My computer is infected with an extremely annoying adware hijacking virus. I use Google Chrome as my main browser and I think I may have picked up this virus when I downloaded something off of ThePirateBay about a month ago. This virus is really awful, it will open up new tabs and windows of ads in my browser if I click anywhere on a page, and doesn't stop doing this until I close the browser and open another one (and then it usually starts again in a few minuets on my new browser page). Two of the most frequently redirect portals I see are clx.im and xb11766. I have tried multiple different anti-spyware softwares and other measures to no avail; they all say there is nothing wrong with my computer. I've used Malwarebytes Anti-Malware (free version) multiple times, Kaspersky TDSSKiller, HitmanPro (trial version), Zemana AntiMalware, and AdwCleaner. I've also reset my browser to default settings and attempted to uninstall any malware on my computer, but no adware is showing there. Nothing so far has worked, and if anything I think the adware has gotten more aggressive on my computer in the past few days.
Below is a copy of my FRST diagnostic results:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by Laura (administrator) on BAGA (06-07-2016 15:07:29)
Running from C:\Users\Laura\Downloads
Loaded Profiles: Laura (Available Profiles: Laura)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Felix Belzile) C:\Program Files (x86)\Cold Turkey\CTService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Soluto) C:\Program Files\Soluto\Soluto.exe
(Spotify Ltd) C:\Users\Laura\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Dropbox, Inc.) C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Soluto] => c:\program files\soluto\soluto.exe [1252896 2013-12-18] (Soluto)
HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-11-17] (Acer Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90368 2014-11-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe,
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\Run: [Spotify Web Helper] => C:\Users\Laura\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1552496 2016-06-16] (Spotify Ltd)
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\Run: [Dropbox Update] => C:\Users\Laura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-27] (Dropbox, Inc.)
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\Run: [Spotify] => C:\Users\Laura\AppData\Roaming\Spotify\Spotify.exe [6916208 2016-06-16] (Spotify Ltd)
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\RunOnce: [Application Restart #9] => C:\Users\Laura\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (the data entry has 605 more characters).
HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\RunOnce: [Application Restart #6] => C:\Users\Laura\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (the data entry has 605 more characters).
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-14]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-11-29]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{205B3EAF-5DF3-4154-9F0E-8E035BA2A11A}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{C7526C9F-F317-4EC5-9CAE-C003691FE040}: [DhcpNameServer] 40.34.1.55
Internet Explorer:
==================
HKU\S-1-5-21-1745142471-199398243-411458533-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1745142471-199398243-411458533-1001 -> DefaultScope {45EBBED1-5026-11E5-8279-C45444B5F428} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-11] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\fx1tumma.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?s=acer&m=start
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-14] ()
FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Laura\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [No File]
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Laura\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\pdf.dll => No File
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll => No File
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll => No File
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java Deployment Toolkit 8.0.250.18) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java Platform SE 8 U25) - C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-06-14]
CHR Extension: (YouTube) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Archive Poster) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceakpicibkmdilicebgddflnfbpmcpgd [2016-06-17]
CHR Extension: (Adblock Plus) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-05]
CHR Extension: (Adblock for Youtube™) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2016-06-24]
CHR Extension: (Google Search) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2015-02-13]
CHR Extension: (XKit) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-02-13]
CHR Extension: (AdBlock) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-07-03]
CHR Extension: (Tumblr Optimiser) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilaebdchnmobmcalandfmfmlneeghoag [2015-02-13]
CHR Extension: (Adblock Super) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-19]
CHR Extension: (F.B. Purity For Facebook) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl [2016-07-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-01]
CHR Extension: (No more Tumblr players) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\olffebgbihkemhnlpeficnplfoiabljj [2015-05-21]
CHR Extension: (Gmail) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-13] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-16] (Acer Incorporated)
R2 CTService; C:\Program Files (x86)\Cold Turkey\\CTService.exe [323072 2015-01-18] (Felix Belzile) [File not signed]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-11-19] (WildTangent)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-06-14] (SurfRight B.V.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-21] (Acer Incorporate)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [221728 2013-12-18] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-12-18] (GlavSoft LLC.) [File not signed]
