Hi,
Ok here you go,
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Daniel Hollowed (administrator) on DANIEL (09-11-2015 12:22:07)
Running from C:\Users\Daniel Hollowed\Desktop\Computer fix FRST
Loaded Profiles: Daniel Hollowed (Available Profiles: Daniel Hollowed)
Platform: Windows 8.1 Connected (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Alcatel-Lucent) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Joyent, Inc) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Alcatel-Lucent) C:\Program Files (x86)\Common Files\Motive\pcCMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\pcCMService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2015-01-23] (Spotify Ltd)
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57981568 2015-09-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-10-15] (Acer Incorporated)
Startup: C:\Users\Daniel Hollowed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2015-08-19]
ShortcutTarget: Curse.lnk -> C:\Users\Daniel Hollowed\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{38F813CC-B23F-4B1F-80F0-D9137E759791}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1838069831-910762768-3284051805-1001 -> DefaultScope {E4384E46-F90F-4484-B105-15B141528225} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB0D20151101&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1838069831-910762768-3284051805-1001 -> {E4384E46-F90F-4484-B105-15B141528225} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB0D20151101&p={searchTerms}
BHO: BT Toolbar -> {aba8d0e6-0d4d-4cb8-836a-04d69824b108} -> C:\Program Files (x86)\bttb\bttbX64.dll [2014-02-07] ()
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-06] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-06] (Oracle Corporation)
Toolbar: HKLM - BT Toolbar - {aba8d0e6-0d4d-4cb8-836a-04d69824b108} - C:\Program Files (x86)\bttb\bttbX64.dll [2014-02-07] ()
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-11-03] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-11-03] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-11-03] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-11-03] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-09-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-09-28] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-09-28] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-06] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-09-28] ()
FF Plugin-x32: @mcafee.com/MVT -> C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll [2015-08-18] (McAfee, Inc.)
FF Plugin-x32: @Motive.com/NpMotive,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotive.dll [2012-10-05] (Alcatel-Lucent)
FF Plugin-x32: @Motive.com/npMotiveRequest,version=1.0 -> C:\Program Files (x86)\Common Files\Motive\npMotiveRequest.dll [2011-12-06] (Alcatel-Lucent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-03]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-10-08] [not signed]
Chrome:
=======
CHR Profile: C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-03]
CHR Extension: (Google Docs) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-03]
CHR Extension: (Google Drive) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Google Sheets) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-03]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-06]
CHR Extension: (BT Toolbar) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdpkpbhapgfjahbajejahjjcghiclegg [2015-08-03] [UpdateUrl: hxxp://www.bt.com/static/includes/account/toolbar/update/chromeUpdates.xml] <==== ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-03]
CHR Extension: (Gmail) - C:\Users\Daniel Hollowed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-03]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-11-06]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-11-06]
CHR HKLM-x32\...\Chrome\Extension: [hdpkpbhapgfjahbajejahjjcghiclegg] - C:\Program Files (x86)\bttb\toolbar.crx [2014-02-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-15] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows ® Win 7 DDK provider) [File not signed]
R2 BT Help Wizard; C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe [321024 2014-04-09] (Alcatel-Lucent) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-09-10] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625632 2015-07-22] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-11-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [783120 2015-09-28] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [1694152 2015-09-01] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-08-11] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-07-31] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [376264 2015-08-10] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-07-31] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368584 2015-09-01] (McAfee, Inc.)
R2 pcCMService64; C:\Program Files\Common Files\Motive\pcCMService.exe [467256 2013-11-11] (Alcatel-Lucent)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-02-24] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-08-07] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-23] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-02-24] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-02-24] (Advanced Micro Devices, Inc. )
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80768 2015-08-10] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [413432 2015-08-10] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349096 2015-08-10] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [82072 2015-08-10] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [495856 2015-08-10] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [839376 2015-08-10] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537408 2015-08-12] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [111256 2015-08-12] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-11-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244024 2015-08-10] (McAfee, Inc.)
