Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by James at 2015-07-20 18:40:32
Running from C:\Users\James\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2517414903-4262703431-2207850217-500 - Administrator - Disabled)
Guest (S-1-5-21-2517414903-4262703431-2207850217-501 - Limited - Disabled)
James (S-1-5-21-2517414903-4262703431-2207850217-1000 - Administrator - Enabled) => C:\Users\James
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Out of date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Out of date) {2C040BB5-2B06-7275-5A21-2B969A740B4B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.39 - NewTech Infosystems)
Acer eLock Management (HKLM\...\{5CC23DEB-D22A-4345-9CFF-F8C602BCE792}) (Version: 3.00.5002 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.00.5006 - Acer Incorporated)
Acer Framework (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.00.5000 - Acer Incorporated)
Acer PowerSaver (HKLM\...\{A1FFD720-0806-40E9-9554-DB22D593FDEF}) (Version: 1.00.3005 - Acer Incorporated)
Acer QuickMigration (HKLM\...\{D38FA7FF-84E7-42F7-ACAC-E85DF086F008}) (Version: 1.00.3005 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0304.2010 - Acer Incorporated)
Acer SmartBoot (HKLM\...\{9E65215B-9DE9-401A-8541-C82FE2D2BC66}) (Version: 1.00.3006 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Manager Advance (Version: 2.0.2.39 - NewTech Infosystems) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM\...\Steam App 346010) (Version: - Spiderling Studios)
BLC Insurance Desk (HKLM\...\BLC Insurance Desk) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.)
Document Manager Lite (Version: 06.09.00.177 - Wave Systems Corp.) Hidden
Dropbox (HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
EMBASSY Security Center Lite (Version: 04.00.00.108 - Wave Systems Corp) Hidden
EMBASSY Security Setup (Version: 04.00.00.103 - Wave Systems Corp) Hidden
Embassy Trust Suite - Acer Edition (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 07.03.04.007 - Wave Systems Corp)
ESC Home Page Plugin (Version: 04.00.00.018 - Wave Systems Corp) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
Fingerprint Sensor Minimum Install (Version: 8.4.2.5 - AuthenTec, Inc.) Hidden
iCloud (HKLM\...\{5DDB3393-E08B-447E-925F-6C00B95D0FE7}) (Version: 2.1.1.3 - Apple Inc.)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.0.1526.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{80e1a4ff-e271-4f37-8ff4-7753475b9a44}) (Version: - Nero AG)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.28.24.exe - NETGEAR Inc.)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Private Information Manager (Version: 06.04.00.066 - Wave Systems Corp.) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 4.80 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5983 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
T2 GamingMouse 0.0 (HKLM\...\{7BB99ADD-3579-49AD-B2B3-4B99772A7FAE}_is1) (Version: 0.0 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Outlook 2007 Junk Email Filter (KB2596560) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}) (Version: - Microsoft)
upekmsi (Version: 03.00.04.0000 - Wave Systems Corp) Hidden
Veriton ControlCenter (HKLM\...\{A78190D6-A513-4C5D-BC20-CFE14F1CD5E3}) (Version: 1.00.3004 - Acer Incorporated)
Vuze Remote Toolbar v9.4 (HKLM\...\{3396EEB1-E3EA-4805-944B-30A68CC3F363}) (Version: 9.4 - Spigot, Inc.) <==== ATTENTION
Wave Infrastructure Installer (Version: 07.01.30.0031 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.10.00.088 - Wave Systems Corp) Hidden
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) (HKLM\...\D3F88C3864C8C031A7C5D5E63A76571EC1B047DF) (Version: 05/13/2009 8.4.2.0 - AuthenTec Inc.)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2012-08-07 19:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0426D789-0514-47E5-905F-8B581189F519} - System32\Tasks\{44E437B8-D237-4DEF-B0F4-07D58F9BF80B} => C:\Users\James\Downloads\H3-tRoE1.2to1.4.exe
Task: {0D5B4AC3-7A7A-466A-AC96-BE9C330C0992} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {13E8D151-353A-4F77-89D9-3DC9499E1831} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {3910BC9C-C4C6-41C9-91C4-5D6A4400B0CC} - System32\Tasks\T2-GmTaskPlan => C:\Program Files\T2GamingMouse\GamingMouse.exe [2013-12-31] ()
Task: {7F9C4AA6-C0BC-472F-9C59-8F6BA0EF646F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000UA => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {9FFDA7D6-8C49-4400-A915-94B7DF37B1E4} - System32\Tasks\3f115fe0 => C:\Users\James\AppData\Local\Temp\\setup1058103264.exe <==== ATTENTION
Task: {D1C2A62B-D148-445E-A57F-42E6C0BBEC25} - System32\Tasks\{103253B4-EB52-4460-B3E3-44DD49C5CE14} => pcalua.exe -a C:\Users\James\Downloads\H3-tRoE1.2to1.4.exe -d C:\Users\James\Downloads
Task: {DD1EE23B-66E8-443B-B7F3-636BA764803B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000Core => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E0DD9123-2164-487B-B3DB-60ED96BD0260} - System32\Tasks\{BC5558B0-FCDB-4DAF-8F51-9D87E403CADF} => pcalua.exe -a C:\Users\James\Downloads\mflpro\Setup440CN\Eng\Setup.exe -d C:\Users\James\Downloads\mflpro\Setup440CN\Eng