R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [250624 2014-01-08] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 McAPExe; "C:\Program Files\McAfee\MSC\McAPExe.exe" [X]
S4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-13] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-05] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U4 npf; system32\drivers\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-06 15:07 - 2016-07-06 15:08 - 00026988 _____ C:\Users\Laura\Downloads\FRST.txt
2016-07-06 15:06 - 2016-07-06 15:07 - 00000000 ____D C:\FRST
2016-07-06 15:06 - 2016-07-06 15:06 - 02390016 _____ (Farbar) C:\Users\Laura\Downloads\FRST64.exe
2016-06-26 16:15 - 2016-06-26 16:15 - 00765297 _____ C:\Users\Laura\Downloads\Gervais US vs UK.pdf
2016-06-26 15:29 - 2016-06-26 15:29 - 00781817 _____ C:\Users\Laura\Downloads\Day on TDS 84-96.pdf
2016-06-26 14:17 - 2016-06-26 14:18 - 76587210 _____ C:\Users\Laura\Downloads\postmodernism.pptx
2016-06-24 17:18 - 2016-06-24 17:18 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 14:42 - 2016-06-15 16:40 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-24 14:30 - 2016-06-24 14:30 - 00000070 _____ C:\Windows\RAVTC.TMP
2016-06-24 01:40 - 2016-06-24 01:40 - 00849684 _____ C:\Users\Laura\Downloads\Rhode (2010).pdf
2016-06-23 14:50 - 2016-06-23 14:50 - 01323860 _____ C:\Users\Laura\Downloads\Adonis_Complex.pdf
2016-06-23 14:46 - 2016-06-23 14:46 - 00272796 _____ C:\Users\Laura\Downloads\Text_Ch_26.pdf
2016-06-22 22:12 - 2016-06-22 22:12 - 00652735 _____ C:\Users\Laura\Downloads\Mintz_Standup.pdf
2016-06-20 07:28 - 2016-06-20 07:28 - 01521248 _____ C:\Users\Laura\Downloads\R16_The_War_Against_Welfare_Mothers.pdf
2016-06-20 07:28 - 2016-06-20 07:28 - 01521248 _____ C:\Users\Laura\Downloads\R16_The_War_Against_Welfare_Mothers (1).pdf
2016-06-20 07:28 - 2016-06-20 07:28 - 00043847 _____ C:\Users\Laura\Downloads\Devitt (1992).pdf
2016-06-20 07:27 - 2016-06-20 07:27 - 01643223 _____ C:\Users\Laura\Downloads\Douglas_Michaels_2004.pdf
2016-06-20 07:27 - 2016-06-20 07:27 - 01643223 _____ C:\Users\Laura\Downloads\Douglas_Michaels_2004 (1).pdf
2016-06-20 02:41 - 2016-06-20 02:41 - 01108625 _____ C:\Users\Laura\Downloads\Pitcher_2008 (1).pdf
2016-06-20 02:41 - 2016-06-20 02:41 - 01099698 _____ C:\Users\Laura\Downloads\Text_Ch_54 (1).pdf
2016-06-20 01:34 - 2016-06-20 01:34 - 00395748 _____ C:\Users\Laura\Downloads\LePore_2009.pdf
2016-06-18 17:06 - 2016-06-18 17:06 - 01108625 _____ C:\Users\Laura\Downloads\Pitcher_2008.pdf
2016-06-18 17:05 - 2016-06-18 17:05 - 01099698 _____ C:\Users\Laura\Downloads\Text_Ch_54.pdf
2016-06-18 15:20 - 2016-06-18 15:26 - 473679456 _____ C:\Users\Laura\Downloads\Lemonade.HDTV.x264-[eSc].mp4
2016-06-18 15:18 - 2016-06-18 15:18 - 00000804 _____ C:\Users\Laura\Downloads\00-beyoncé-lemonade-2016-web.m3u
2016-06-18 01:45 - 2016-06-18 01:45 - 07366740 _____ C:\Users\Laura\Downloads\30dayketogenicdietplan2015.pdf
2016-06-17 21:57 - 2016-06-17 21:57 - 01106888 _____ (Bleeping Computer, LLC) C:\Users\Laura\Downloads\iExplore64.exe
2016-06-17 21:53 - 2016-06-17 21:57 - 00478018 _____ C:\TDSSKiller.3.1.0.9_17.06.2016_21.53.32_log.txt
2016-06-14 23:20 - 2016-06-17 21:52 - 00000000 ____D C:\EEK
2016-06-14 23:19 - 2016-06-14 23:19 - 00002579 _____ C:\Users\Laura\Desktop\JRT.txt
2016-06-14 22:59 - 2016-06-14 23:06 - 00000000 ____D C:\AdwCleaner
2016-06-14 22:52 - 2016-06-14 22:52 - 00000948 _____ C:\Windows\system32\.crusader
2016-06-14 22:34 - 2016-06-14 22:54 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-14 22:34 - 2016-06-14 22:34 - 00001909 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-06-14 22:34 - 2016-06-14 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-06-14 22:34 - 2016-06-14 22:34 - 00000000 ____D C:\Program Files\HitmanPro
2016-06-14 22:23 - 2016-06-03 13:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-06-14 22:23 - 2016-06-03 09:38 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 22:23 - 2016-06-02 13:51 - 00050352 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 22:23 - 2016-05-29 11:04 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 22:23 - 2016-05-29 11:04 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-14 22:23 - 2016-05-29 11:04 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 22:23 - 2016-05-29 11:04 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 22:23 - 2016-05-29 11:04 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-14 22:23 - 2016-05-29 11:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 22:22 - 2016-04-12 11:46 - 14467584 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 22:22 - 2016-04-12 11:30 - 12879872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 22:20 - 2016-04-14 11:25 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-14 22:20 - 2016-04-14 11:11 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-14 22:20 - 2016-01-31 15:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-14 22:20 - 2016-01-31 14:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-14 22:20 - 2016-01-31 13:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-14 22:20 - 2016-01-31 13:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-14 22:15 - 2016-05-16 17:13 - 00563016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 22:15 - 2016-05-16 17:13 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 22:15 - 2016-05-16 17:13 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 22:15 - 2016-05-16 17:13 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 22:15 - 2016-05-13 19:07 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 22:15 - 2016-05-13 19:07 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 22:15 - 2016-05-13 19:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 22:15 - 2016-05-13 