S3 MREMP50; C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [21248 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MREMP50a64; C:\Program Files\Common Files\Motive\MREMP50a64.SYS [43008 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [20096 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50a64; C:\Program Files\Common Files\Motive\MRESP50a64.SYS [40960 2010-02-02] (Printing Communications Assoc., Inc. (PCAUSA))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wmbclass; C:\Windows\system32\DRIVERS\wmbclass.sys [268288 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-08 15:25 - 2015-11-08 15:25 - 01712128 _____ C:\Users\Daniel Hollowed\Downloads\AdwCleaner.exe
2015-11-07 17:49 - 2015-11-08 15:29 - 00000000 ____D C:\AdwCleaner
2015-11-07 17:47 - 2015-11-07 17:47 - 00002328 _____ C:\Users\Daniel Hollowed\Desktop\JRT.txt
2015-11-07 17:37 - 2015-11-07 17:37 - 01801288 _____ (Malwarebytes) C:\Users\Daniel Hollowed\Downloads\JRT.exe
2015-11-06 13:07 - 2015-11-06 13:07 - 00001184 _____ C:\Users\Daniel Hollowed\Desktop\fixlist.txt - Shortcut.lnk
2015-11-06 13:06 - 2015-11-06 13:06 - 00006479 _____ C:\Users\Daniel Hollowed\Downloads\fixlist.txt
2015-11-06 13:05 - 2015-11-09 12:22 - 00000000 ____D C:\Users\Daniel Hollowed\Desktop\Computer fix FRST
2015-11-06 13:04 - 2015-11-06 13:08 - 00001312 _____ C:\Users\Daniel Hollowed\Desktop\FRST64.exe - Shortcut.lnk
2015-11-02 23:21 - 2015-11-02 23:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-11-02 23:19 - 2015-11-02 23:19 - 00038253 _____ C:\Users\Daniel Hollowed\Documents\Addition.txt
2015-11-02 23:16 - 2015-11-02 23:16 - 00056236 _____ C:\Users\Daniel Hollowed\Documents\FRST.txt
2015-11-02 12:44 - 2015-11-02 23:16 - 00038253 _____ C:\Users\Daniel Hollowed\Downloads\Addition.txt
2015-11-02 12:41 - 2015-11-02 12:48 - 00056236 _____ C:\Users\Daniel Hollowed\Downloads\FRST.txt
2015-11-02 12:40 - 2015-11-09 12:22 - 00000000 ____D C:\FRST
2015-11-01 13:54 - 2015-11-09 12:18 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-01 13:54 - 2015-11-01 13:55 - 00001126 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-01 13:54 - 2015-11-01 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-01 13:54 - 2015-11-01 13:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-01 13:54 - 2015-11-01 13:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-01 13:54 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-01 13:54 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-01 13:54 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-01 13:53 - 2015-11-01 13:53 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\Daniel Hollowed\Downloads\mbam-setup-sem-2.1.6.1022.exe
2015-11-01 13:53 - 2015-11-01 13:53 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\Daniel Hollowed\Downloads\mbam-setup-sem-2.1.6.1022 (1).exe
2015-11-01 12:51 - 2015-11-01 12:51 - 00000017 _____ C:\Users\Daniel Hollowed\AppData\Local\resmon.resmoncfg
2015-11-01 12:44 - 2015-11-01 14:21 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Local\LogMeIn Rescue Applet
2015-11-01 12:43 - 2015-11-01 12:43 - 01588472 _____ (LogMeIn, Inc.) C:\Users\Daniel Hollowed\Downloads\Support-LogMeInRescue.exe
2015-10-31 17:53 - 2015-10-31 17:53 - 00000000 _____ C:\autoexec.bat
2015-10-31 17:50 - 2015-10-31 17:50 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Daniel Hollowed\Downloads\SpyHunter-Installer.exe
2015-10-31 17:25 - 2015-10-31 17:25 - 00000252 _____ C:\Windows\Internet .url
2015-10-31 17:25 - 2015-10-31 17:25 - 00000252 _____ C:\Users\Daniel Hollowed\Desktop\Internet .url
2015-10-31 17:25 - 2015-10-31 17:25 - 00000000 _____ C:\Windows\SysWOW64\Internet .url
2015-10-28 19:19 - 2015-10-28 19:19 - 00282088 _____ C:\Windows\Minidump\102815-19921-01.dmp
2015-10-26 10:29 - 2015-10-26 10:29 - 00002013 _____ C:\Users\Public\Desktop\abPhoto.lnk
2015-10-25 01:54 - 2015-10-25 01:54 - 00282144 _____ C:\Windows\Minidump\102515-34562-01.dmp
2015-10-22 14:24 - 2015-10-22 14:24 - 00015015 _____ C:\Users\Daniel Hollowed\Downloads\Electronic Payment Facility.zip
2015-10-21 14:26 - 2015-10-21 14:26 - 00003334 _____ C:\Windows\System32\Tasks\AcerCloud
2015-10-21 14:26 - 2015-10-21 14:26 - 00002038 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-10-21 14:19 - 2015-10-21 14:19 - 00001977 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-10-15 11:55 - 2015-09-19 03:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-15 11:55 - 2015-09-18 13:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-15 11:55 - 2015-09-18 13:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-15 11:55 - 2015-09-18 13:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-15 11:55 - 2015-09-18 13:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-15 11:55 - 2015-09-18 13:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-15 11:55 - 2015-09-18 13:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-14 10:51 - 2015-09-29 12:31 - 07457624 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-14 10:51 - 2015-09-29 12:31 - 01658536 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-14 10:51 - 2015-09-29 12:31 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-10-14 10:51 - 2015-09-29 