Task: {E3BB6807-439A-455E-AE28-5049DF5A9FAE} - System32\Tasks\{EBA9181D-8B2B-4EAB-B19B-AAEF9ED8F75B} => pcalua.exe -a C:\Users\James\Desktop\h310to14.exe -d C:\Users\James\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000Core.job => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000UA.job => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-06 06:18 - 2009-02-17 20:01 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2010-07-06 06:18 - 2010-07-06 06:18 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.5000.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00020480 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.5000.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.5000.0__3036420f80dd6947\Framework.Library.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00028672 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.5000.0__672b450de5a7e94a\Framework.Host.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00016384 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.5000.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2010-07-06 06:22 - 2010-02-01 17:53 - 00021848 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2010-07-06 06:22 - 2010-02-01 17:54 - 00021840 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2010-07-06 06:22 - 2010-02-01 17:52 - 00144736 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2010-07-06 06:22 - 2010-02-01 17:54 - 00042352 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2009-11-17 18:16 - 2009-11-17 18:16 - 00465576 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2009-11-17 18:12 - 2009-11-17 18:12 - 01081600 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-15 23:33 - 2010-04-15 23:33 - 00249856 ____H () C:\Windows\system32\wxvault.dll
2013-03-12 17:10 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files\Steam\SDL2.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-28 22:01 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files\Steam\video.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2011-12-29 23:50 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2011-12-29 23:50 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files\Steam\bin\libcef.dll
2013-04-07 07:38 - 2013-04-07 07:38 - 01044224 _____ () C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
2013-02-19 02:46 - 2013-02-19 02:46 - 00011362 _____ () C:\Program Files\NETGEAR Genie\bin\mingwm10.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00043008 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 02537472 _____ () C:\Program Files\NETGEAR Genie\bin\QtCore4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 09814016 _____ () C:\Program Files\NETGEAR Genie\bin\QtGui4.dll
2013-06-04 21:22 - 2013-06-04 21:22 - 00481280 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 01553920 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 01140224 _____ () C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00399360 _____ () C:\Program Files\NETGEAR Genie\bin\QtXml4.dll
2013-05-09 23:12 - 2013-05-09 23:12 - 00229888 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-03-27 04:43 - 2013-03-27 04:43 - 01067520 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-05-28 02:21 - 2013-05-28 02:21 - 04334592 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-03-27 04:52 - 2013-03-27 04:52 - 00500736 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-03-27 04:50 - 2013-03-27 04:50 - 00186368 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 01198080 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-05-14 22:56 - 2013-05-14 22:56 - 08432128 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-04-28 02:25 - 2013-04-28 02:25 - 01205760 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 00088064 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 00641536 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-05-14 01:18 - 2013-05-14 01:18 - 00931840 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00438272 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00287232 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 00137728 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00139264 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 05:56 - 2012-11-29 05:56 - 03332720 _____ () C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00072192 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.DLL
2013-03-26 22:58 - 2013-03-26 22:58 - 00074752 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 00714240 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00485376 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00116224 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00066560 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
2013-04-07 07:42 - 2013-04-07 07:42 - 00123136 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
2015-07-20 16:10 - 2015-07-20 16:10 - 00043008 _____ () c:\users\james\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpap5ebc.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-07-02 17:14 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-02 17:14 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-12-27 18:25 - 2013-12-31 18:51 - 00658944 _____ () C:\Program Files\T2GamingMouse\GamingMouse.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\James\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/20/2015 06:38:54 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:38:42 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (5252) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 21037056 (0x0000000001410000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:38:36 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:38:35 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (5488) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 21037056 (0x0000000001410000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:37:15 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:37:14 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (4500) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 25231360 (0x0000000001810000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:36:59 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:36:55 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (6040) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 31522816 (0x0000000001e10000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:36:31 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:36:30 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f))
System errors:
=============
Error: (07/20/2015 06:38:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 10 time(s).