18:34 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-14 22:15 - 2016-05-13 17:58 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-14 22:14 - 2016-05-18 01:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 22:14 - 2016-05-18 01:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 22:14 - 2016-05-14 16:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 22:14 - 2016-05-14 16:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 22:14 - 2016-05-13 19:09 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-14 22:14 - 2016-05-13 19:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 22:14 - 2016-05-13 19:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 22:14 - 2016-05-13 18:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 22:14 - 2016-05-13 17:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 22:14 - 2016-05-13 17:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 22:14 - 2016-05-13 17:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 22:14 - 2016-05-13 17:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 22:14 - 2016-05-09 17:35 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-06-14 22:14 - 2016-05-09 16:56 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-06-14 22:14 - 2016-05-09 16:45 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 22:14 - 2016-05-09 16:23 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 22:14 - 2016-05-06 11:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 22:14 - 2016-05-06 11:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 22:13 - 2016-05-21 13:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 22:13 - 2016-05-21 12:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 22:12 - 2016-05-20 18:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 22:12 - 2016-05-20 18:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 22:12 - 2016-05-20 18:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 22:12 - 2016-05-20 17:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 22:12 - 2016-05-20 17:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-14 22:12 - 2016-05-20 17:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-14 22:12 - 2016-05-20 17:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 22:12 - 2016-05-20 17:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-14 22:12 - 2016-05-20 17:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 22:12 - 2016-05-20 17:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-14 22:12 - 2016-05-20 17:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-14 22:12 - 2016-05-20 17:25 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-14 22:12 - 2016-05-20 17:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-14 22:12 - 2016-05-20 17:21 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-14 22:12 - 2016-05-20 17:19 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-06-14 22:12 - 2016-05-20 17:16 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-06-14 22:12 - 2016-05-20 17:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 22:12 - 2016-05-20 17:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-14 22:12 - 2016-05-20 17:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 22:12 - 2016-05-20 17:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-14 22:12 - 2016-05-20 17:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 22:12 - 2016-05-20 17:09 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-14 22:12 - 2016-05-20 17:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-14 22:12 - 2016-05-20 17:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 22:12 - 2016-05-20 17:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-14 22:12 - 2016-05-20 16:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 22:12 - 2016-05-20 16:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 22:12 - 2016-05-20 16:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 22:12 - 2016-05-20 16:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-14 22:12 - 2016-05-20 16:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 22:12 - 2016-05-20 16:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-14 22:12 - 2016-05-18 19:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 22:12 - 2016-05-18 16:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 22:12 - 2016-05-12 14:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 22:12 - 2016-05-12 13:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-14 22:12 - 2016-05-12 12:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 22:12 - 2016-05-12 12:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 22:12 - 2016-05-12 12:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 22:12 - 2016-05-12 11:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 22:12 - 2016-05-12 11:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 22:12 - 2016-05-12 11:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 21:44 - 2016-06-14 21:47 - 244361416 _____ C:\Users\Laura\Downloads\EmsisoftEmergencyKit.exe
2016-06-14 21:44 - 2016-06-14 21:44 - 03703360 _____ C:\Users\Laura\Downloads\adwcleaner_5.200.exe
2016-06-14 21:44 - 2016-06-14 21:44 - 01610816 _____ (Malwarebytes) C:\Users\Laura\Downloads\JRT.exe
2016-06-14 21:42 - 2016-06-14 21:42 - 11438608 _____ (SurfRight B.V.) C:\Users\Laura\Downloads\hitmanpro_x64.exe
2016-06-14 21:40 - 2016-06-17 21:59 - 00001960 _____ C:\Users\Laura\Desktop\Rkill.txt
2016-06-14 21:39 - 2016-06-14 21:39 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Laura\Downloads\iExplore.exe
2016-06-14 21:38 - 2016-06-14 21:40 - 00241102 _____ C:\TDSSKiller.3.1.0.9_14.06.2016_21.38.31_log.txt
2016-06-14 21:38 - 2016-06-14 21:38 - 04633146 _____ C:\Users\Laura\Downloads\tdsskiller.zip
2016-06-14 21:22 - 2016-06-14 21:22 - 00140084 _____ C:\Windows\ntbtlog.txt
2016-06-14 18:55 - 2016-06-14 18:55 - 04731835 _____ C:\Users\Laura\Downloads\Gates Eddie Murphy 151-163.pdf
2016-06-13 23:28 - 2016-06-13 23:28 - 00029381 _____ C:\Users\Laura\Downloads\KetoCalculatorForecast_2016-06-13.csv