12:31 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-14 10:51 - 2015-09-29 12:31 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-10-14 10:51 - 2015-09-24 16:42 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2015-10-14 10:51 - 2015-09-24 16:40 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-10-14 10:51 - 2015-08-27 02:43 - 22372152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-14 10:51 - 2015-08-27 02:42 - 19795904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-14 10:51 - 2015-08-07 21:40 - 01736520 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-14 10:51 - 2015-08-07 21:40 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-14 10:51 - 2015-08-07 21:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-14 10:51 - 2015-08-07 21:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-14 10:51 - 2015-08-07 21:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-14 10:51 - 2015-08-07 14:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-14 10:51 - 2015-08-06 17:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-10-14 10:51 - 2015-08-06 16:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-10-14 10:51 - 2015-08-06 16:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-10-14 10:51 - 2015-08-06 16:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-10-14 10:50 - 2015-09-29 12:29 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-14 10:50 - 2015-09-28 18:45 - 03705344 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-14 10:50 - 2015-09-28 18:26 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-10-14 10:50 - 2015-09-28 18:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-14 10:50 - 2015-09-28 18:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-14 10:50 - 2015-09-28 18:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-14 10:50 - 2015-09-28 18:22 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-14 10:50 - 2015-09-28 18:22 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-14 10:50 - 2015-09-28 18:22 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-14 10:50 - 2015-09-28 18:15 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-14 10:50 - 2015-09-28 18:13 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-14 10:50 - 2015-09-28 18:12 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-14 10:50 - 2015-09-10 18:02 - 25851392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-14 10:50 - 2015-09-10 17:19 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-14 10:50 - 2015-09-10 17:18 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-14 10:50 - 2015-09-10 17:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-14 10:50 - 2015-09-10 17:14 - 05990400 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-14 10:50 - 2015-09-10 17:09 - 20358144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-14 10:50 - 2015-09-10 17:06 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-14 10:50 - 2015-09-10 17:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-14 10:50 - 2015-09-10 16:51 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-14 10:50 - 2015-09-10 16:39 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-14 10:50 - 2015-09-10 16:37 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-14 10:50 - 2015-09-10 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-14 10:50 - 2015-09-10 16:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-14 10:50 - 2015-09-10 16:33 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-14 10:50 - 2015-09-10 16:28 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-10-14 10:50 - 2015-09-10 16:28 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-14 10:50 - 2015-09-10 16:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-14 10:50 - 2015-09-10 16:24 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-14 10:50 - 2015-09-10 16:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-14 10:50 - 2015-09-10 16:19 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-14 10:50 - 2015-09-10 16:19 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-14 10:50 - 2015-09-10 16:19 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-14 10:50 - 2015-09-10 16:17 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-14 10:50 - 2015-09-10 16:17 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-14 10:50 - 2015-09-10 16:07 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-14 10:50 - 2015-09-10 16:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-14 10:50 - 2015-09-10 16:02 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-14 10:50 - 2015-09-10 16:01 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-10-14 10:50 - 2015-09-10 16:00 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-14 10:50 - 2015-09-10 15:57 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-14 10:50 - 2015-09-10 15:57 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-14 10:50 - 2015-09-10 15:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-14 10:50 - 2015-09-10 15:55 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-14 10:50 - 2015-09-10 15:55 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-14 10:50 - 2015-09-10 15:45 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-14 10:50 - 2015-09-10 15:34 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-14 10:50 - 2015-09-10 15:31 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-14 10:50 - 2015-09-10 15:27 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-14 10:50 - 2015-09-10 15:26 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-14 10:50 - 2015-08-22 13:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-14 10:50 - 2015-07-16 18:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-10-14 07:43 - 2015-10-14 07:43 - 06967758 _____ C:\Users\Daniel Hollowed\Downloads\pokemonemerald_version.zip