Error: (07/20/2015 06:38:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 9 time(s).
Error: (07/20/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:37:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 8 time(s).
Error: (07/20/2015 06:37:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:37:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891
Error: (07/20/2015 06:37:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891
Error: (07/20/2015 06:36:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 7 time(s).
Error: (07/20/2015 06:36:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-07-31 01:08:42.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-07-30 23:57:46.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-07-30 23:40:59.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 3037.24 MB
Available physical RAM: 1307.48 MB
Total Virtual: 6072.77 MB
Available Virtual: 4308.03 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:66.45 GB) (Free:0.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:66.5 GB) (Free:63.44 GB) NTFS
Drive e: (SC2-L100-D1) (CDROM) (Total:6.99 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0933A35E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=66.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=66.5 GB) - (Type=07 NTFS)
==================== End of log ============================
Cant run Malwarebytes on Windows 7 [Solved]
-
This topic is locked
#16
Posted 20 July 2015 - 04:41 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
#17
Posted 20 July 2015 - 06:11 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello panicpeace,
This time we will try a different approach with the fix and see if that works better. 
Now
Download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
Attached Files
-
fixlist.txt 2.14KB
467 downloads
#18
Posted 21 July 2015 - 04:40 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by James at 2015-07-20 18:40:32
Running from C:\Users\James\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2517414903-4262703431-2207850217-500 - Administrator - Disabled)
Guest (S-1-5-21-2517414903-4262703431-2207850217-501 - Limited - Disabled)
James (S-1-5-21-2517414903-4262703431-2207850217-1000 - Administrator - Enabled) => C:\Users\James
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Out of date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Out of date) {2C040BB5-2B06-7275-5A21-2B969A740B4B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer Backup Manager (HKLM\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.39 - NewTech Infosystems)
Acer eLock Management (HKLM\...\{5CC23DEB-D22A-4345-9CFF-F8C602BCE792}) (Version: 3.00.5002 - Acer Incorporated)
Acer eRecovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3007 - Acer Incorporated)
Acer eSettings Management (HKLM\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.00.5006 - Acer Incorporated)
Acer Framework (HKLM\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.00.5000 - Acer Incorporated)
Acer PowerSaver (HKLM\...\{A1FFD720-0806-40E9-9554-DB22D593FDEF}) (Version: 1.00.3005 - Acer Incorporated)
Acer QuickMigration (HKLM\...\{D38FA7FF-84E7-42F7-ACAC-E85DF086F008}) (Version: 1.00.3005 - Acer Incorporated)
Acer Registration (HKLM\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM\...\Acer Screensaver) (Version: 1.1.0304.2010 - Acer Incorporated)
Acer SmartBoot (HKLM\...\{9E65215B-9DE9-401A-8541-C82FE2D2BC66}) (Version: 1.00.3006 - Acer Incorporated)
Acer Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.2 - Nero AG) Hidden
Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Backup Manager Advance (Version: 2.0.2.39 - NewTech Infosystems) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM\...\Steam App 346010) (Version: - Spiderling Studios)
BLC Insurance Desk (HKLM\...\BLC Insurance Desk) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.)
Document Manager Lite (Version: 06.09.00.177 - Wave Systems Corp.) Hidden
Dropbox (HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
EMBASSY Security Center Lite (Version: 04.00.00.108 - Wave Systems Corp) Hidden
EMBASSY Security Setup (Version: 04.00.00.103 - Wave Systems Corp) Hidden
Embassy Trust Suite - Acer Edition (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 07.03.04.007 - Wave Systems Corp)
ESC Home Page Plugin (Version: 04.00.00.018 - Wave Systems Corp) Hidden
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (Version: 2.0.4.000274 - esobi Inc.) Hidden
Fingerprint Sensor Minimum Install (Version: 8.4.2.5 - AuthenTec, Inc.) Hidden
iCloud (HKLM\...\{5DDB3393-E08B-447E-925F-6C00B95D0FE7}) (Version: 2.1.1.3 - Apple Inc.)
