A629C8A30290}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe

FirewallRules: [{C1EA9163-4DDB-4A09-AD36-7BE6547CDC06}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe

FirewallRules: [{B8AB6383-5C38-4FB0-A810-62A5EEF5F51D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe

FirewallRules: [{419018EC-4402-41A1-86A0-0A79156F7FF4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{9B8A2633-721D-4AD7-B64A-C0CC441C9915}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{7D683561-6698-45E4-B485-3FA6B29918B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{5A7B14BF-BB23-4AAF-A9CC-B22D0F48036B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{9DBF9968-3B9F-4181-A158-AB5FD9D3868E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{B9A0BE59-3634-4F58-9216-DEB90F775330}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{AF9D3124-4BA0-4D2A-A6AD-B867473C512E}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{BB57FB9A-44E7-422D-A535-4D87C7F7FF50}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{42CB972C-A9EB-40DD-B16C-7B97555AFB5D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{5B9D4D61-A288-4A58-9C04-4703E3322B97}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{2ECFFF29-E7AD-4D2D-9A38-7FDBA720A2D7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{13E20E13-177E-4B6D-A865-82DEE7D202BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{1DB6173D-66C1-4F3C-9D19-B38A5D8DE95D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{C157F906-79D3-4F09-A753-B47E654D4B7B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{C779719E-EC56-4C2E-9234-B6938057380E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{51CF9E82-5761-47B6-B962-CAA13AE1F897}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [TCP Query User{2D29E0E6-AC11-4C65-915A-04918B884D6A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe

FirewallRules: [UDP Query User{A00F1235-B1CF-42DD-B91E-1C1305B02F45}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe

FirewallRules: [TCP Query User{8FC8F94E-D400-4ACB-8175-59C5A252D9E5}C:\users\papa\desktop\virgin wot\wotlauncher.exe] => (Allow) C:\users\papa\desktop\virgin wot\wotlauncher.exe

FirewallRules: [UDP Query User{FE9643D0-FDEC-4970-82D6-6485127D7BE4}C:\users\papa\desktop\virgin wot\wotlauncher.exe] => (Allow) C:\users\papa\desktop\virgin wot\wotlauncher.exe

FirewallRules: [{819B503F-6AC6-4198-8650-B53BD951FF44}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe

FirewallRules: [{3C91109D-1867-4E10-9829-92E5E0AC1CE7}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe

FirewallRules: [{72F5A0D6-228C-4FD1-B42C-22B8C342FB02}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe

FirewallRules: [{9D1C9278-6D08-4034-9062-47288FE5082C}] => (Allow) C:\Games\World_of_Tanks\WorldOfTanks.exe

FirewallRules: [TCP Query User{3014255A-0A06-4A15-90DE-088CC9E239BF}C:\new wot\wotlauncher.exe] => (Allow) C:\new wot\wotlauncher.exe

FirewallRules: [UDP Query User{3AD317CB-68EF-470D-8929-347ED569CC1D}C:\new wot\wotlauncher.exe] => (Allow) C:\new wot\wotlauncher.exe

FirewallRules: [TCP Query User{C2E1EB07-EC80-4196-9A00-03DDCBB2CC9C}C:\new wot\worldoftanks.exe] => (Allow) C:\new wot\worldoftanks.exe

FirewallRules: [UDP Query User{F937B056-1BB0-4AB5-A93E-3A5D8887AD19}C:\new wot\worldoftanks.exe] => (Allow) C:\new wot\worldoftanks.exe

FirewallRules: [{F8E03C55-4087-4D2D-935B-9D4EF916E0C1}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\3\VsoDownloader.exe

FirewallRules: [{77A0D8B4-6FFA-4B3E-8AA8-4E314D7B0EB9}] => (Allow) C:\Program Files (x86)\VSO\VSO Downloader\3\VsoDownloader.exe

FirewallRules: [{A2612071-FF06-4459-B727-AA879AF13F91}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{1DDF73EB-509E-4C15-9DEC-2AB70FB86634}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{AE9A18E7-BEE3-4A66-8D51-865DEA490BFA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{01C04B1F-BCD6-4635-B2A4-ABEBA4B4CA2C}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{C04FE7F1-8DA6-4035-A96D-C59AECA35089}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{C6EB8DC0-4521-4A2D-AAF6-669A212F9B11}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe

FirewallRules: [{51D73021-28DF-4D83-8B29-3DAA148B9311}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{51C2B466-EEA8-437C-B847-2A9FD298A575}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe

FirewallRules: [{48450846-6768-4A27-BC48-055F92647F8F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{FE3D98B2-F659-40CF-9373-8915A61CCB90}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{DE1FF559-1606-461D-9935-655026114654}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{19F0A300-4820-49F5-B329-B1E8E2444A96}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{EDB10EF2-E50F-4F61-9F07-97B4ED541022}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{228EED8A-6591-4D8F-BD5F-5577308D8A4F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{A840178C-8ACB-4270-9CC6-D1B88F096B9E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{422F912C-0402-4779-8084-A2932AC72D2E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{70EC3543-5BAD-4A86-AC4E-B40E5BC71C18}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{A7E5112D-21AC-4125-A64C-80D132AB05DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{2A048D24-DD41-4F5B-B78E-9E3EB5D3EE98}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{7969F7F1-AC07-4F2D-872D-C648324035B4}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{F3AB1507-7B7D-4EE2-BE65-489C7C8B3069}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe

FirewallRules: [{F071D617-2BDA-4471-BE34-9A0E1A976560}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe

FirewallRules: [{B009FE3B-5521-4103-843F-18ADB0EEB212}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe

FirewallRules: [{FF10A464-9404-4888-A49F-5FEB5C18932C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe

FirewallRules: [{81944A71-126C-4C2A-9409-2713394BB693}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{0451DB28-88E2-4996-97DA-D6BFF8A13429}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

FirewallRules: [{81145107-A090-4A69-B7B6-2E3E6EB5EA39}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{CB0B4108-BC41-4D50-A881-497A033AD923}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe

FirewallRules: [{5A33BAE4-3460-40FA-A111-3DD1880F7566}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{E495FCD7-3D10-4DC0-A89C-3A4A0516AC55}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe

FirewallRules: [{0A2F92F9-688B-4989-95A0-5BB7B82BB04C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{F2EC3BD1-43CF-43BB-A240-22873D277A02}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

FirewallRules: [{EBC38E94-2D1E-4500-9C7D-05E4BEC9562B}] => (Allow) LPort=7935

FirewallRules: [{309EC818-F369-4700-A458-04ABE4158326}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsb4B.tmp\CnetInstaller-10239518.exe

FirewallRules: [{A2D0A9EF-2595-47FA-A576-71498351F164}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsb4B.tmp\CnetInstaller-10239518.exe

FirewallRules: [{ED8E826E-6B3F-44E0-843A-F643A12AD9DB}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsd3AB1.tmp\CnetInstaller-10239518.exe

FirewallRules: [{113D70B6-2E03-4C4E-857B-3964A9D8C79B}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsd3AB1.tmp\CnetInstaller-10239518.exe

FirewallRules: [{DBE66653-42C7-4EAB-BB08-FE0DABE4A190}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsuFA6C.tmp\CnetInstaller-10907418.exe

FirewallRules: [{5C2046E4-4B96-4667-B47E-6B63436AA994}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsuFA6C.tmp\CnetInstaller-10907418.exe

FirewallRules: [{13D88EE6-184A-489D-82FF-FBA88C067C49}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsy22DE.tmp\CnetInstaller-75446583.exe

FirewallRules: [{B3BBFD3D-256D-450C-AB96-142CC23571E9}] => (Allow) C:\Users\papa\AppData\Local\Temp\nsy22DE.tmp\CnetInstaller-75446583.exe

FirewallRules: [{F69CEBEF-2DA4-4577-912F-98625EC68698}] => (Allow) C:\Users\papa\Downloads\solutoinstaller(1).exe

FirewallRules: [{2EF45A4A-5F9E-4229-9FBE-A92F8D74ADE9}] => (Allow) C:\Users\papa\Downloads\solutoinstaller(1).exe

FirewallRules: [{4FC01684-AF33-48E6-AD7E-15055E172873}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{DBB8DFFD-C183-4354-862D-CEFF967E8929}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

FirewallRules: [{CEAEBF25-3284-4DCB-8557-C851C2600BBE}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe

FirewallRules: [{BBF4AE8E-449C-4C4B-9B32-C9B49C448C80}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe

FirewallRules: [{C29D2045-9EDD-4EB3-A2BE-B9F9ECED5A0E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{01DEEE18-63A3-43AC-8A36-340FD4D27296}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [TCP Query User{D482E683-430A-42B0-A3C7-71CE1CC58C90}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe

FirewallRules: [UDP Query User{3ED9B80B-E57C-4819-B84B-59BEFCDDF740}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe

FirewallRules: [{C9A58DC8-B797-405A-95A5-BD3DE9CBCC60}] => (Allow) C:\Games\World_of_Tanks\SoloModPack\DLC\solo.exe

FirewallRules: [{4FABE34E-47BD-4895-801D-DA7C0C03EB4E}] => (Allow) C:\Games\World_of_Tanks\SoloModPack\DLC\solo.exe

FirewallRules: [{2DAE6025-9FD7-42D9-8F58-35A3970034DD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{081BB6F1-77DF-4D26-A8CA-60F79F5C13F9}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

FirewallRules: [{6C6D44C2-996A-46F7-A832-4DEB7103DDC9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{3BC2BF54-1675-41DE-BFFC-9321F10B1600}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (07/23/2015 12:34:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: The volume Lennee (E:) was not optimized because an error was encountered: The disk was disconnected from the system. (0x89000011)

Error: (07/23/2015 10:23:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0x14c4

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

Error: (07/23/2015 10:14:52 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0xfb4

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

Error: (07/23/2015 10:09:41 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82

Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82

Exception code: 0xc0000005

Fault offset: 0x000de000

Faulting process id: 0x914

Faulting application start time: 0xPSIA.exe0

Faulting application path: PSIA.exe1

Faulting module path: PSIA.exe2

Report Id: PSIA.exe3

Faulting package full name: PSIA.exe4

Faulting package-relative application ID: PSIA.exe5

Error: (07/23/2015 10:03:38 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0xa60

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

Error: (07/22/2015 06:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe, version: 6.3.9600.17415, time stamp: 0x54504177

Faulting module name: ntdll.dll, version: 6.3.9600.17736, time stamp: 0x550f4336

Exception code: 0xc0000005

Fault offset: 0x000000000003b179

Faulting process id: 0x6d0

Faulting application start time: 0xsvchost.exe0

Faulting application path: svchost.exe1

Faulting module path: svchost.exe2

Report Id: svchost.exe3

Faulting package full name: svchost.exe4

Faulting package-relative application ID: svchost.exe5

Error: (07/20/2015 03:40:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0x7d4

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

Error: (07/20/2015 03:29:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0x1798

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

Error: (07/20/2015 03:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82

Faulting module name: PSIA.exe, version: 3.0.0.10004, time stamp: 0x54784a82

Exception code: 0xc0000409

Fault offset: 0x00093524

Faulting process id: 0x880

Faulting application start time: 0xPSIA.exe0

Faulting application path: PSIA.exe1

Faulting module path: PSIA.exe2

Report Id: PSIA.exe3

Faulting package full name: PSIA.exe4

Faulting package-relative application ID: PSIA.exe5

Error: (07/20/2015 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb5aeb

Faulting module name: mpengine.dll, version: 1.1.10401.0, time stamp: 0x53194e31

Exception code: 0xc0000005

Fault offset: 0x00000000005fc212

Faulting process id: 0x900

Faulting application start time: 0xMsMpEng.exe0

Faulting application path: MsMpEng.exe1

Faulting module path: MsMpEng.exe2

Report Id: MsMpEng.exe3

Faulting package full name: MsMpEng.exe4

Faulting package-relative application ID: MsMpEng.exe5

System errors:

=============

Error: (07/24/2015 06:30:11 PM) (Source: DCOM) (EventID: 10010) (User: papas)

Description: {5C65F4B0-3651-4514-B207-D10CB699B14B}

Error: (07/24/2015 05:46:33 PM) (Source: DCOM) (EventID: 10010) (User: papas)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/24/2015 05:37:40 PM) (Source: DCOM) (EventID: 10010) (User: papas)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/24/2015 05:37:10 PM) (Source: DCOM) (EventID: 10010) (User: papas)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/23/2015 02:42:45 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (07/23/2015 02:42:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (07/23/2015 02:41:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (07/23/2015 02:40:52 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (07/23/2015 02:40:22 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.