2015-10-13 18:39 - 2015-10-13 18:39 - 00772016 _____ (Reimage®) C:\Users\Daniel Hollowed\Downloads\Unconfirmed 827800.crdownload
2015-10-11 11:40 - 2015-10-11 11:40 - 00000282 _____ C:\Users\Daniel Hollowed\Downloads\debug.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-09 12:20 - 2015-10-08 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-11-09 12:20 - 2015-08-19 19:59 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Roaming\Curse Client
2015-11-09 12:20 - 2015-06-27 17:20 - 00003958 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F1F966DA-AFC3-4A38-9571-EF317737CB79}
2015-11-09 12:19 - 2015-08-05 16:03 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Roaming\Skype
2015-11-09 12:18 - 2015-08-03 14:08 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-09 12:18 - 2015-06-26 08:38 - 02018963 _____ C:\Windows\WindowsUpdate.log
2015-11-09 12:17 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\sru
2015-11-08 20:05 - 2015-06-26 08:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1838069831-910762768-3284051805-1001
2015-11-08 15:37 - 2014-03-18 09:47 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-08 15:31 - 2015-01-23 11:15 - 01170348 _____ C:\Windows\SysWOW64\rootpa.e2e
2015-11-08 15:30 - 2015-01-23 11:10 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-11-08 15:30 - 2013-08-22 14:46 - 00027530 _____ C:\Windows\setupact.log
2015-11-08 15:30 - 2013-08-22 14:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-08 15:18 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-08 14:37 - 2013-08-22 13:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-11-07 17:27 - 2015-06-27 17:27 - 00000000 ____D C:\ProgramData\McAfee
2015-11-06 13:28 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-06 13:16 - 2014-03-18 09:39 - 00784344 _____ C:\Windows\PFRO.log
2015-11-03 00:21 - 2015-10-08 14:44 - 00003348 _____ C:\Windows\System32\Tasks\McAfee Remediation (Prepare)
2015-11-02 23:21 - 2015-08-03 13:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-11-02 12:01 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\IME
2015-11-01 17:46 - 2015-08-03 19:47 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Local\Battle.net
2015-11-01 17:36 - 2015-08-03 19:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-01 16:52 - 2015-06-26 17:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-11-01 13:56 - 2015-06-27 17:18 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Local\CrashDumps
2015-10-31 17:52 - 2015-06-26 08:38 - 00000000 ____D C:\Users\Daniel Hollowed
2015-10-30 16:10 - 2015-10-06 16:29 - 00000000 ____D C:\Users\Daniel Hollowed\Desktop\PokeMMO
2015-10-28 19:19 - 2015-08-25 03:21 - 568764728 _____ C:\Windows\MEMORY.DMP
2015-10-28 19:19 - 2015-08-25 03:21 - 00000000 ____D C:\Windows\Minidump
2015-10-26 20:54 - 2015-08-03 19:50 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-10-26 10:29 - 2014-11-18 08:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-10-26 10:26 - 2015-08-04 13:54 - 00003352 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2015-10-26 10:26 - 2015-06-26 08:39 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Local\clear.fi
2015-10-26 10:26 - 2014-11-18 07:09 - 00000000 ___HD C:\OEM
2015-10-25 13:28 - 2015-08-03 14:09 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-25 02:12 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\rescache
2015-10-24 13:43 - 2015-07-05 17:02 - 00000000 ____D C:\Users\Daniel Hollowed\AppData\Roaming\Spotify
2015-10-21 14:26 - 2014-11-18 08:24 - 00000000 ____D C:\Program Files (x86)\Acer
2015-10-21 14:26 - 2014-11-18 08:19 - 00000000 ____D C:\ProgramData\OEM
2015-10-20 18:50 - 2013-08-22 15:20 - 00000000 ____D C:\Windows\CbsTemp
2015-10-20 10:54 - 2015-08-06 20:25 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-20 10:54 - 2015-08-06 20:25 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-19 18:02 - 2015-09-17 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zodiac Casino EU
2015-10-18 12:03 - 2015-08-04 16:56 - 00000000 ____D C:\Windows\system32\MRT
2015-10-18 11:46 - 2015-08-04 16:55 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-10-16 11:14 - 2015-08-05 16:02 - 00000000 ____D C:\ProgramData\Skype
2015-10-16 04:51 - 2015-08-07 14:07 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:51 - 2015-08-07 14:07 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 11:38 - 2015-08-05 16:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-14 18:26 - 2013-08-22 15:36 - 00000000 ___RD C:\Windows\ToastData
2015-10-14 18:26 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\en-GB