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.1995 - Intel Corporation)
Intel® TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.0.1526.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 38.0.5 (x86 en-US)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM\...\{80e1a4ff-e271-4f37-8ff4-7753475b9a44}) (Version: - Nero AG)
NETGEAR Genie (HKLM\...\NETGEAR Genie) (Version: 2.2.28.24.exe - NETGEAR Inc.)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
Private Information Manager (Version: 06.04.00.066 - Wave Systems Corp.) Hidden
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RarZilla Free Unrar (HKLM\...\RarZilla Free Unrar) (Version: 4.80 - Philipp Winterberg)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5983 - Realtek Semiconductor Corp.)
Spotify (HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\Spotify) (Version: 1.0.7.157.g2a6526f9 - Spotify AB)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
T2 GamingMouse 0.0 (HKLM\...\{7BB99ADD-3579-49AD-B2B3-4B99772A7FAE}_is1) (Version: 0.0 - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Outlook 2007 Junk Email Filter (KB2596560) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}) (Version: - Microsoft)
upekmsi (Version: 03.00.04.0000 - Wave Systems Corp) Hidden
Veriton ControlCenter (HKLM\...\{A78190D6-A513-4C5D-BC20-CFE14F1CD5E3}) (Version: 1.00.3004 - Acer Incorporated)
Vuze Remote Toolbar v9.4 (HKLM\...\{3396EEB1-E3EA-4805-944B-30A68CC3F363}) (Version: 9.4 - Spigot, Inc.) <==== ATTENTION
Wave Infrastructure Installer (Version: 07.01.30.0031 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.10.00.088 - Wave Systems Corp) Hidden
Welcome Center (HKLM\...\Acer Welcome Center) (Version: 1.01.3002 - Acer Incorporated)
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (05/13/2009 8.4.2.0) (HKLM\...\D3F88C3864C8C031A7C5D5E63A76571EC1B047DF) (Version: 05/13/2009 8.4.2.0 - AuthenTec Inc.)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\James\AppData\Roaming\Dropbox\bin\DropboxExt.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\James\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:04 - 2012-08-07 19:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0426D789-0514-47E5-905F-8B581189F519} - System32\Tasks\{44E437B8-D237-4DEF-B0F4-07D58F9BF80B} => C:\Users\James\Downloads\H3-tRoE1.2to1.4.exe
Task: {0D5B4AC3-7A7A-466A-AC96-BE9C330C0992} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {13E8D151-353A-4F77-89D9-3DC9499E1831} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)
Task: {3910BC9C-C4C6-41C9-91C4-5D6A4400B0CC} - System32\Tasks\T2-GmTaskPlan => C:\Program Files\T2GamingMouse\GamingMouse.exe [2013-12-31] ()
Task: {7F9C4AA6-C0BC-472F-9C59-8F6BA0EF646F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000UA => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {9FFDA7D6-8C49-4400-A915-94B7DF37B1E4} - System32\Tasks\3f115fe0 => C:\Users\James\AppData\Local\Temp\\setup1058103264.exe <==== ATTENTION
Task: {D1C2A62B-D148-445E-A57F-42E6C0BBEC25} - System32\Tasks\{103253B4-EB52-4460-B3E3-44DD49C5CE14} => pcalua.exe -a C:\Users\James\Downloads\H3-tRoE1.2to1.4.exe -d C:\Users\James\Downloads
Task: {DD1EE23B-66E8-443B-B7F3-636BA764803B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000Core => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {E0DD9123-2164-487B-B3DB-60ED96BD0260} - System32\Tasks\{BC5558B0-FCDB-4DAF-8F51-9D87E403CADF} => pcalua.exe -a C:\Users\James\Downloads\mflpro\Setup440CN\Eng\Setup.exe -d C:\Users\James\Downloads\mflpro\Setup440CN\Eng
Task: {E3BB6807-439A-455E-AE28-5049DF5A9FAE} - System32\Tasks\{EBA9181D-8B2B-4EAB-B19B-AAEF9ED8F75B} => pcalua.exe -a C:\Users\James\Desktop\h310to14.exe -d C:\Users\James\Desktop
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000Core.job => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2517414903-4262703431-2207850217-1000UA.job => C:\Users\James\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-07-06 06:18 - 2009-02-17 20:01 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
2010-07-06 06:18 - 2010-07-06 06:18 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.5000.0__14bcaafdb44b5951\Framework.Model.Controller.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00020480 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.5000.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.5000.0__3036420f80dd6947\Framework.Library.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00028672 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.5000.0__672b450de5a7e94a\Framework.Host.dll
2010-07-06 06:18 - 2010-07-06 06:18 - 00016384 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.5000.0__9ecdf03bb2054f94\Framework.PluginInterface.dll
2010-07-06 06:22 - 2010-02-01 17:53 - 00021848 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll
2010-07-06 06:22 - 2010-02-01 17:54 - 00021840 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll
2010-07-06 06:22 - 2010-02-01 17:52 - 00144736 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll
2010-07-06 06:22 - 2010-02-01 17:54 - 00042352 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll
2009-11-17 18:16 - 2009-11-17 18:16 - 00465576 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2009-11-17 18:12 - 2009-11-17 18:12 - 01081600 _____ () C:\Program Files\NewTech Infosystems\Acer Backup Manager\ACE.dll
2010-04-15 23:33 - 2010-04-15 23:33 - 00249856 ____H () C:\Windows\system32\wxvault.dll