2016-06-13 23:28 - 2016-06-13 23:28 - 00029381 _____ C:\Users\Laura\Downloads\KetoCalculatorForecast_2016-06-13 (1).csv
2016-06-13 09:27 - 2016-06-13 09:27 - 00905588 _____ C:\Users\Laura\Downloads\Soto (1).pdf
2016-06-13 09:27 - 2016-06-13 09:27 - 00850434 _____ C:\Users\Laura\Downloads\Ono & Pham (2009) (1).pdf
2016-06-13 09:27 - 2016-06-13 09:27 - 00249980 _____ C:\Users\Laura\Downloads\Text_Ch_29 (1).pdf
2016-06-11 10:49 - 2016-06-11 10:50 - 100656829 _____ C:\Users\Laura\Downloads\Talk - Tim Wise on White Privilege.mp4
2016-06-11 10:49 - 2016-06-11 10:49 - 00009245 _____ C:\Users\Laura\Downloads\yl0DgCk.htm
2016-06-11 10:49 - 2016-06-11 10:49 - 00009245 _____ C:\Users\Laura\Downloads\yl0DgCk (1).htm
2016-06-11 10:45 - 2016-06-11 10:45 - 00905588 _____ C:\Users\Laura\Downloads\Soto.pdf
2016-06-11 10:45 - 2016-06-11 10:45 - 00850434 _____ C:\Users\Laura\Downloads\Ono & Pham (2009).pdf
2016-06-11 10:45 - 2016-06-11 10:45 - 00249980 _____ C:\Users\Laura\Downloads\Text_Ch_29.pdf
2016-06-07 22:55 - 2016-06-07 22:55 - 00188378 _____ C:\Users\Laura\Downloads\Allen QE Minstrelsy.pdf
2016-06-06 23:13 - 2016-06-06 23:13 - 01446231 _____ C:\Users\Laura\Downloads\R13_Black_Masculine_Scripts.pdf
2016-06-06 23:13 - 2016-06-06 23:13 - 00510210 _____ C:\Users\Laura\Downloads\SmithShomade_2002.pdf
2016-06-06 08:13 - 2016-06-06 08:13 - 00928026 _____ C:\Users\Laura\Downloads\R20_Knowing_Pornography.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-06 15:02 - 2014-11-26 23:16 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-06 14:50 - 2015-07-27 17:39 - 00000928 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001UA.job
2016-07-06 13:20 - 2014-11-26 23:05 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1745142471-199398243-411458533-1001
2016-07-06 00:02 - 2014-11-26 23:16 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-05 23:48 - 2014-11-26 22:59 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Adobe
2016-07-05 23:48 - 2014-05-19 08:37 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-07-05 23:46 - 2014-12-01 18:43 - 00000000 ____D C:\Program Files\Adobe
2016-07-05 23:46 - 2014-12-01 18:37 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-07-05 23:40 - 2015-03-30 22:41 - 00000000 ____D C:\ProgramData\DivX
2016-07-05 19:57 - 2015-10-02 16:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-05 19:56 - 2014-11-26 23:29 - 00000000 ____D C:\Users\Laura\AppData\Local\Spotify
2016-07-05 19:41 - 2014-11-26 23:29 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Spotify
2016-07-01 21:26 - 2013-08-22 11:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 21:26 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\AppReadiness
2016-06-27 22:37 - 2014-11-26 22:59 - 00000000 ____D C:\Users\Laura\AppData\Local\Packages
2016-06-26 16:50 - 2015-07-27 17:39 - 00000876 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001Core.job
2016-06-25 17:38 - 2014-12-01 18:13 - 00000000 ____D C:\Users\Laura\AppData\Local\Adobe
2016-06-24 17:19 - 2015-01-03 04:32 - 00000000 ___RD C:\Users\Laura\Dropbox
2016-06-24 17:18 - 2015-01-03 04:28 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Dropbox
2016-06-24 14:31 - 2014-11-27 15:27 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-06-24 14:31 - 2014-11-27 15:26 - 00000000 ____D C:\ProgramData\Panda Security
2016-06-24 14:28 - 2014-11-27 15:28 - 00000000 ____D C:\Users\Laura\AppData\Roaming\Panda Security
2016-06-24 14:28 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Inf
2016-06-24 14:23 - 2015-01-06 17:37 - 00000000 ____D C:\Users\Laura\AppData\Local\FluxSoftware
2016-06-22 15:17 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\rescache
2016-06-18 19:55 - 2014-11-29 23:02 - 00000000 ___DO C:\Users\Laura\OneDrive
2016-06-18 19:52 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 19:52 - 2013-08-22 10:44 - 05158048 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-18 19:49 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-18 19:46 - 2015-04-18 16:05 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-18 19:46 - 2013-08-22 11:36 - 00000000 ___RD C:\Windows\ToastData
2016-06-17 20:07 - 2014-11-26 23:17 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-16 15:45 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2016-06-15 16:51 - 2014-12-08 22:03 - 00000000 ____D C:\Windows\system32\MRT
2016-06-15 16:34 - 2014-12-08 22:02 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 23:07 - 2014-11-26 22:58 - 00000000 ____D C:\Users\Laura\AppData\Local\SweetLabs App Platform
2016-06-14 21:17 - 2014-11-26 22:58 - 00000000 ____D C:\Users\Laura
2016-06-14 13:13 - 2014-12-01 16:34 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 13:13 - 2014-12-01 16:34 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-06 09:08 - 2016-05-20 21:54 - 00000000 ____D C:\Users\Laura\AppData\Roaming\uTorrent
==================== Files in the root of some directories =======
2014-08-14 12:29 - 2014-08-14 12:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-26 23:17 - 2014-11-26 23:17 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Some files in TEMP:
====================
C:\Users\Laura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpu4iesm.dll
C:\Users\Laura\AppData\Local\Temp\Hola-Setup-x64-1.11.916.exe
C:\Users\Laura\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Laura\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Laura\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Laura\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Laura\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Laura\AppData\Local\Temp\libeay32.dll
C:\Users\Laura\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Laura\AppData\Local\Temp\msvcr120.dll