2015-10-10 16:56 - 2015-10-08 15:13 - 00003080 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-10-10 16:55 - 2015-06-27 17:27 - 00000000 ____D C:\Program Files\Common Files\McAfee
==================== Files in the root of some directories =======
2015-08-03 14:01 - 2015-08-03 14:01 - 27093992 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-10-06 17:42 - 2015-10-06 17:42 - 0000045 _____ () C:\Users\Daniel Hollowed\AppData\Roaming\WB.CFG
2015-11-01 12:51 - 2015-11-01 12:51 - 0000017 _____ () C:\Users\Daniel Hollowed\AppData\Local\resmon.resmoncfg
2015-01-23 11:13 - 2015-01-23 11:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Daniel Hollowed\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-06 14:34
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Daniel Hollowed (2015-11-09 12:24:14)
Running from C:\Users\Daniel Hollowed\Desktop\Computer fix FRST
Windows 8.1 Connected (X64) (2015-06-26 08:38:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1838069831-910762768-3284051805-500 - Administrator - Disabled)
Daniel Hollowed (S-1-5-21-1838069831-910762768-3284051805-1001 - Administrator - Enabled) => C:\Users\Daniel Hollowed
Guest (S-1-5-21-1838069831-910762768-3284051805-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3009 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.05.2001.1 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2011.1 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{B54BF03D-0C7F-63B4-A36C-EE0A756579F1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.11.2000.2 - Acer Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version: - )
BT Toolbar (HKLM-x32\...\bttb) (Version: 1.0.0.43 - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.01 - CyberLink Corp.)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Channels (HKLM-x32\...\WildTangentGameProvider-packardbell-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Channels (HKLM-x32\...\WildTangentGameProvider-packardbell-main) (Version: 11.0.0.7 - WildTangent, Inc.)
GameRanger (HKU\S-1-5-21-1838069831-910762768-3284051805-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Packard Bell)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.5120 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 7.7.0.366 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.199 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{E142AB79-FD0D-34F7-8D4D-56E78C536467}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8109 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3006 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3006 - Packard Bell)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokémon Trading Card Game Online (HKLM-x32\...\{56E3456B-784B-408D-B9FC-F53CD7642149}) (Version: 2.31.0 - The Pokémon Company International)
PokerStars.uk (HKLM-x32\...\PokerStars.uk) (Version: - PokerStars.uk)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.3.34 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.26.218.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7016 - Realtek Semiconductor Corp.)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.1.5 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version: - FireFly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version: - FireFly Studios)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zodiac Casino EU (HKLM-x32\...\zodiaceu) (Version: 16.10.3.2234 - )
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
28-10-2015 13:36:56 Scheduled Checkpoint
06-11-2015 13:09:07 Restore Point Created by FRST
07-11-2015 17:40:08 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2015-11-06 13:10 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00AC43C4-0455-41D9-9C15-393FB2FA05BF} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2015-09-01] (McAfee, Inc.)
Task: {0288C657-513A-4BA0-88B1-E8981102FDF4} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Packard Bell\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)
Task: {14E7233D-78BA-40EA-AAFC-C6F620241348} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-10-18] (Microsoft Corporation)
Task: {1B38ABA0-6C43-4AEF-9EF9-3A0EE6519EF2} - System32\Tasks\{860D574F-3B5D-41E8-9AEB-462BE35BB719} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.5.0.102&LastError=404
Task: {211E924E-81E9-4199-9899-11D3A2A3DC0F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {34F00C33-C8BD-452C-BE16-BEA7FE6D55F0} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {3B9B1F34-308B-4CC8-A1E5-B43B275DD929} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-08-26] (Acer Incorporated)
Task: {709A9A0D-F6A9-441F-B4E6-C3F62A3D8AE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {7E5D82B1-4D3D-4C05-B913-55B14C94BA3D} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {86E01782-7137-415D-A6BD-AE52B25BFE08} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {9D0C2ECC-4CF7-4B3F-9D02-FB7E35FF4232} - \WinZip Malware Protector_startup -> No File <==== ATTENTION
Task: {BE2B6640-90AB-401E-A2B2-72B519261ECA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-09-10] (Acer Incorporated)
Task: {D37BF50E-3DAD-4580-9329-1E258F989F42} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-03] (Google Inc.)