2013-03-12 17:10 - 2015-04-16 13:40 - 00776192 _____ () C:\Program Files\Steam\SDL2.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 04962816 _____ () C:\Program Files\Steam\v8.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 01556992 _____ () C:\Program Files\Steam\icui18n.dll
2015-01-19 18:19 - 2015-04-22 22:16 - 01187840 _____ () C:\Program Files\Steam\icuuc.dll
2014-05-28 22:01 - 2015-06-04 14:56 - 02407104 _____ () C:\Program Files\Steam\video.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files\Steam\libavcodec-56.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files\Steam\libavutil-54.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files\Steam\libavformat-56.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files\Steam\libavresample-2.dll
2014-08-29 00:14 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files\Steam\libswscale-3.dll
2011-12-29 23:50 - 2015-06-04 14:56 - 00703168 _____ () C:\Program Files\Steam\bin\chromehtml.DLL
2011-12-29 23:50 - 2015-05-11 15:01 - 36302728 _____ () C:\Program Files\Steam\bin\libcef.dll
2013-04-07 07:38 - 2013-04-07 07:38 - 01044224 _____ () C:\Program Files\NETGEAR Genie\bin\NETGEARGenie.exe
2013-02-19 02:46 - 2013-02-19 02:46 - 00011362 _____ () C:\Program Files\NETGEAR Genie\bin\mingwm10.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00043008 _____ () C:\Program Files\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 02537472 _____ () C:\Program Files\NETGEAR Genie\bin\QtCore4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 09814016 _____ () C:\Program Files\NETGEAR Genie\bin\QtGui4.dll
2013-06-04 21:22 - 2013-06-04 21:22 - 00481280 _____ () C:\Program Files\NETGEAR Genie\bin\Genie.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 01553920 _____ () C:\Program Files\NETGEAR Genie\bin\SvtNetworkTool.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 01140224 _____ () C:\Program Files\NETGEAR Genie\bin\QtNetwork4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00399360 _____ () C:\Program Files\NETGEAR Genie\bin\QtXml4.dll
2013-05-09 23:12 - 2013-05-09 23:12 - 00229888 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2013-03-27 04:43 - 2013-03-27 04:43 - 01067520 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2013-05-28 02:21 - 2013-05-28 02:21 - 04334592 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Map.dll
2013-03-27 04:52 - 2013-03-27 04:52 - 00500736 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2013-03-27 04:50 - 2013-03-27 04:50 - 00186368 _____ () C:\Program Files\NETGEAR Genie\bin\DragonNetTool.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 01198080 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2013-05-14 22:56 - 2013-05-14 22:56 - 08432128 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2013-04-28 02:25 - 2013-04-28 02:25 - 01205760 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 00088064 _____ () C:\Program Files\NETGEAR Genie\bin\QRCode.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 00641536 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2013-05-14 01:18 - 2013-05-14 01:18 - 00931840 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00438272 _____ () C:\Program Files\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qgif4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00083456 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qico4.dll
2013-02-19 02:46 - 2013-02-19 02:46 - 00287232 _____ () C:\Program Files\NETGEAR Genie\bin\imageformats\qjpeg4.dll
2013-03-27 04:42 - 2013-03-27 04:42 - 00137728 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnosePlugin.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00139264 _____ () C:\Program Files\NETGEAR Genie\bin\DiagnoseDll.dll
2012-11-29 05:56 - 2012-11-29 05:56 - 03332720 _____ () C:\Program Files\NETGEAR Genie\bin\drivers\libntgr_api.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00072192 _____ () C:\Program Files\NETGEAR Genie\bin\SVTUtils.DLL
2013-03-26 22:58 - 2013-03-26 22:58 - 00074752 _____ () C:\Program Files\NETGEAR Genie\bin\NetcardApi.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00136704 _____ () C:\Program Files\NETGEAR Genie\bin\airprintdll.dll
2013-03-27 04:51 - 2013-03-27 04:51 - 00714240 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_Update.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00485376 _____ () C:\Program Files\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2013-03-27 04:49 - 2013-03-27 04:49 - 00116224 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupApiPlugin.dll
2013-03-26 22:58 - 2013-03-26 22:58 - 00066560 _____ () C:\Program Files\NETGEAR Genie\bin\WSetupDll.dll
2013-04-07 07:42 - 2013-04-07 07:42 - 00123136 _____ () C:\Program Files\NETGEAR Genie\bin\genie2_tray.exe
2015-07-20 16:10 - 2015-07-20 16:10 - 00043008 _____ () c:\users\james\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpap5ebc.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-07-02 17:14 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-02 17:14 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\James\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-12-27 18:25 - 2013-12-31 18:51 - 00658944 _____ () C:\Program Files\T2GamingMouse\GamingMouse.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\James\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv Firewall Service is not running.