C:\Users\Laura\AppData\Local\Temp\oct2DE3.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct44B8.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct44DA.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct4786.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct4C43.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct4CA6.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct51B3.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct5391.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct6FFF.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct7420.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct9A30.tmp.exe
C:\Users\Laura\AppData\Local\Temp\oct9CD1.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octB443.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octC147.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octC6D.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octCEBA.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octD2FB.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octF50.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octF6F0.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octF848.tmp.exe
C:\Users\Laura\AppData\Local\Temp\octF9.tmp.exe
C:\Users\Laura\AppData\Local\Temp\ose00000.exe
C:\Users\Laura\AppData\Local\Temp\SetupProPlusRetail.x86.en-US_ProPlusRetail_KDVQM-HMNFJ-P9PJX-96HDF-DJYGX_act_1_.exe
C:\Users\Laura\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Laura\AppData\Local\Temp\sqlite3.dll
C:\Users\Laura\AppData\Local\Temp\uninstall.exe
C:\Users\Laura\AppData\Local\Temp\{2A433004-1601-4298-BD82-5B019870DD61}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-04 23:20
==================== End of FRST.txt ============================
Below is a copy of my Addition diagnostic results:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by Laura (2016-07-06 15:10:38)
Running from C:\Users\Laura\Downloads
Windows 8.1 (Update) (X64) (2014-11-27 02:59:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1745142471-199398243-411458533-500 - Administrator - Disabled)
Guest (S-1-5-21-1745142471-199398243-411458533-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1745142471-199398243-411458533-1003 - Limited - Enabled)
Laura (S-1-5-21-1745142471-199398243-411458533-1001 - Administrator - Enabled) => C:\Users\Laura
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2006.0 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2003 - Acer Incorporated)
Acer Screen Grasp (HKLM-x32\...\{84443E5D-0767-438B-B1C8-6A52FAB2101B}) (Version: 1.02.3002 - Acer Incorporated)
Acer Touch Tools (HKLM\...\{BB1F8130-3CB3-4896-9D28-770DFFFDE59C}) (Version: 1.01.3001 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version: - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.00 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.0 - Canon Inc.)
Canon MG2900 series User Registration (HKLM-x32\...\Canon MG2900 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
Cold Turkey (Basic) (HKLM-x32\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 1.2.6 Basic - Felix Belzile)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Game Channels (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 9.2.0.11 - WildTangent, Inc.)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Soluto (HKLM\...\{AD78441D-E016-4119-A0AE-9ECB763B6A3D}) (Version: 1.3.1500.2 - Soluto)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9590 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1745142471-199398243-411458533-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {134B959F-29E6-4F0E-B9D7-8310FEE20DEE} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {1AC4BF25-5EBA-48D5-89DA-D04AADF9B80A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {1F5CEAE5-E485-46A1-B2FA-285D1B796BA0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {1FB340A4-61F9-4443-B4D9-966633F040A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2D21714A-93A9-4C15-94B2-73249B3BBDB0} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-25] ()
Task: {3C05C280-CC14-40DA-A9DA-BB3BA6FE2A21} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001UA => C:\Users\Laura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-27] (Dropbox, Inc.)
Task: {3F970B95-1C5D-413F-9461-122A515C0DAD} - System32\Tasks\Launch Screen Grasp_First => C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe [2013-12-19] (Acer Incorporated)
Task: {56A92345-BF0B-4159-9FD4-BE4A42BF6295} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2014-01-16] (Acer Incorporated)
Task: {66251BFA-84BA-48F1-AE3C-96AFD4A0DF86} - System32\Tasks\Screen Grasp GestureDetection => C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe [2013-12-19] (Acer Incorporated)
Task: {A3958CB9-C988-4D0E-A54E-A48F59B85FF1} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {A9D8984A-5407-4E7D-BAA3-F26E580D5393} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B9AB2724-D61E-4437-A2E7-3D3EDD03A116} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-03-21] (Acer Incorporated)
Task: {BD983255-D823-4D9B-A19D-64F75D9C0622} - System32\Tasks\Prelauncher => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-12-19] (Acer Incorporated)
Task: {BDEB9AC3-74A0-4D9B-A6FB-29743960B1F3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C0C84C21-A828-429D-BE90-6CE9EB1C4C2F} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {D5D123F5-433E-4B5F-A903-3102D649DD6B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {D78AE673-F5D4-4145-973A-D3F95529356E} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {DEF8BC01-6645-4AB1-B990-F4169810E8B0} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)
Task: {DFAB80B6-B04B-404C-8AB8-F45041F781E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E9D6850B-6304-4C2A-ABD6-B01966DCF24F} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-01-25] (TODO: <Company name>)
Task: {EAA575CC-449C-496B-B4C2-217329F39BF0} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
Task: {F398FD94-A82F-4E48-A400-76878D7DD9FB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001Core => C:\Users\Laura\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-27] (Dropbox, Inc.)