Task: {E105DC90-767C-478F-85B5-77103DB0B258} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {EBC928A1-C4EC-4F9A-B4E5-654EC5849A93} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {FB7700DB-E825-46BA-A120-77190A27413F} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-09-01] (McAfee, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-04-15 15:08 - 2014-04-15 15:08 - 00140288 _____ () C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
2015-01-23 11:28 - 2012-04-24 10:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-04-15 15:08 - 2014-04-15 15:08 - 00016896 _____ () C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2015-09-16 13:58 - 2015-09-16 13:58 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2013-11-07 17:58 - 2013-11-07 17:58 - 00244736 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node
2013-11-07 17:58 - 2013-11-07 17:58 - 00271360 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node
2013-11-07 17:57 - 2013-11-07 17:57 - 00237056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node
2013-04-24 07:55 - 2013-04-24 07:55 - 01581056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\libxmljs\build\Release\xmljs.node
2013-04-18 16:55 - 2013-04-18 16:55 - 00068608 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node
2015-10-15 10:56 - 2015-10-15 10:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-09-14 17:46 - 2015-09-14 17:46 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-09-14 17:46 - 2015-09-14 17:46 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-09-14 17:46 - 2015-09-14 17:46 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-09-14 17:46 - 2015-09-14 17:46 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-10-26 10:26 - 2015-10-26 10:26 - 00014176 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-09-10 14:51 - 2015-09-10 14:51 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-09-10 14:43 - 2015-09-10 14:43 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1838069831-910762768-3284051805-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\PackardBell01.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/06/2015 01:09:06 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {dadff82b-2e58-45f5-afc6-a0ad5f47b6d4}
Error: (11/05/2015 12:51:57 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (11/01/2015 02:24:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Spyhunter4.exe version 4.20.9.4533 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1320
Start Time: 01d114b091f6c113
Termination Time: 12
Application Path: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
Report Id: 481a62bf-80a4-11e5-8278-3010b3f90702
Faulting package full name:
Faulting package-relative application ID:
Error: (11/01/2015 02:17:29 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: C:\Windows\System32\winspool.drvSpooler8
Error: (11/01/2015 01:55:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 2.3.125.0, time stamp: 0x5612a56b
Faulting module name: mbam.exe, version: 2.3.125.0, time stamp: 0x5612a56b
Exception code: 0xc0000005
Fault offset: 0x001e7650
Faulting process ID: 0x198c
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report ID: mbam.exe3
Faulting package full name: mbam.exe4
Faulting package-relative application ID: mbam.exe5
Error: (11/01/2015 01:11:24 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\Windows\system32\mscoree.dll8
Error: (10/28/2015 11:59:08 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Curse.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0020001, exception address 74D85B68
Stack:
Error: (10/27/2015 03:07:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Pokemon Trading Card Game Online.exe version 4.6.6.59026 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: ca8
Start Time: 01d110c8fadce92f
Termination Time: 61
Application Path: C:\Users\Daniel Hollowed\AppData\Roaming\Pokémon Trading Card Game Online\PokemonTradingCardGameOnline\Pokemon Trading Card Game Online.exe
Report Id: 538d22c7-7cbc-11e5-8276-3010b3f90702
Faulting package full name:
Faulting package-relative application ID:
Error: (10/25/2015 12:32:51 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll4
Error: (10/25/2015 12:32:51 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
System errors:
=============
Error: (11/08/2015 09:24:51 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (11/08/2015 09:24:51 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (11/08/2015 09:24:51 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
Error: (11/08/2015 03:30:17 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062
Error: (11/08/2015 03:29:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The User Experience Improvement Program service terminated unexpectedly. It has done this 1 time(s).
Error: (11/08/2015 03:29:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly. It has done this 1 time(s).
Error: (11/08/2015 03:29:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (11/08/2015 03:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Cyberlink RichVideo Service(CRVS) service terminated unexpectedly. It has done this 1 time(s).
Error: (11/08/2015 03:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The pcCMService64 service terminated unexpectedly. It has done this 1 time(s).
Error: (11/08/2015 03:29:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The pcCMService service terminated unexpectedly. It has done this 1 time(s).
==================== Memory info ===========================
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 29%
Total physical RAM: 7096.2 MB
Available physical RAM: 4982.4 MB
Total Virtual: 14264.2 MB
Available Virtual: 11844.06 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:457.85 GB) (Free:369.97 GB) NTFS
Drive d: (DATA) (Fixed) (Total:457.85 GB) (Free:407.11 GB) NTFS
Drive e: (D3C1.0.0) (CDROM) (Total:7.6 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AF0DEA0A)
Partition: GPT.
==================== End of Addition.txt ============================