MpsSvc Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/20/2015 06:38:54 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:38:42 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (5252) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 21037056 (0x0000000001410000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:38:36 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:38:35 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (5488) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 21037056 (0x0000000001410000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:37:15 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:37:14 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (4500) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 25231360 (0x0000000001810000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:36:59 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:36:55 PM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (6040) Windows: An attempt to write to the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb" at offset 31522816 (0x0000000001e10000) for 1048576 (0x00100000) bytes failed after Windows0 seconds with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (07/20/2015 06:36:31 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <4, 0x8004117f, Failed to add project: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.
Error: (07/20/2015 06:36:30 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
Details:
0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f))
System errors:
=============
Error: (07/20/2015 06:38:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 10 time(s).
Error: (07/20/2015 06:38:54 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 9 time(s).
Error: (07/20/2015 06:38:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:37:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 8 time(s).
Error: (07/20/2015 06:37:15 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Error: (07/20/2015 06:37:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891
Error: (07/20/2015 06:37:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891
Error: (07/20/2015 06:36:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 7 time(s).
Error: (07/20/2015 06:36:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.
Microsoft Office:
=========================
CodeIntegrity Errors:
===================================
Date: 2012-07-31 01:08:42.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-07-30 23:57:46.317
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
Date: 2012-07-30 23:40:59.157
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Pentium® Dual-Core CPU E5700 @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 3037.24 MB
Available physical RAM: 1307.48 MB
Total Virtual: 6072.77 MB
Available Virtual: 4308.03 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:66.45 GB) (Free:0.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:66.5 GB) (Free:63.44 GB) NTFS
Drive e: (SC2-L100-D1) (CDROM) (Total:6.99 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0933A35E)
Partition 1: (Not Active) - (Size=16 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=66.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=66.5 GB) - (Type=07 NTFS)
==================== End of log ============================
#19
Posted 21 July 2015 - 04:52 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
Sorry I accidently posted the addition.
Here is the fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version: 20-07-2015
Ran by James at 2015-07-21 18:43:36 Run:1
Running from C:\Users\James\Desktop
Loaded Profiles: James (Available Profiles: James)
Boot Mode: Normal
==============================================
fixlist content:
*****************
GroupPolicyScripts: Group Policy detected <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7ACAW_enUS436
SearchScopes: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...1I7ACAW_enUS436
Toolbar: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
C:\Users\James\AppData\Local\temp\CABINET.DLL
C:\Users\James\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsrypj2.dll
C:\Users\James\AppData\Local\temp\EXPAND.EXE
C:\Users\James\AppData\Local\temp\PATCHER.EXE
CustomCLSID: HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\James\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
Task: {9FFDA7D6-8C49-4400-A915-94B7DF37B1E4} - System32\Tasks\3f115fe0 => C:\Users\James\AppData\Local\Temp\\setup1058103264.exe <==== ATTENTION
C:\Users\James\AppData\Local\Temp\\setup1058103264.exe
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
EmptyTemp:
*****************
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully.
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully.
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
C:\Users\James\AppData\Local\temp\CABINET.DLL => moved successfully.
"C:\Users\James\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpsrypj2.dll" => File/Folder not found.
C:\Users\James\AppData\Local\temp\EXPAND.EXE => moved successfully.
C:\Users\James\AppData\Local\temp\PATCHER.EXE => moved successfully.