Task: {F723DBB0-B9D9-401F-AE92-B1696F173B38} - System32\Tasks\prelauncher_First => C:\Program Files (x86)\Acer\Screen Grasp\InputTask.exe [2013-12-19] (Acer Incorporated)
Task: {FACE3266-E2FA-4C11-B0BE-A0266EF00E4D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-lfranci.bgsu.edu@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {FFC7DA07-2AC9-47E0-BC77-EA3362162910} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-01-08] (Acer Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001Core.job => C:\Users\Laura\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1745142471-199398243-411458533-1001UA.job => C:\Users\Laura\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-14 19:27 - 2014-04-14 19:27 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-08-14 13:10 - 2012-04-24 06:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-05-17 14:09 - 2016-05-17 14:09 - 00177664 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\PCGAppContr9a4addef#\363bb11e450738392f86eae57aceb84c\PCGAppControlPluginLoader.ni.exe
2013-12-18 19:02 - 2013-12-18 19:02 - 00124480 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2013-12-18 19:02 - 2013-12-18 19:02 - 00054848 ____R () C:\Program Files\Soluto\PCGDeviceScanLib.dll
2016-05-17 14:10 - 2016-05-17 14:10 - 00101376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Management\e5162c1c2f8deacb49f81f8117b7cf4c\Windows.Management.ni.dll
2016-05-17 14:06 - 2016-05-17 14:06 - 03498496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\PCGPreCompiled\8f62172484c867bde5e925b3f754bcc4\PCGPreCompiled.ni.dll
2016-05-17 14:11 - 2016-05-17 14:11 - 01782272 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\499fde8f3c9a380cc8647292d9e91de6\Windows.ApplicationModel.ni.dll
2016-05-17 14:11 - 2016-05-17 14:11 - 00207872 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.System\85dd654fe936df9e1997f386cd7d0e48\Windows.System.ni.dll
2016-05-17 14:10 - 2016-05-17 14:10 - 00363520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\e2e1cd64b91b7395a96ebcde35a63a1c\Windows.Foundation.ni.dll
2014-08-14 12:41 - 2014-02-25 23:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe
2016-06-23 20:46 - 2016-06-19 02:00 - 00049728 _____ () C:\ProgramData\Soluto\Temp\DropboxAppControl_f68b9561-31d8-45d8-b91f-b77086079a2c\DropboxAppControlPlugin_1.0.0.62.dll
2014-11-20 15:06 - 2014-11-20 15:06 - 00090368 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-05-19 09:05 - 2014-03-07 12:21 - 00080312 _____ () C:\Windows\system32\igfxexps.dll
2014-11-20 15:06 - 2014-11-20 15:06 - 00089856 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2014-08-14 13:20 - 2014-01-03 17:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2014-11-04 17:58 - 2014-11-04 17:58 - 00172800 _____ () C:\Program Files (x86)\Acer\abDocs Office AddIn\AcerWordAddin64.dll
2012-10-01 20:56 - 2012-10-01 20:56 - 00240256 _____ () C:\Program Files\Microsoft Office\Office15\IEAWSDC.DLL
2012-10-01 22:36 - 2012-10-01 22:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-04 23:26 - 2014-03-02 22:35 - 00075776 _____ () C:\Program Files (x86)\Cold Turkey\PcapDotNet.Core.dll
2014-11-26 23:03 - 2014-11-26 23:03 - 00015616 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-11-17 12:57 - 2014-11-17 12:57 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-11-17 12:53 - 2014-11-17 12:53 - 00279296 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2014-11-20 15:06 - 2014-11-20 15:06 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2014-08-14 12:31 - 2013-12-09 19:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-06-24 17:18 - 2016-05-25 13:03 - 00034768 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-24 17:18 - 2016-05-25 13:03 - 00134088 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-24 17:18 - 2016-05-25 13:04 - 00019408 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-24 17:18 - 2016-05-25 13:03 - 00116688 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-24 17:18 - 2016-05-25 13:03 - 00093640 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-03 14:02 - 2016-05-25 13:03 - 00018376 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-03 14:02 - 2016-06-13 16:13 - 00019760 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00105928 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-24 17:18 - 2016-05-25 13:03 - 00392144 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-24 17:18 - 2016-06-13 16:13 - 00381752 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-24 17:18 - 2016-05-25 13:03 - 00692688 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00020816 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-24 17:18 - 2016-05-25 13:04 - 00123856 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 01682760 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00020808 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00021840 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00052024 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00038696 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00020936 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00024528 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00114640 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00124880 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00021832 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00024016 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00175560 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00030160 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00043472 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00048592 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00023872 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00026456 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00057808 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00024016 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00246592 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00028616 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00020800 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00019776 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00020800 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-24 