Error: (07/23/2015 12:30:53 PM) (Source: disk) (EventID: 7) (User: )

Description: The device, \Device\Harddisk1\DR1, has a bad block.

Microsoft Office:

=========================

Error: (07/23/2015 12:34:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: Lennee (E:)The disk was disconnected from the system. (0x89000011)

Error: (07/23/2015 10:23:19 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc21214c401d0c55214ffcbd1C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll5d3cab76-3146-11e5-82d7-c45444b61c2d

Error: (07/23/2015 10:14:52 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc212fb401d0c550855dc8b9C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll2edf63ef-3145-11e5-82d7-c45444b61c2d

Error: (07/23/2015 10:09:41 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c0000005000de00091401d0c54ffe02f413C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exe759c893b-3144-11e5-82d7-c45444b61c2d

Error: (07/23/2015 10:03:38 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc212a6001d0c54ffed0fedaC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll9d5a6dc7-3143-11e5-82d7-c45444b61c2d

Error: (07/22/2015 06:43:21 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: svchost.exe6.3.9600.1741554504177ntdll.dll6.3.9600.17736550f4336c0000005000000000003b1796d001d0c3206d7d6e52C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll0d0cf7b5-30c3-11e5-82d6-3010b3057017

Error: (07/20/2015 03:40:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc2127d401d0c3228eaeb6a0C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll34227dd8-2f17-11e5-82d6-3010b3057017

Error: (07/20/2015 03:29:38 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc212179801d0c320fd7409eaC:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dlla88ea927-2f15-11e5-82d6-3010b3057017

Error: (07/20/2015 03:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: PSIA.exe3.0.0.1000454784a82PSIA.exe3.0.0.1000454784a82c00004090009352488001d0c32074a21027C:\Program Files (x86)\Secunia\PSI\PSIA.exeC:\Program Files (x86)\Secunia\PSI\PSIA.exeea43fd80-2f14-11e5-82d6-3010b3057017

Error: (07/20/2015 03:18:20 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: MsMpEng.exe4.7.205.054cb5aebmpengine.dll1.1.10401.053194e31c000000500000000005fc21290001d0c32075434b97C:\Program Files\Windows Defender\MsMpEng.exeC:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\mpengine.dll1475bc5c-2f14-11e5-82d6-3010b3057017

==================== Memory info ===========================

Processor: Intel® Core™ i5-4210U CPU @ 1.70GHz

Percentage of memory in use: 49%

Total physical RAM: 8115.27 MB

Available physical RAM: 4110.14 MB

Total Virtual: 9395.27 MB

Available Virtual: 4743.47 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:913.91 GB) (Free:390.77 GB) NTFS

Drive g: (STORE N GO) (Removable) (Total:7.46 GB) (Free:4.85 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: 1D2D5274)

Partition: GPT Partition Type.

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: 651B6DB5)

Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== End of log ============================

dog

#2
Essexboy

Posted 27 July 2015 - 11:23 AM

GeekU Moderator

Retired Staff
69,964 posts

Hi sorry for the delay, do you still require assistance ? If so then please post a fresh FRST log

Also do you get any errors on the pages/mail ?

#3
moondog830

Posted 27 July 2015 - 01:33 PM

Member

Topic Starter
Member
804 posts

hello again, I believe I still do need assistance. the pages just stop loading some at the beginning ... others in the middle ... or they load and the links on the pages don't load.

I am on a highspeed connection at the moment and I'm wondering if it might not just be the speed of my internet at home (satellite)

new logs coming shortly

#4
moondog830

Posted 27 July 2015 - 01:40 PM

Member

Topic Starter
Member
804 posts

FRST scan

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015

Ran by papa (administrator) on PAPAS (27-07-2015 15:36:12)

Running from C:\Users\papa\Desktop

Loaded Profiles: papa (Available Profiles: papa)

Platform: Windows 8.1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel® Corporation) C:\Program Files\Intel Corporation\Intel® Technology Access\IntelTechnologyAccessService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\SysWOW64\UMonit64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe

(Microsoft Corporation) C:\Windows\System32\SrTasks.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

(Farbar) C:\Users\papa\Desktop\FRST64 (1).exe