"HKU\S-1-5-21-2517414903-4262703431-2207850217-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FFDA7D6-8C49-4400-A915-94B7DF37B1E4}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FFDA7D6-8C49-4400-A915-94B7DF37B1E4}" => key removed successfully.
C:\Windows\System32\Tasks\3f115fe0 => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\3f115fe0" => key removed successfully.
"C:\Users\James\AppData\Local\Temp\\setup1058103264.exe" => File/Folder not found.
"HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\Software\Classes\exefile" => key removed successfully.
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========
The operation completed successfully.
========= End of Reg: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-2517414903-4262703431-2207850217-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
========= End of RemoveProxy: =========
========= bitsadmin /reset /allusers =========
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
Unable to connect to BITS - 0x80070424
The specified service does not exist as an installed service.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
EmptyTemp: => 424.1 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 18:45:29 ====
#20
Posted 21 July 2015 - 06:38 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
That seem to work okay. 
Now
Please download Junkware Removal Tool to your desktop.
- Shut down your protection software to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
After that
Please download : ADWCleaner to your desktop (use the Download Now @ BleepingComputer button)..
NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.
Close all programs and click on the AdwCleaner icon. AdwCleaner will update itself and then open.
Click on Scan and follow the prompts. It may appear not to be doing anything, please be patient and let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.
A copy of the report is also saved in the C:\AdwCleaner folder.
When you return please post
- JRT.txt
- AdwCleaner log
#21
Posted 22 July 2015 - 03:57 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 7 Professional x86
Ran by James on Wed 07/22/2015 at 17:49:41.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files\application updater
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\partner
Successfully deleted: [Folder] C:\ProgramData\trymedia
~~~ Chrome
[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\James\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/22/2015 at 17:56:51.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#22
Posted 22 July 2015 - 04:17 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
# AdwCleaner v4.208 - Logfile created 22/07/2015 at 18:12:37
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x86)
# Username : James - JAMES-PC
# Running from : C:\Users\James\Desktop\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
[!] Folder Deleted : C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\ty45rzpa.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}.xpi
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\itms.js
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
***** [ Web browsers ] *****
-\\ Internet Explorer v8.0.7601.17514
-\\ Mozilla Firefox v38.0.5 (x86 en-US)
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [1632 bytes] - [22/07/2015 18:11:02]
AdwCleaner[S0].txt - [1577 bytes] - [22/07/2015 18:12:37]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1636 bytes] ##########
#23
Posted 22 July 2015 - 04:53 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello again panicpeace,
Drive c: (Acer) (Fixed) (Total:66.45 GB) (Free:0.01 GB) NTFS
You have less then 5% of your OS partition drive free. You are in danger of messing up the Master File Table of your computer. Could be part of your problem.
Under 15% free is less than optimum.
I suggest that, as soon as you can, uninstall any old programs and backup and remove any data (maybe to Drive D:) you don't need.
After that
Download Malwarebytes Anti-Rootkit to your desktop from here.
- Right-Click on the file that was downloaded and choose Run as administrator. Answer Yes if prompted to Allow.
- Click OK at the installer screen that comes up.
- The software will be extracted and will open.
- Click Next at the first screen.
- The Update Database screen will appear. Click the Update button.
- Once updated, click the Next button.
- On the Scan System screen, click the Scan button.
- Once, the Scan is finished click on the Cleanup button to remove any threats and reboot if prompted to do so. If no threats are found just close the programme.
- If threats were found, then after the reboot, re-run the programme to verify no threats remain. If threats are still detected, click the Cleanup button once more.
Whether threats were found or not there will be a folder named mbar on your desktop. Open this folder and you will find in the list that presents with a file named mbar-log-...txt and another named system log.txt. Please open the files one at a time and copy and paste the contents of each back here.
#24
Posted 22 July 2015 - 07:14 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
I could really use some suggestions on how to take things on C and put them on D.
#25
Posted 22 July 2015 - 07:53 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
If it's data you can just copy and paste them to the other drive. Then delete the ones on C: drive.
However if your C: drive is full with programs that you want to keep then the best option would be to change the partition sizes.
You could shrink the D: drive partition and increase the C: drive partition.
Careful though, they may not show like that in your Disk Management list. Make absolutely sure you are changing the correct drive partitions. You can usually tell by looking at the different sizes. You C: drive is showing in FRST as 66.45GB and D: drive as 66.5 GB. The C: drive has virtually no space left while D: has 63.44GB free. If you accidentally mess with the wrong ones you may end up not being able to boot up your machine or you may remove your factory reset option if you have one.