17:18 - 2016-05-25 13:03 - 00134608 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-24 17:18 - 2016-05-25 13:04 - 00240584 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00020280 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00023376 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00350152 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00022352 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00024392 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00036296 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-24 17:18 - 2016-06-13 16:13 - 00084280 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-24 17:18 - 2016-06-13 16:13 - 01826096 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-03 14:02 - 2016-05-25 13:04 - 00083912 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 03928880 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 01971504 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00531248 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00132912 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00223544 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00207672 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-24 17:18 - 2016-05-25 13:05 - 00060880 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00024904 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00546096 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-24 17:18 - 2016-06-13 16:13 - 00357680 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-24 17:18 - 2016-05-25 13:07 - 00017864 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-06-24 17:18 - 2016-05-25 13:07 - 01631184 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-06-03 14:01 - 2016-05-25 13:09 - 00697304 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2014-08-14 13:20 - 2014-01-03 17:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2016-06-17 20:07 - 2016-06-15 05:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 20:07 - 2016-06-15 05:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2012-10-01 22:37 - 2012-10-01 22:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-06-17 20:07 - 2016-06-15 05:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-1745142471-199398243-411458533-1001\...\sharepoint.com -> hxxps://falconbgsu.sharepoint.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2015-05-06 03:18 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1745142471-199398243-411458533-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CDE21656-FF49-4388-894F-87BB639759B3}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{AE4EDA96-8B16-4DBF-BC0D-99B4401F5007}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{980AE458-8664-45C8-8473-6D4D054B3AB7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4B04ADC7-C4B6-4DC7-A1D1-A2C9E5693741}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{9236C8C7-D79F-4B14-BC60-E7A0FEA7BA69}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{9912086A-EDBA-4F4E-99C5-F9EA27412C96}] => (Allow) C:\Program Files\Soluto\SolutoRemoteDirect.exe
FirewallRules: [{89573E7F-3D99-4DC9-BD0F-2CBDEB492404}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{95905983-AB58-456B-898A-33B712306483}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{C4B30D76-65E2-45FF-A446-0AF94D981FBB}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{C4B7B1D9-B151-4221-93DA-C0BB54A60A1A}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{670CA9DD-06D2-4B95-A637-CE5E8E481DEE}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{D040BBA1-3B48-4371-A1EA-70461EBF4AB5}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{7356136F-2CDF-4616-94D0-4F1CB11B2111}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{50CBBAF3-7CE5-4E2E-84C9-BDDA90150568}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{510D254C-75C3-422D-8B52-58BEC0B5A374}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EAA019B8-E4AB-4F1F-9C00-2EE3EC540DF4}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F7E8F4F2-0953-40FB-8C23-7AD6D099EE12}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{6990F7FE-105A-4104-93EC-9F56414BAB88}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{2E899A4A-42A0-4145-9167-264698FBC018}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{0BDF7CEC-E7E9-44D8-9DB6-B0F29C9F8A33}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{DACF1A3A-BB65-4197-8A51-6D0B3A874FBE}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{F8F8059B-DE79-41A7-8D2F-533B7B8041A0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{1EFD6080-4B53-4FE2-9AE4-911659B39588}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{B738E4C9-B018-41A4-B629-F18D7A9ED2E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{5B830A27-37BF-415E-BC02-B7B6BAE13671}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{FC9ED15F-0EDB-49F8-9782-31CE140BD29E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{105DF14C-CCD4-40E6-914F-E139EEE591FE}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{D540D7BF-241D-4F71-9F15-D65AA1F4B897}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{33ED615E-37D5-4638-ABFA-426E0394347D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{226AC3B3-0C47-4A10-ADFF-BFFAD71837DF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{E6E763FD-0F0E-41EA-AC0A-D298338EC07A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{26B2B8DB-98DB-4EEE-88C0-D894C9464842}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{8B0B84F1-AA97-4C1A-8EC0-AE2335373AEC}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{154A864B-6C7A-44FD-8BE9-3A4C65CCFEFF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{7BA56049-1BDF-4145-87DB-698A2BCD5944}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
FirewallRules: [{3C7753B1-20BF-4BFB-AEA1-8D00DD40F968}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{D2CAB17B-E1B4-479B-BADC-3B975124C76A}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe
FirewallRules: [{1D46A88C-4321-4A13-85AE-A4BC87D0AD73}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{FCF10C66-191E-49A7-ADF8-66BC15D4A8B0}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe
FirewallRules: [{B0D7E504-96BB-4DE5-AF50-9F77A3113E65}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{23C2F58C-DF2B-41D0-801F-B953C24195B7}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{58728300-53BD-4DA8-BB64-AB2465B5BFF7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{21BBE050-97BD-47EE-994F-0EAB35AB9F6D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{D41A91CB-C7D2-4DEC-8B4F-0B8EA6961457}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CFFA562A-6CF0-4082-B568-71FDDBE004E6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{DCB8D0F5-5A06-4B9B-9B18-338D3E6667DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{04C81DFA-D0FB-4473-A76D-3411B65E12B8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{5E5852B9-F5BD-445F-B9A8-3B97578D27C6}C:\users\laura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\laura\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8B1FC81F-C9A5-49ED-A3B8-4EE4BB4535E2}C:\users\laura\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\laura\appdata\roaming\spotify\spotify.exe
FirewallRules: [{293A7249-A012-48FE-9210-9CEE59044070}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{69F3AB90-3100-4287-AF3C-480404E46CBB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBAD16D2-6190-4F63-9968-7552FAA06182}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5FB71DB2-EBCC-4DB9-AC6F-354EC75B4E73}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{55D5610C-FF11-4D06-8AA7-2EEF99DD08A9}] => (Allow) C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{95743FDE-FACB-4177-82D7-58B3E5CE17F0}] => (Allow) C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{23F23FD6-FD0F-47B9-92C7-8C5FC3DF2ED2}C:\users\laura\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\laura\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{474355F1-AA4E-49F5-84F9-8AF0A0439697}C:\users\laura\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\laura\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{02A3FFEE-0479-46DB-8C99-1CFE7394B5B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EBE4450F-A690-4B73-AB68-139612195A03}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{8CE87528-A1F6-4972-AB5F-892AB946C6C8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{D6356BA4-E401-4DDC-9F83-92B2BF2215C8}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EF0B3F43-DB9B-4981-8EE9-EE72D27C3CB0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5857001C-2AAB-4A9A-A7E1-2078DEB0837D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2A819C1-787A-4310-B16F-C92D5325A7E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CCBF94D5-22F6-4A71-9DAA-8062EAA48BB2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8266E611-BBC8-42B9-959A-B67906C8A562}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{12CD80AE-2CEC-4803-BBE8-242B6085A6C0}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7271E3F5-EDFA-4D7E-8BB6-F36CF990ACCD}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0AAAA375-F558-42AD-9024-261D4D7ED717}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09D15168-780A-4493-B738-98BC3EA48630}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{02ECFE32-1577-4725-AA20-5EEA6ADBF9C4}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E006AA7-5869-44B3-B49C-EBC912E5A03A}] => (Allow) C:\Users\Laura\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2667CDB7-469E-41EE-A87F-BCFCE2607713}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
14-06-2016 23:12:49 JRT Pre-Junkware Removal
22-06-2016 15:07:07 Scheduled Checkpoint
24-06-2016 14:24:03 Removed SmartFTP Client
04-07-2016 23:07:33 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/06/2016 12:49:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40965422
Error: (07/06/2016 12:49:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40965422
Error: (07/06/2016 12:49:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/06/2016 12:49:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40956375
Error: (07/06/2016 12:49:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40956375
Error: (07/06/2016 12:49:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/06/2016 12:49:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40954640
Error: (07/06/2016 12:49:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40954640
Error: (07/06/2016 12:49:46 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/06/2016 12:49:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40953390
System errors:
=============
Error: (07/05/2016 11:25:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer DAN
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{205B3EAF-5DF3-4154-9F0E-8E035BA2A11A}.
The master browser is stopping or an election is being forced.
Error: (07/05/2016 11:24:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
Error: (07/05/2016 12:37:28 PM) (Source: DCOM) (EventID: 10010) (User: BAGA)
Description: Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca
Error: (07/05/2016 12:36:59 PM) (Source: DCOM) (EventID: 10010) (User: BAGA)
Description: Microsoft.WindowsLive.Platform.Service.RemoteProcess
Error: (07/05/2016 12:34:59 PM) (Source: DCOM) (EventID: 10010) (User: BAGA)
Description: Microsoft.WindowsLive.Platform.Service.RemoteProcess
Error: (07/05/2016 12:32:59 PM) (Source: DCOM) (EventID: 10010) (User: BAGA)
Description: Microsoft.WindowsLive.Platform.Service.RemoteProcess
Error: (07/05/2016 12:32:46 PM) (Source: DCOM) (EventID: 10010) (User: BAGA)
Description: Microsoft.WindowsLive.Platform.Service.RemoteProcess
Error: (07/05/2016 12:30:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
Error: (07/05/2016 11:51:56 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
Error: (07/04/2016 06:08:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SolutoService service.
CodeIntegrity:
===================================
Date: 2016-06-24 15:49:04.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 70%
Total physical RAM: 4019.27 MB
Available physical RAM: 1195.91 MB
Total Virtual: 10419.27 MB
Available Virtual: 5599.4 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:448.93 GB) (Free:208.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9565D4C0)
Partition: GPT.
==================== End of Addition.txt ============================
Thanks in advance for your help!!!