When you read the guide you will see that you can't expand to the left of the drive. You can only expand to the right of the drive you want to expand. It may be that in your case you won't be able to expand to the right even after shrinking the D: drive. In that case I would save everything you want to keep from D: drive on to an external drive of some sort. After that, delete D: drive partition and expand C: drive to fill the space. You can then copy the items you saved from the old D: drive back to the C: drive which will now have enough space to accept it.
Go here for information about how to manage partitions in Windows.
As I said above you should take extreme care when you do this. You can easily end up with an unbootable computer and/or, you might accidently delete your C: drive partition and end up without any of your programs. If you are unsure about anything seek professional help.
#26
Posted 22 July 2015 - 08:04 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 8.0.7601.17514
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 3184779264, free: 1741844480
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 8.0.7601.17514
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 3184779264, free: 1733931008
Downloaded database version: v2015.07.22.07
Downloaded database version: v2015.07.22.01
Downloaded database version: v2015.07.20.01
Initializing...
======================
------------ Kernel report ------------
07/22/2015 21:39:29
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\eLock2BurnerLockDriver.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vpcnfltr.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\vpcvmm.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\vpcusb.sys
\SystemRoot\system32\DRIVERS\usbrpm.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\vpchbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\WavxDMgr.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\eLock2FSCTLDriver.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\??\C:\Windows\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\urlmon.dll
\Windows\System32\imm32.dll
\Windows\System32\psapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\advapi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\wininet.dll
\Windows\System32\ole32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.07.22.07
rootkit: v2015.07.22.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86140a78, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff861406b8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86140a78, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85c8e918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85ca2030, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 933A35E
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 33554432
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 33556480 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 33761280 Numsec = 139358208
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 173119488 Numsec = 139458560
Disk Size: 160041885696 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-8CDABE5721FBEE1AEBA8C622C02A5C36FF547FC9.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-8CDABE5721FBEE1AEBA8C622C02A5C36FF547FC9.bin.VF" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-33556480-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
#27
Posted 22 July 2015 - 08:05 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 8.0.7601.17514
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 3184779264, free: 1741844480
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 8.0.7601.17514
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 3184779264, free: 1733931008
Downloaded database version: v2015.07.22.07
Downloaded database version: v2015.07.22.01
Downloaded database version: v2015.07.20.01
Initializing...
======================
------------ Kernel report ------------
07/22/2015 21:39:29
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\eLock2BurnerLockDriver.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vpcnfltr.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\vpcvmm.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\b57nd60x.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\??\C:\Windows\system32\drivers\UBHelper.sys
\??\C:\Windows\system32\drivers\NTIDrvr.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\vpcusb.sys
\SystemRoot\system32\DRIVERS\usbrpm.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\vpchbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\udfs.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\WavxDMgr.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\eLock2FSCTLDriver.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\??\C:\Windows\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\urlmon.dll
\Windows\System32\imm32.dll
\Windows\System32\psapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\kernel32.dll
\Windows\System32\usp10.dll
\Windows\System32\advapi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\wininet.dll
\Windows\System32\ole32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.07.22.07
rootkit: v2015.07.22.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86140a78, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff861406b8, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86140a78, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff85c8e918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85ca2030, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 933A35E
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 33554432
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 33556480 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 33761280 Numsec = 139358208
Partition 3 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 173119488 Numsec = 139458560
Disk Size: 160041885696 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-8CDABE5721FBEE1AEBA8C622C02A5C36FF547FC9.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-8CDABE5721FBEE1AEBA8C622C02A5C36FF547FC9.bin.VF" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-33556480-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
#28
Posted 22 July 2015 - 08:15 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Those look okay.
Tell me how you get on with the space situation.
After that we will run an online anti-virus scan just to make sure we aren't missing anything before we go to clearing away the tools we have been using.
#29
Posted 25 July 2015 - 05:52 PM
- Topic Starter
-
- Member
-
- 69 posts
Member
Ok so I used your partition advice a little bit. I have freed up about half of my D drive. I am not sure what to do next to get that free memory inside my C drive.
Here is a picture of what I did.
#30
Posted 25 July 2015 - 08:22 PM
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello again panicpeace,
I am not the person to help you in detail about partitioning. You need technical advice rather than malware advice for this.
Open a topic in the Windows 7 forum here and explain what you are doing. Give a link to this topic for reference and include the picture link.
Come back and tell me how you get on.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
